Jump to content

Help: Url:mal infection/Avast Popups

masters2014
 Share

Recommended Posts

kevinf80

kevinf80

Posted
Posted

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin.....

Link to post
Share on other sites
masters2014

masters2014

Posted
  • Author
Posted

Thank you Kevin for responding to my thread. Here is the info you requested.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2014
Ran by AJ (administrator) on AJ-PC on 19-04-2014 17:26:22
Running from C:\Users\AJ\Desktop
Microsoft Windows 7 Ultimate  (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\aestsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\WordWeb\wweb32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-02-26] (IDT, Inc.)
HKLM\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [77064 2012-04-21] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-12] (AVAST Software)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-10-09] (RealNetworks, Inc.)
HKU\S-1-5-21-2043047715-3215379155-2624696720-1001\...\Run: [iDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search
SearchScopes: HKCU - DefaultScope {10BF2A51-2A73-471D-B0CC-0E248985651C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {10BF2A51-2A73-471D-B0CC-0E248985651C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CDelHotkeys Object - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll No File
BHO: IE Mix - {7A7C1997-170D-4371-80A8-E6FC7FB65079} - C:\Program Files\IELinky\IELinky.dll (César Nicolás Peña Núñez)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll (LastPass)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Delicious Toolbar - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Toolbar: HKCU - Delicious Toolbar - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\pdqyts1u.default-1397411059714
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\AJ\AppData\Roaming\mozilla\plugins\npMeetingJoinPluginAOCUser.dll ()
FF Extension: LastPass - C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\pdqyts1u.default-1397411059714\Extensions\support@lastpass.com [2014-04-19]
FF Extension: Adblock Plus - C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\pdqyts1u.default-1397411059714\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-30]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-10-31]
FF HKLM\...\Firefox\Extensions: [{A6629839-6636-4998-95D6-2B0F52141861}] - C:\Program Files\Social Grammar Checker\Firefox
FF HKLM\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\WordWeb\\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\\WCaptureMoz [2011-12-31]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-04]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-09]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5 [2014-04-07]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5 [2014-04-07]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 dkab_device; C:\Windows\system32\DKabcoms.exe [508824 2006-10-21] ( )
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe [229458 2010-02-26] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [96832 2007-10-28] (SlySoft, Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-12] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-04-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-12] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-13] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2010-09-21] ()
S3 catchme; \??\C:\Users\AJ\AppData\Local\Temp\catchme.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 17:26 - 2014-04-19 17:26 - 00017851 ____C () C:\Users\AJ\Desktop\FRST.txt
2014-04-19 17:26 - 2014-04-19 17:26 - 00000000 ___DC () C:\FRST
2014-04-19 17:25 - 2014-04-19 17:25 - 01043968 ____C (Farbar) C:\Users\AJ\Desktop\FRST.exe
2014-04-19 16:07 - 2014-04-19 16:07 - 00107736 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-04-19 16:06 - 2014-04-03 09:51 - 00073432 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-19 16:06 - 2014-04-03 09:51 - 00051416 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-19 16:06 - 2014-04-03 09:50 - 00023256 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-19 15:52 - 2014-04-19 15:59 - 00000000 ___DC () C:\AdwCleaner
2014-04-19 13:37 - 2014-04-19 13:37 - 00000000 ___SC () C:\Windows\system32\mvatl.agq
2014-04-19 13:15 - 2014-04-19 13:15 - 00018404 ____C () C:\ComboFix.txt
2014-04-19 11:36 - 2014-04-19 16:23 - 00000087 ____C () C:\Windows\system32\rmigfi.jqy
2014-04-19 11:36 - 2014-04-19 13:22 - 00000000 ___DC () C:\Qoobox
2014-04-19 11:36 - 2011-06-26 01:45 - 00256000 ____C () C:\Windows\PEV.exe
2014-04-19 11:36 - 2010-11-07 12:20 - 00208896 ____C () C:\Windows\MBR.exe
2014-04-19 11:36 - 2009-04-19 23:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe
2014-04-19 11:36 - 2000-08-30 19:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe
2014-04-19 11:36 - 2000-08-30 19:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe
2014-04-19 11:36 - 2000-08-30 19:00 - 00098816 ____C () C:\Windows\sed.exe
2014-04-19 11:36 - 2000-08-30 19:00 - 00080412 ____C () C:\Windows\grep.exe
2014-04-19 11:36 - 2000-08-30 19:00 - 00068096 ____C () C:\Windows\zip.exe
2014-04-19 11:35 - 2014-04-19 17:22 - 00028672 ____C () C:\Windows\system32\reqgruf.qst
2014-04-19 11:35 - 2014-04-19 12:16 - 00000000 ___DC () C:\Windows\erdnt
2014-04-19 11:21 - 2014-04-19 11:21 - 00000000 ___DC () C:\Windows\ERUNT
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-19 11:05 - 2014-04-19 11:06 - 11239936 ____C (LastPass) C:\Users\AJ\Downloads\lastpass(1).exe
2014-04-16 19:46 - 2014-04-19 17:22 - 00000109 ____C () C:\Windows\system32\hsvar.fws
2014-04-16 19:46 - 2014-04-16 19:46 - 00000064 ____C () C:\Windows\system32\amhqk.byj
2014-04-16 19:30 - 2014-04-16 19:30 - 00246151 ___SC () C:\Windows\system32\mpmpi.gad
2014-04-14 15:29 - 2014-04-19 15:37 - 00001494 ____C () C:\Windows\PFRO.log
2014-04-13 20:11 - 2014-04-19 16:00 - 00000392 ____C () C:\Windows\setupact.log
2014-04-13 20:11 - 2014-04-13 20:11 - 00000000 ____C () C:\Windows\setuperr.log
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service
2014-04-13 15:02 - 2014-04-13 15:02 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2014-04-13 10:58 - 2014-04-13 10:58 - 00000000 ___DC () C:\Windows\pss
2014-04-13 10:34 - 2014-04-13 10:34 - 00000093 ____C () C:\Users\Red\AppData\Roaming\ARCompanion.log
2014-04-13 10:32 - 2014-04-13 10:35 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Delicious IE Extension
2014-04-13 10:32 - 2014-04-13 10:32 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\RealNetworks
2014-04-13 10:31 - 2014-04-13 10:31 - 00116456 ____C () C:\Users\Red\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Seagate
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\ICAClient
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\AVAST Software
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Adobe
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Local\Adobe
2014-04-13 10:30 - 2014-04-13 10:32 - 00000000 ___DC () C:\Users\Red\AppData\Local\Citrix
2014-04-13 10:30 - 2014-04-13 10:30 - 00001417 ____C () C:\Users\Red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-13 10:30 - 2014-04-13 10:30 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Real
2014-04-13 10:30 - 2014-04-13 10:30 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Apple Computer
2014-04-13 10:29 - 2014-04-13 10:30 - 00000000 ___DC () C:\Users\Red
2014-04-13 10:29 - 2014-04-13 10:29 - 00000020 __SHC () C:\Users\Red\ntuser.ini
2014-04-13 10:29 - 2010-08-01 17:16 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Macromedia
2014-04-13 10:29 - 2009-07-13 23:42 - 00000000 __RDC () C:\Users\Red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-13 10:29 - 2009-07-13 23:37 - 00000000 __RDC () C:\Users\Red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-13 00:18 - 2014-04-13 00:19 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-13 00:18 - 2014-04-13 00:19 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-13 00:16 - 2014-04-13 00:17 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-04-12 23:28 - 2014-04-12 23:29 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-12 23:28 - 2014-04-12 23:29 - 00019312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-12 23:28 - 2014-04-12 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-12 23:28 - 2014-04-12 23:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 23:28 - 2014-04-12 23:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 23:28 - 2014-04-12 23:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-12 23:28 - 2014-04-12 23:28 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-12 23:28 - 2014-04-12 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-12 23:20 - 2014-04-12 23:24 - 00000000 ___DC () C:\Windows\system32\MRT
2014-04-12 23:19 - 2014-03-31 03:51 - 88028728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-12 23:10 - 2014-04-12 23:25 - 00768512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-12 23:10 - 2012-09-06 11:48 - 00245616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-12 23:09 - 2014-04-13 00:18 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-12 23:09 - 2014-04-13 00:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-12 23:09 - 2014-04-13 00:18 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-12 23:09 - 2014-04-12 23:55 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-12 23:09 - 2014-04-12 23:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-12 23:09 - 2014-04-12 23:55 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-12 23:09 - 2014-04-12 23:47 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 23:09 - 2014-04-12 23:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-12 23:09 - 2014-04-12 23:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-12 23:08 - 2014-04-13 00:16 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-12 23:08 - 2014-04-12 23:57 - 02614272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-12 23:08 - 2014-04-12 23:57 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-12 23:08 - 2014-04-12 23:45 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-12 23:08 - 2014-04-12 23:44 - 01320960 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-04-12 23:08 - 2014-04-12 23:44 - 00507568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-12 23:08 - 2014-04-12 23:44 - 00442920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-12 23:08 - 2014-04-12 23:38 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-12 23:08 - 2014-04-12 23:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-12 23:08 - 2014-04-12 23:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-12 23:08 - 2014-04-12 23:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-12 23:08 - 2014-04-12 23:16 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-12 23:07 - 2014-04-13 00:25 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 03958120 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 03902312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-12 23:07 - 2014-04-12 23:54 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-12 23:06 - 2014-04-13 00:18 - 01210728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-12 23:06 - 2014-04-13 00:15 - 01288984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-12 23:06 - 2014-04-13 00:14 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-12 23:06 - 2014-04-12 23:53 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-12 23:06 - 2014-04-12 23:53 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-12 23:06 - 2014-04-12 23:50 - 00369336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-12 23:06 - 2014-04-12 23:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-12 23:06 - 2014-04-12 23:50 - 00134000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-12 23:06 - 2014-04-12 23:50 - 00067440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-12 23:06 - 2014-04-12 23:48 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-12 23:06 - 2014-04-12 23:42 - 01287528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 23:06 - 2014-04-12 23:42 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-04-12 23:06 - 2014-04-12 23:42 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-04-12 23:06 - 2014-04-12 23:42 - 00187240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-12 23:06 - 2014-04-12 23:41 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-12 23:06 - 2014-04-12 23:41 - 11406848 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-12 23:06 - 2014-04-12 23:36 - 00826368 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-12 23:06 - 2014-04-12 23:36 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-12 23:06 - 2014-04-12 23:35 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-12 23:06 - 2014-04-12 23:35 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-12 23:06 - 2014-04-12 23:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-12 23:06 - 2014-04-12 23:34 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-12 23:06 - 2014-04-12 23:34 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-12 23:06 - 2014-04-12 23:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 01170944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 00739840 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-12 23:06 - 2014-04-12 23:16 - 12868608 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 23:05 - 2014-04-13 00:20 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-12 23:05 - 2014-04-13 00:17 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-12 23:05 - 2014-04-13 00:15 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-12 23:05 - 2014-04-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-12 23:05 - 2014-04-13 00:09 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-12 23:05 - 2014-04-13 00:07 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-12 23:05 - 2014-04-13 00:04 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-12 23:05 - 2014-04-13 00:04 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-12 23:05 - 2014-04-13 00:04 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-12 23:05 - 2014-04-12 23:56 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-12 23:05 - 2014-04-12 23:55 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-12 23:05 - 2014-04-12 23:55 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-12 23:05 - 2014-04-12 23:55 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-12 23:05 - 2014-04-12 23:55 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-12 23:05 - 2014-04-12 23:55 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-12 23:05 - 2014-04-12 23:53 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-12 23:05 - 2014-04-12 23:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-04-12 23:05 - 2014-04-12 23:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-12 23:05 - 2014-04-12 23:49 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-12 23:05 - 2014-04-12 23:49 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-12 23:05 - 2014-04-12 23:49 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-12 23:05 - 2014-04-12 23:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-12 23:05 - 2014-04-12 23:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-04-12 23:05 - 2014-04-12 23:34 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-12 23:05 - 2014-04-12 23:29 - 01034240 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-12 23:05 - 2014-04-12 23:26 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-12 23:05 - 2014-04-12 23:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-12 23:05 - 2014-04-12 23:25 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-12 23:05 - 2014-04-12 23:24 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-12 23:05 - 2014-04-12 23:16 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-12 23:05 - 2014-04-12 23:16 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-12 23:04 - 2014-04-12 23:57 - 00197632 _____ (Intel® Corporation) C:\Windows\system32\ir32_32.dll
2014-04-12 23:04 - 2014-04-12 23:57 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-04-12 23:04 - 2014-04-12 23:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-04-12 23:04 - 2014-04-12 23:49 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-12 23:04 - 2014-04-12 23:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-12 23:04 - 2014-04-12 23:46 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 23:04 - 2014-04-12 23:45 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-12 23:04 - 2014-04-12 23:43 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-12 23:04 - 2014-04-12 23:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-04-12 23:04 - 2014-04-12 23:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-12 23:04 - 2014-04-12 23:26 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-12 23:04 - 2014-04-12 23:26 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-12 23:04 - 2014-04-12 23:25 - 00056688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-12 23:04 - 2014-04-12 23:24 - 00101760 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-12 23:04 - 2014-04-12 23:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-04-12 23:04 - 2014-04-12 23:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-12 23:04 - 2014-04-12 23:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-12 22:39 - 2014-04-12 23:11 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-12 22:31 - 2014-04-13 00:21 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-12 22:31 - 2014-04-13 00:21 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-12 22:31 - 2014-04-13 00:21 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-12 22:31 - 2014-04-12 22:31 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-12 22:30 - 2014-04-12 22:32 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-12 22:30 - 2014-04-12 22:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-12 18:46 - 2014-04-12 18:46 - 01615593 ____C () C:\Users\Guest\Desktop\Memoirs_Book Proposal.zip
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\ICAClient
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-04-12 18:30 - 2014-04-13 10:32 - 00000000 ___DC () C:\Users\Guest\AppData\Local\Citrix
2014-04-12 15:06 - 2014-04-12 15:06 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\AVAST Software
2014-04-12 14:52 - 2014-04-12 14:52 - 00067264 ____C (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-12 14:52 - 2014-04-12 14:52 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-04-06 16:30 - 2014-04-06 16:30 - 00014348 ____C () C:\Users\AJ\.recently-used.xbel
2014-04-04 22:34 - 2014-04-04 22:34 - 00294910 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.mobi
2014-04-04 22:31 - 2014-04-04 22:31 - 00143325 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.epub
2014-04-04 20:57 - 2014-04-04 20:57 - 00125397 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_15pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00126956 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00105417 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.lrf
2014-04-04 20:00 - 2014-04-04 20:00 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Adobe_Systems_Incorporate
2014-04-04 19:57 - 2014-04-04 22:44 - 00000000 ___DC () C:\Users\AJ\Documents\My Digital Editions
2014-04-03 08:43 - 2013-11-27 19:24 - 00108000 ____C (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2014-03-29 17:52 - 2014-03-29 17:52 - 00199046 ____C () C:\Users\AJ\Downloads\BookCover6x9_BW_30.zip
2014-03-28 21:09 - 2014-03-28 21:09 - 00004096 ___HC () C:\Users\AJ\AppData\Local\keyfile3.drm
2014-03-27 10:29 - 2014-03-27 10:29 - 00000132 ____C () C:\Users\AJ\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-03-27 00:42 - 2014-03-27 00:42 - 00081564 ____C () C:\Users\AJ\Downloads\TP010385385.cab
2014-03-24 23:04 - 2014-03-24 23:04 - 00000000 ___DC () C:\mnt

==================== One Month Modified Files and Folders =======

2014-04-19 17:26 - 2014-04-19 17:26 - 00017851 ____C () C:\Users\AJ\Desktop\FRST.txt
2014-04-19 17:26 - 2014-04-19 17:26 - 00000000 ___DC () C:\FRST
2014-04-19 17:25 - 2014-04-19 17:25 - 01043968 ____C (Farbar) C:\Users\AJ\Desktop\FRST.exe
2014-04-19 17:22 - 2014-04-19 11:35 - 00028672 ____C () C:\Windows\system32\reqgruf.qst
2014-04-19 17:22 - 2014-04-16 19:46 - 00000109 ____C () C:\Windows\system32\hsvar.fws
2014-04-19 17:11 - 2010-08-01 17:08 - 00000000 ___DC () C:\Work
2014-04-19 17:01 - 2011-09-05 16:57 - 00000878 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 16:49 - 2011-08-22 08:21 - 00000000 ___DC () C:\Program Files\LastPass
2014-04-19 16:48 - 2010-08-28 22:27 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Apps\2.0
2014-04-19 16:38 - 2013-12-29 13:02 - 00000000 __RDC () C:\Users\AJ\Google Drive
2014-04-19 16:23 - 2014-04-19 11:36 - 00000087 ____C () C:\Windows\system32\rmigfi.jqy
2014-04-19 16:22 - 2010-08-01 16:04 - 01801977 ____C () C:\Windows\WindowsUpdate.log
2014-04-19 16:07 - 2014-04-19 16:07 - 00107736 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-04-19 16:06 - 2009-07-13 23:34 - 00014016 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 16:06 - 2009-07-13 23:34 - 00014016 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 16:01 - 2011-09-05 16:57 - 00000874 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-19 16:01 - 2009-07-13 23:53 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-04-19 16:00 - 2014-04-13 20:11 - 00000392 ____C () C:\Windows\setupact.log
2014-04-19 15:59 - 2014-04-19 15:52 - 00000000 ___DC () C:\AdwCleaner
2014-04-19 15:39 - 2013-07-30 01:04 - 00000000 __RDC () C:\Program Files\Skype
2014-04-19 15:37 - 2014-04-14 15:29 - 00001494 ____C () C:\Windows\PFRO.log
2014-04-19 15:36 - 2010-08-01 17:02 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\DMCache
2014-04-19 14:46 - 2014-03-04 21:57 - 00000000 ___DC () C:\Program Files\Amazon
2014-04-19 13:37 - 2014-04-19 13:37 - 00000000 ___SC () C:\Windows\system32\mvatl.agq
2014-04-19 13:22 - 2014-04-19 11:36 - 00000000 ___DC () C:\Qoobox
2014-04-19 13:15 - 2014-04-19 13:15 - 00018404 ____C () C:\ComboFix.txt
2014-04-19 13:11 - 2009-07-13 21:04 - 00000215 ____C () C:\Windows\system.ini
2014-04-19 12:25 - 2009-07-13 21:37 - 00000000 _RHDC () C:\Users\Default
2014-04-19 12:18 - 2009-07-13 21:37 - 00000000 __RDC () C:\Users\Public
2014-04-19 12:16 - 2014-04-19 11:35 - 00000000 ___DC () C:\Windows\erdnt
2014-04-19 12:06 - 2010-08-01 16:06 - 00000000 ___DC () C:\Users\AJ
2014-04-19 11:21 - 2014-04-19 11:21 - 00000000 ___DC () C:\Windows\ERUNT
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-19 11:09 - 2011-11-07 23:19 - 09925160 ____C (LastPass) C:\Program Files\Common Files\lpuninstall.exe
2014-04-19 11:06 - 2014-04-19 11:05 - 11239936 ____C (LastPass) C:\Users\AJ\Downloads\lastpass(1).exe
2014-04-18 23:19 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-04-18 21:41 - 2011-11-18 05:04 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\vlc
2014-04-17 16:36 - 2011-09-13 16:56 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\IDM
2014-04-16 19:46 - 2014-04-16 19:46 - 00000064 ____C () C:\Windows\system32\amhqk.byj
2014-04-16 19:30 - 2014-04-16 19:30 - 00246151 ___SC () C:\Windows\system32\mpmpi.gad
2014-04-15 17:41 - 2009-07-13 21:37 - 00000000 ___DC () C:\Windows\Microsoft.NET
2014-04-13 23:45 - 2011-09-05 16:56 - 00000000 ___DC () C:\Program Files\Google
2014-04-13 21:00 - 2009-07-13 21:37 - 00000000 ___DC () C:\Windows\system32\LogFiles
2014-04-13 20:11 - 2014-04-13 20:11 - 00000000 ____C () C:\Windows\setuperr.log
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service
2014-04-13 15:02 - 2014-04-13 15:02 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2014-04-13 12:28 - 2011-01-05 17:23 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Google
2014-04-13 10:58 - 2014-04-13 10:58 - 00000000 ___DC () C:\Windows\pss
2014-04-13 10:35 - 2014-04-13 10:32 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Delicious IE Extension
2014-04-13 10:35 - 2013-01-22 12:53 - 00000000 ___DC () C:\ProgramData\Citrix
2014-04-13 10:35 - 2013-01-22 12:52 - 00000000 ___DC () C:\Program Files\Citrix
2014-04-13 10:34 - 2014-04-13 10:34 - 00000093 ____C () C:\Users\Red\AppData\Roaming\ARCompanion.log
2014-04-13 10:32 - 2014-04-13 10:32 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\RealNetworks
2014-04-13 10:32 - 2014-04-13 10:30 - 00000000 ___DC () C:\Users\Red\AppData\Local\Citrix
2014-04-13 10:32 - 2014-04-12 18:30 - 00000000 ___DC () C:\Users\Guest\AppData\Local\Citrix
2014-04-13 10:32 - 2013-01-22 12:52 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Citrix
2014-04-13 10:31 - 2014-04-13 10:31 - 00116456 ____C () C:\Users\Red\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Seagate
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\ICAClient
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\AVAST Software
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Adobe
2014-04-13 10:31 - 2014-04-13 10:31 - 00000000 ___DC () C:\Users\Red\AppData\Local\Adobe
2014-04-13 10:30 - 2014-04-13 10:30 - 00001417 ____C () C:\Users\Red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-13 10:30 - 2014-04-13 10:30 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Real
2014-04-13 10:30 - 2014-04-13 10:30 - 00000000 ___DC () C:\Users\Red\AppData\Roaming\Apple Computer
2014-04-13 10:30 - 2014-04-13 10:29 - 00000000 ___DC () C:\Users\Red
2014-04-13 10:29 - 2014-04-13 10:29 - 00000020 __SHC () C:\Users\Red\ntuser.ini
2014-04-13 00:25 - 2014-04-12 23:07 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-13 00:23 - 2009-07-13 23:33 - 03783064 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 00:21 - 2014-04-12 22:31 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-13 00:21 - 2014-04-12 22:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-13 00:21 - 2014-04-12 22:31 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-13 00:21 - 2009-07-14 02:50 - 00000000 ___DC () C:\Program Files\Windows Journal
2014-04-13 00:21 - 2009-07-13 21:37 - 00000000 ___DC () C:\Program Files\Common Files\System
2014-04-13 00:20 - 2014-04-12 23:05 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-13 00:19 - 2014-04-13 00:18 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-13 00:19 - 2014-04-13 00:18 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-13 00:18 - 2014-04-12 23:09 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-13 00:18 - 2014-04-12 23:09 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-13 00:18 - 2014-04-12 23:09 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-13 00:18 - 2014-04-12 23:06 - 01210728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-13 00:17 - 2014-04-13 00:16 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-04-13 00:17 - 2014-04-12 23:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-13 00:16 - 2014-04-12 23:08 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-13 00:15 - 2014-04-12 23:06 - 01288984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-13 00:15 - 2014-04-12 23:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-13 00:14 - 2014-04-12 23:06 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-13 00:14 - 2014-04-12 23:05 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-13 00:11 - 2010-08-01 16:10 - 00765238 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-04-13 00:09 - 2014-04-12 23:05 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-13 00:07 - 2014-04-12 23:05 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-13 00:04 - 2014-04-12 23:05 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-13 00:04 - 2014-04-12 23:05 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-13 00:04 - 2014-04-12 23:05 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 03958120 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 03902312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-12 23:57 - 2014-04-12 23:08 - 02614272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-12 23:57 - 2014-04-12 23:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-12 23:57 - 2014-04-12 23:04 - 00197632 _____ (Intel® Corporation) C:\Windows\system32\ir32_32.dll
2014-04-12 23:57 - 2014-04-12 23:04 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-04-12 23:56 - 2014-04-12 23:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-12 23:55 - 2014-04-12 23:09 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-12 23:55 - 2014-04-12 23:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-12 23:55 - 2014-04-12 23:09 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-12 23:55 - 2014-04-12 23:05 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-12 23:55 - 2014-04-12 23:05 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-12 23:55 - 2014-04-12 23:05 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-12 23:55 - 2014-04-12 23:05 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-12 23:55 - 2014-04-12 23:05 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-12 23:54 - 2014-04-12 23:07 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-12 23:53 - 2014-04-12 23:06 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-12 23:53 - 2014-04-12 23:06 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-12 23:53 - 2014-04-12 23:05 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-12 23:52 - 2014-04-12 23:05 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-04-12 23:51 - 2014-04-12 23:04 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-04-12 23:50 - 2014-04-12 23:06 - 00369336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-12 23:50 - 2014-04-12 23:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-12 23:50 - 2014-04-12 23:06 - 00134000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-12 23:50 - 2014-04-12 23:06 - 00067440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-12 23:50 - 2014-04-12 23:05 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-12 23:49 - 2014-04-12 23:05 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-12 23:49 - 2014-04-12 23:05 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-12 23:49 - 2014-04-12 23:05 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-12 23:49 - 2014-04-12 23:04 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-12 23:49 - 2014-04-12 23:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-12 23:48 - 2014-04-12 23:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-12 23:47 - 2014-04-12 23:09 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 23:47 - 2014-04-12 23:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-12 23:47 - 2014-04-12 23:09 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-12 23:46 - 2014-04-12 23:04 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 23:45 - 2014-04-12 23:08 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-12 23:45 - 2014-04-12 23:04 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-12 23:44 - 2014-04-12 23:08 - 01320960 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-04-12 23:44 - 2014-04-12 23:08 - 00507568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-12 23:44 - 2014-04-12 23:08 - 00442920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-12 23:43 - 2014-04-12 23:04 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-12 23:43 - 2014-04-12 23:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-04-12 23:42 - 2014-04-12 23:06 - 01287528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 23:42 - 2014-04-12 23:06 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-04-12 23:42 - 2014-04-12 23:06 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-04-12 23:42 - 2014-04-12 23:06 - 00187240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-12 23:41 - 2014-04-12 23:06 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-12 23:41 - 2014-04-12 23:06 - 11406848 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-12 23:41 - 2014-04-12 23:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-12 23:38 - 2014-04-12 23:08 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-12 23:38 - 2014-04-12 23:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-12 23:38 - 2014-04-12 23:05 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-12 23:36 - 2014-04-12 23:06 - 00826368 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-12 23:36 - 2014-04-12 23:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-12 23:36 - 2014-04-12 23:05 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-04-12 23:35 - 2014-04-12 23:06 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-12 23:35 - 2014-04-12 23:06 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-12 23:35 - 2014-04-12 23:06 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-12 23:34 - 2014-04-12 23:06 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-12 23:34 - 2014-04-12 23:06 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-12 23:34 - 2014-04-12 23:05 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-12 23:29 - 2014-04-12 23:28 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-12 23:29 - 2014-04-12 23:28 - 00019312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-12 23:29 - 2014-04-12 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-12 23:29 - 2014-04-12 23:05 - 01034240 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-12 23:28 - 2014-04-12 23:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 23:28 - 2014-04-12 23:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 23:28 - 2014-04-12 23:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-12 23:28 - 2014-04-12 23:28 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-12 23:28 - 2014-04-12 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-12 23:26 - 2014-04-12 23:08 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-12 23:26 - 2014-04-12 23:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-12 23:26 - 2014-04-12 23:08 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-12 23:26 - 2014-04-12 23:06 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-12 23:26 - 2014-04-12 23:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-12 23:26 - 2014-04-12 23:04 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-12 23:26 - 2014-04-12 23:04 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-12 23:25 - 2014-04-12 23:10 - 00768512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-12 23:25 - 2014-04-12 23:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-12 23:25 - 2014-04-12 23:05 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-12 23:25 - 2014-04-12 23:04 - 00056688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-12 23:24 - 2014-04-12 23:20 - 00000000 ___DC () C:\Windows\system32\MRT
2014-04-12 23:24 - 2014-04-12 23:05 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-12 23:24 - 2014-04-12 23:04 - 00101760 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-12 23:19 - 2014-04-12 23:06 - 01170944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 00739840 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-12 23:17 - 2014-04-12 23:04 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-04-12 23:16 - 2014-04-12 23:08 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-12 23:16 - 2014-04-12 23:06 - 12868608 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 23:16 - 2014-04-12 23:05 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-12 23:16 - 2014-04-12 23:05 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-12 23:16 - 2014-04-12 23:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-12 23:12 - 2014-04-12 23:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-12 23:11 - 2014-04-12 22:39 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-12 22:32 - 2014-04-12 22:30 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-12 22:32 - 2014-04-12 22:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-12 22:31 - 2014-04-12 22:31 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-12 22:31 - 2014-04-12 22:31 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-12 21:18 - 2010-12-26 01:07 - 00000000 ___DC () C:\Windows\Minidump
2014-04-12 18:46 - 2014-04-12 18:46 - 01615593 ____C () C:\Users\Guest\Desktop\Memoirs_Book Proposal.zip
2014-04-12 18:36 - 2011-11-01 17:30 - 00000000 ___DC () C:\Users\Guest\AppData\Local\Mozilla
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\ICAClient
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-04-12 18:31 - 2011-12-03 21:05 - 00116456 ____C () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 18:30 - 2011-11-01 17:27 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\Real
2014-04-12 15:06 - 2014-04-12 15:06 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\AVAST Software
2014-04-12 14:52 - 2014-04-12 14:52 - 00067264 ____C (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-12 14:52 - 2014-04-12 14:52 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-04-12 14:52 - 2013-10-09 15:24 - 00180760 ____C () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-12 14:52 - 2013-10-09 15:24 - 00049944 ____C () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-12 14:52 - 2012-02-26 02:49 - 00081768 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-12 14:52 - 2011-09-30 14:50 - 00411552 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-12 14:52 - 2011-09-30 14:49 - 00776976 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-12 14:52 - 2011-09-30 14:49 - 00271264 ____C (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-12 14:52 - 2011-09-30 14:49 - 00067824 ____C (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-12 14:46 - 2011-09-30 11:42 - 00000000 ___DC () C:\ProgramData\AVAST Software
2014-04-12 14:46 - 2009-07-13 21:04 - 00002577 ____C () C:\Windows\system32\config.nt
2014-04-07 15:15 - 2011-09-13 16:56 - 00000000 ___DC () C:\Program Files\Internet Download Manager
2014-04-06 16:38 - 2010-09-12 05:23 - 00000000 ___DC () C:\Users\AJ\.gimp-2.6
2014-04-06 16:30 - 2014-04-06 16:30 - 00014348 ____C () C:\Users\AJ\.recently-used.xbel
2014-04-06 16:30 - 2010-09-12 05:29 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\gtk-2.0
2014-04-04 22:44 - 2014-04-04 19:57 - 00000000 ___DC () C:\Users\AJ\Documents\My Digital Editions
2014-04-04 22:34 - 2014-04-04 22:34 - 00294910 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.mobi
2014-04-04 22:31 - 2014-04-04 22:31 - 00143325 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.epub
2014-04-04 20:57 - 2014-04-04 20:57 - 00125397 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_15pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00126956 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00105417 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.lrf
2014-04-04 20:00 - 2014-04-04 20:00 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Adobe_Systems_Incorporate
2014-04-04 19:57 - 2010-08-01 17:16 - 00000000 ___DC () C:\Program Files\Adobe
2014-04-03 16:59 - 2010-08-01 23:58 - 00143872 ____C () C:\Users\AJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 09:51 - 2014-04-19 16:06 - 00073432 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-19 16:06 - 00051416 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-19 16:06 - 00023256 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2010-08-01 16:36 - 00231584 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:51 - 2014-04-12 23:19 - 88028728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-29 17:52 - 2014-03-29 17:52 - 00199046 ____C () C:\Users\AJ\Downloads\BookCover6x9_BW_30.zip
2014-03-29 15:58 - 2014-03-04 20:17 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Amazon
2014-03-28 21:09 - 2014-03-28 21:09 - 00004096 ___HC () C:\Users\AJ\AppData\Local\keyfile3.drm
2014-03-27 10:29 - 2014-03-27 10:29 - 00000132 ____C () C:\Users\AJ\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-03-27 00:42 - 2014-03-27 00:42 - 00081564 ____C () C:\Users\AJ\Downloads\TP010385385.cab
2014-03-24 23:06 - 2014-03-04 20:41 - 00000000 ___DC () C:\Users\AJ\.kindle
2014-03-24 23:04 - 2014-03-24 23:04 - 00000000 ___DC () C:\mnt
2014-03-23 14:12 - 2009-07-13 23:53 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\AJ\AppData\Local\Temp\lastpass_3.1.2.exe
C:\Users\AJ\AppData\Local\Temp\MSN9144.exe
C:\Users\AJ\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0379392 ___AC (Microsoft Corporation) 05861926F7D6D79B98505DF9D21051B6

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 14:13

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites
masters2014

masters2014

Posted
  • Author
Posted

Farbar Recovery Scan Tool (x86) Version: 19-04-2014
Ran by AJ at 2014-04-19 17:48:07
Running from C:\Users\AJ\Desktop
Boot Mode: Normal

================== Search: "rpcss.dll" ===================

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) B82CD39E336973359D7C9BF911E8E84F

C:\Windows\System32\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0379392 ___AC (Microsoft Corporation) 05861926F7D6D79B98505DF9D21051B6

=== End Of Search ===

Search.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Run Malwarebytes:

 


On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

How to get logs:

(Export log to save as txt)

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt.

 

Let me see those logs, also give an update on any remaining issues or concerns...

 

Kevin.....

 

 

fixlist.txt

Link to post
Share on other sites
masters2014

masters2014

Posted
  • Author
Posted

Thank you so much for this help, Kevin. I believe my system is clean because I am not receiving that avast notice anymore. However, before I did the system reboots a .mpwd file kept appearing on my desktop even after I deleted it. I wasn't allowed to upload it to this forum but the file name was: lp.980a3e3512139cebd10b55ddc52f076ba83f28868ab256aa2cde70af42d0b090

 

It was a weird file and it hasn't appeared since the reboot but those are the only quirks I am noticing with my system. Other than that, everything seems fine. Let me know if there is anything else you would like me to do. Thanks again.

 

Masters

 

AdwCleanerS1.txt

Fixlog.txt

MBAM scan.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is ticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Next,

 

Re-run FRST and post a fresh log, let FRST update if requested....

 

Thanks,

 

Kevin

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Download this: http://download.bleepingcomputer.com/sUBs/CF_UNINST.EXE save to your Desktop, Right click and select Run as Administrator, accept UAC if applicable. That should remove Combofix remnants that may have caused issues for your system..

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 

 

  •  

       

  • Activate UAC

     

       

  • Remove disinfection tools

     

       

  • Purge System Restore

     

       

  • Reset system settings

     

     

 

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Next,

 

Download and install CCleaner from here:

 

http://www.piriform.com/ccleaner/builds'> http://www.piriform.com/ccleaner/builds Ensure to select Slim version. (No Toolbar)

 

  •  

     

  • Run the installer to install the application.

     

     

  • Run CCleaner. default settings are fine

     

     

  • Select > Cleaner > Run Cleaner > all temp files and caches will be deleted/emptied

     

     

  • Close CCleaner and Re-Boot your system

     

     

 

 

Is there any improvement with your system?

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Run this please and post the log:

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites
masters2014

masters2014

Posted
  • Author
Posted

 Results of screen317's Security Check version 0.99.82  
 Windows 7  x86 (UAC is enabled)  
 Out of date service pack!!
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner     
 JavaFX 2.1.1    
 Java 6 Update 31  
 Java 7 Update 51  
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
  Adobe Flash Player     10.3.183.86 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````  
 system32 AvastSvc.exe -?-   
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Ok we continue:

 

Go here http://www.adobe.com/shockwave/welcome/ and have Adobe Flashplayer checked. Accept new version if required.

There maybe an offer of Google Chrome etc, untick those options if offered...

 

Next,

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important

 

Next,

 

Download and install CCleaner from here:

 

http://www.piriform.com/ccleaner/builds'> http://www.piriform.com/ccleaner/builds Ensure to select Slim version. (No Toolbar)


Run the installer to install the application.
Run CCleaner. default settings are fine
Select > Cleaner > Run Cleaner > all temp files and caches will be deleted/emptied
Close CCleaner and Re-Boot your system

 

CCleaner Tutorial http://www.howtogeek.com/113382/how-to-use-ccleaner-like-a-pro-9-tips-tricks/

 

Next,

 

Go here: http://windows.microsoft.com/en-GB/windows/service-packs-download#sptabs=win7 follow the instructions to d/l and install Service Pack 1 (SP1)

 

Let me know if there has been any improvement after the above steps...

 

Kevin

Link to post
Share on other sites
masters2014

masters2014

Posted
  • Author
Posted

I feel absolutely bad about this, but the virus has returned and I have followed all of these steps repeatedly but the virus keeps popping back up. I am still getting the wmpd file on my desktop and the url:mal popups from avast. I believe we fixed it the first time then I revisited the site that gave me the virus, not knowing that was the site that gave me the virus, and now I have again. Only these steps aren't resolving the issue and I don't know what I am doing wrong.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin....

Link to post
Share on other sites
masters2014

masters2014

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2014
Ran by AJ (administrator) on AJ-PC on 25-04-2014 18:01:34
Running from C:\Users\AJ\Virus Protections
Microsoft Windows 7 Ultimate  (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\aestsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\WordWeb\wweb32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\update\realsched.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files\Internet Download Manager\idmBroker.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-02-26] (IDT, Inc.)
HKLM\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [77064 2012-04-21] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-12] (AVAST Software)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-10-09] (RealNetworks, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\a01feeca-6f94-4a1d-8078-631f6b33dec7.exe /check [181136 2014-04-25] (AVAST Software)
HKU\S-1-5-21-2043047715-3215379155-2624696720-1001\...\Run: [iDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3829328 2014-04-18] (Tonec Inc.)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {10BF2A51-2A73-471D-B0CC-0E248985651C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {10BF2A51-2A73-471D-B0CC-0E248985651C} URL = https://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78875F5C-A685-4405-8DC5-D48DC65452B0} -  No File
BHO: No Name - {7A7C1997-170D-4371-80A8-E6FC7FB65079} -  No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll (LastPass)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} -  No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Toolbar: HKCU - No Name - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\pdqyts1u.default-1397411059714
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\AJ\AppData\Roaming\mozilla\plugins\npMeetingJoinPluginAOCUser.dll ()
FF Extension: LastPass - C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\pdqyts1u.default-1397411059714\Extensions\support@lastpass.com [2014-04-23]
FF Extension: Adblock Plus - C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\pdqyts1u.default-1397411059714\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-30]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-10-31]
FF HKLM\...\Firefox\Extensions: [{A6629839-6636-4998-95D6-2B0F52141861}] - C:\Program Files\Social Grammar Checker\Firefox
FF HKLM\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\WordWeb\\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\\WCaptureMoz [2011-12-31]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-09]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5 [2014-04-07]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\AJ\AppData\Roaming\IDM\idmmzcc5 [2014-04-07]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 dkab_device; C:\Windows\system32\DKabcoms.exe [508824 2006-10-21] ( )
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe [229458 2010-02-26] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [96832 2007-10-28] (SlySoft, Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-12] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-04-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-12] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-13] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2010-09-21] ()
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 18:03 - 2014-04-25 18:03 - 00000365 ____C () C:\Users\AJ\Desktop\lp.980a3e3512139cebd10b55ddc52f076ba83f28868ab256aa2cde70af42d0b090.mpwd
2014-04-25 18:01 - 2014-04-25 18:01 - 00000000 ___DC () C:\FRST
2014-04-25 17:10 - 2014-04-25 17:35 - 00000830 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-25 17:07 - 2014-04-25 17:08 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-04-23 15:17 - 2014-04-23 18:54 - 00000224 ____C () C:\Windows\setupact.log
2014-04-23 15:17 - 2014-04-23 15:17 - 00001304 ____C () C:\Windows\PFRO.log
2014-04-23 15:17 - 2014-04-23 15:17 - 00000000 ____C () C:\Windows\setuperr.log
2014-04-23 14:31 - 2014-04-23 14:31 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-23 11:04 - 2014-04-23 11:04 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-04-23 11:04 - 2014-04-23 11:04 - 00000000 ___DC () C:\Program Files\Adblock Plus for IE
2014-04-23 10:08 - 2014-04-23 10:08 - 00000000 ___DC () C:\ProgramData\MGTEK
2014-04-21 15:53 - 2014-04-21 15:53 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Oracle
2014-04-21 15:53 - 2014-04-21 15:53 - 00000000 ___DC () C:\Program Files\Common Files\Java
2014-04-21 15:52 - 2014-04-21 15:52 - 00264616 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-21 15:52 - 2014-04-21 15:52 - 00175528 ____C (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-21 15:52 - 2014-04-21 15:52 - 00175016 ____C (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-21 15:52 - 2014-04-21 15:52 - 00094632 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-21 15:52 - 2014-04-21 15:52 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-21 15:43 - 2014-04-21 15:44 - 00004024 ____C () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-21 03:25 - 2013-11-27 19:24 - 00108000 ____C (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2014-04-20 18:50 - 2014-04-23 14:29 - 00000872 ____C () C:\DelFix.txt
2014-04-19 16:07 - 2014-04-23 09:55 - 00107736 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-04-19 16:06 - 2014-04-03 09:51 - 00073432 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-19 16:06 - 2014-04-03 09:51 - 00051416 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-19 16:06 - 2014-04-03 09:50 - 00023256 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-19 11:35 - 2014-04-20 18:48 - 00000000 ___DC () C:\Windows\erdnt
2014-04-19 11:21 - 2014-04-23 14:28 - 00000000 ___DC () C:\Windows\ERUNT
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-19 11:05 - 2014-04-19 11:06 - 11239936 ____C (LastPass) C:\Users\AJ\Downloads\lastpass(1).exe
2014-04-15 22:02 - 2014-04-15 22:02 - 00354656 ____C (DivX, Inc.) C:\Windows\system32\DivXControlPanelApplet.cpl
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service
2014-04-13 15:02 - 2014-04-21 15:48 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2014-04-13 10:58 - 2014-04-13 10:58 - 00000000 ___DC () C:\Windows\pss
2014-04-13 00:18 - 2014-04-13 00:19 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-13 00:18 - 2014-04-13 00:19 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-13 00:16 - 2014-04-13 00:17 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-04-12 23:28 - 2014-04-12 23:29 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-12 23:28 - 2014-04-12 23:29 - 00019312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-12 23:28 - 2014-04-12 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-12 23:28 - 2014-04-12 23:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 23:28 - 2014-04-12 23:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 23:28 - 2014-04-12 23:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-12 23:28 - 2014-04-12 23:28 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-12 23:28 - 2014-04-12 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-12 23:20 - 2014-04-12 23:24 - 00000000 ___DC () C:\Windows\system32\MRT
2014-04-12 23:19 - 2014-03-31 03:51 - 88028728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-12 23:10 - 2014-04-12 23:25 - 00768512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-12 23:10 - 2012-09-06 11:48 - 00245616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-12 23:09 - 2014-04-13 00:18 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-12 23:09 - 2014-04-13 00:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-12 23:09 - 2014-04-13 00:18 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-12 23:09 - 2014-04-12 23:55 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-12 23:09 - 2014-04-12 23:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-12 23:09 - 2014-04-12 23:55 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-12 23:09 - 2014-04-12 23:47 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 23:09 - 2014-04-12 23:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-12 23:09 - 2014-04-12 23:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-12 23:08 - 2014-04-13 00:16 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-12 23:08 - 2014-04-12 23:57 - 02614272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-12 23:08 - 2014-04-12 23:57 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-12 23:08 - 2014-04-12 23:45 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-12 23:08 - 2014-04-12 23:44 - 01320960 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-04-12 23:08 - 2014-04-12 23:44 - 00507568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-12 23:08 - 2014-04-12 23:44 - 00442920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-12 23:08 - 2014-04-12 23:38 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-12 23:08 - 2014-04-12 23:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-12 23:08 - 2014-04-12 23:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-12 23:08 - 2014-04-12 23:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-12 23:08 - 2014-04-12 23:16 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-12 23:07 - 2014-04-13 00:25 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 03958120 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 03902312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-12 23:07 - 2014-04-12 23:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-12 23:07 - 2014-04-12 23:54 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-12 23:06 - 2014-04-13 00:18 - 01210728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-12 23:06 - 2014-04-13 00:15 - 01288984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-12 23:06 - 2014-04-13 00:14 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-12 23:06 - 2014-04-12 23:53 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-12 23:06 - 2014-04-12 23:53 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-12 23:06 - 2014-04-12 23:53 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-12 23:06 - 2014-04-12 23:50 - 00369336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-12 23:06 - 2014-04-12 23:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-12 23:06 - 2014-04-12 23:50 - 00134000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-12 23:06 - 2014-04-12 23:50 - 00067440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-12 23:06 - 2014-04-12 23:48 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-12 23:06 - 2014-04-12 23:42 - 01287528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 23:06 - 2014-04-12 23:42 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-04-12 23:06 - 2014-04-12 23:42 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-04-12 23:06 - 2014-04-12 23:42 - 00187240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-12 23:06 - 2014-04-12 23:41 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-12 23:06 - 2014-04-12 23:41 - 11406848 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-12 23:06 - 2014-04-12 23:36 - 00826368 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-12 23:06 - 2014-04-12 23:36 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-12 23:06 - 2014-04-12 23:35 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-12 23:06 - 2014-04-12 23:35 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-12 23:06 - 2014-04-12 23:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-12 23:06 - 2014-04-12 23:34 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-12 23:06 - 2014-04-12 23:34 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-12 23:06 - 2014-04-12 23:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-12 23:06 - 2014-04-12 23:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 01170944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 00739840 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-12 23:06 - 2014-04-12 23:19 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-12 23:06 - 2014-04-12 23:16 - 12868608 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 23:05 - 2014-04-13 00:20 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-12 23:05 - 2014-04-13 00:17 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-12 23:05 - 2014-04-13 00:15 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-12 23:05 - 2014-04-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-12 23:05 - 2014-04-13 00:09 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-12 23:05 - 2014-04-13 00:07 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-12 23:05 - 2014-04-13 00:04 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-12 23:05 - 2014-04-13 00:04 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-12 23:05 - 2014-04-13 00:04 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-12 23:05 - 2014-04-12 23:56 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-12 23:05 - 2014-04-12 23:55 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-12 23:05 - 2014-04-12 23:55 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-12 23:05 - 2014-04-12 23:55 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-12 23:05 - 2014-04-12 23:55 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-12 23:05 - 2014-04-12 23:55 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-12 23:05 - 2014-04-12 23:53 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-12 23:05 - 2014-04-12 23:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-04-12 23:05 - 2014-04-12 23:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-12 23:05 - 2014-04-12 23:49 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-12 23:05 - 2014-04-12 23:49 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-12 23:05 - 2014-04-12 23:49 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-12 23:05 - 2014-04-12 23:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-12 23:05 - 2014-04-12 23:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-12 23:05 - 2014-04-12 23:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-04-12 23:05 - 2014-04-12 23:36 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-04-12 23:05 - 2014-04-12 23:34 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-12 23:05 - 2014-04-12 23:29 - 01034240 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-12 23:05 - 2014-04-12 23:26 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-12 23:05 - 2014-04-12 23:26 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-12 23:05 - 2014-04-12 23:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-12 23:05 - 2014-04-12 23:25 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-12 23:05 - 2014-04-12 23:24 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-12 23:05 - 2014-04-12 23:16 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-12 23:05 - 2014-04-12 23:16 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-12 23:04 - 2014-04-12 23:57 - 00197632 _____ (Intel® Corporation) C:\Windows\system32\ir32_32.dll
2014-04-12 23:04 - 2014-04-12 23:57 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-04-12 23:04 - 2014-04-12 23:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-04-12 23:04 - 2014-04-12 23:49 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-12 23:04 - 2014-04-12 23:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-12 23:04 - 2014-04-12 23:46 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 23:04 - 2014-04-12 23:45 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-12 23:04 - 2014-04-12 23:43 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-12 23:04 - 2014-04-12 23:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-04-12 23:04 - 2014-04-12 23:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-12 23:04 - 2014-04-12 23:26 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-12 23:04 - 2014-04-12 23:26 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-12 23:04 - 2014-04-12 23:25 - 00056688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-12 23:04 - 2014-04-12 23:24 - 00101760 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-12 23:04 - 2014-04-12 23:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-04-12 23:04 - 2014-04-12 23:16 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-12 23:04 - 2014-04-12 23:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-12 22:39 - 2014-04-12 23:11 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-12 22:39 - 2014-04-12 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-12 22:31 - 2014-04-13 00:21 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-12 22:31 - 2014-04-13 00:21 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-12 22:31 - 2014-04-13 00:21 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-12 22:31 - 2014-04-12 22:31 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-12 22:30 - 2014-04-12 22:32 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-12 22:30 - 2014-04-12 22:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-12 18:46 - 2014-04-12 18:46 - 01615593 ____C () C:\Users\Guest\Desktop\Memoirs_Book Proposal.zip
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\ICAClient
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-04-12 18:30 - 2014-04-13 10:32 - 00000000 ___DC () C:\Users\Guest\AppData\Local\Citrix
2014-04-12 15:06 - 2014-04-12 15:06 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\AVAST Software
2014-04-12 14:52 - 2014-04-12 14:52 - 00067264 ____C (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-12 14:52 - 2014-04-12 14:52 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-04-06 16:30 - 2014-04-06 16:30 - 00014348 ____C () C:\Users\AJ\.recently-used.xbel
2014-04-04 22:34 - 2014-04-04 22:34 - 00294910 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.mobi
2014-04-04 22:31 - 2014-04-04 22:31 - 00143325 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.epub
2014-04-04 20:57 - 2014-04-04 20:57 - 00125397 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_15pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00126956 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00105417 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.lrf
2014-04-04 20:00 - 2014-04-04 20:00 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Adobe_Systems_Incorporate
2014-04-04 19:57 - 2014-04-04 22:44 - 00000000 ___DC () C:\Users\AJ\Documents\My Digital Editions
2014-04-04 19:57 - 2014-04-04 19:57 - 00002140 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-04 19:57 - 2014-04-04 19:57 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-03-29 17:52 - 2014-03-29 17:52 - 00199046 ____C () C:\Users\AJ\Downloads\BookCover6x9_BW_30.zip
2014-03-28 21:09 - 2014-03-28 21:09 - 00004096 ___HC () C:\Users\AJ\AppData\Local\keyfile3.drm
2014-03-27 10:29 - 2014-03-27 10:29 - 00000132 ____C () C:\Users\AJ\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-03-27 00:42 - 2014-03-27 00:42 - 00081564 ____C () C:\Users\AJ\Downloads\TP010385385.cab

==================== One Month Modified Files and Folders =======

2014-04-25 18:03 - 2014-04-25 18:03 - 00000365 ____C () C:\Users\AJ\Desktop\lp.980a3e3512139cebd10b55ddc52f076ba83f28868ab256aa2cde70af42d0b090.mpwd
2014-04-25 18:01 - 2014-04-25 18:01 - 00000000 ___DC () C:\FRST
2014-04-25 18:01 - 2013-12-29 13:02 - 00000000 __RDC () C:\Users\AJ\Virus Protections
2014-04-25 18:01 - 2011-09-05 16:57 - 00000878 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-25 17:35 - 2014-04-25 17:10 - 00000830 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-25 17:35 - 2010-08-01 17:02 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\DMCache
2014-04-25 17:29 - 2009-07-13 23:34 - 00014016 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-25 17:29 - 2009-07-13 23:34 - 00014016 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-25 17:21 - 2013-10-26 20:05 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-04-25 17:18 - 2013-10-09 15:49 - 00002441 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-25 17:12 - 2010-08-01 17:16 - 00000000 ___DC () C:\Program Files\Common Files\Adobe AIR
2014-04-25 17:11 - 2012-04-03 21:14 - 00692400 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-25 17:11 - 2011-07-07 16:37 - 00070832 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-25 17:08 - 2014-04-25 17:07 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-04-25 17:08 - 2010-09-20 00:33 - 00000000 ___DC () C:\Program Files\Common Files\DivX Shared
2014-04-25 17:08 - 2010-09-20 00:30 - 00000000 ___DC () C:\Program Files\DivX
2014-04-25 17:08 - 2010-09-20 00:29 - 00000000 ___DC () C:\ProgramData\DivX
2014-04-25 17:07 - 2010-09-20 00:34 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\DivX
2014-04-25 17:01 - 2010-08-01 16:04 - 01851196 ____C () C:\Windows\WindowsUpdate.log
2014-04-24 21:01 - 2011-09-05 16:57 - 00000874 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 20:51 - 2011-11-18 05:04 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\vlc
2014-04-24 14:51 - 2011-09-13 16:56 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\IDM
2014-04-24 11:08 - 2009-07-13 21:37 - 00000000 ___DC () C:\Windows\system32\LogFiles
2014-04-23 18:54 - 2014-04-23 15:17 - 00000224 ____C () C:\Windows\setupact.log
2014-04-23 18:54 - 2009-07-13 23:53 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-04-23 15:17 - 2014-04-23 15:17 - 00001304 ____C () C:\Windows\PFRO.log
2014-04-23 15:17 - 2014-04-23 15:17 - 00000000 ____C () C:\Windows\setuperr.log
2014-04-23 14:36 - 2012-02-10 16:50 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Vso
2014-04-23 14:36 - 2011-10-16 23:02 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\FileZilla
2014-04-23 14:34 - 2010-08-01 18:56 - 00000000 ___DC () C:\Windows\Panther
2014-04-23 14:31 - 2014-04-23 14:31 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-23 14:31 - 2010-08-11 16:51 - 00000000 ___DC () C:\Program Files\CCleaner
2014-04-23 14:29 - 2014-04-20 18:50 - 00000872 ____C () C:\DelFix.txt
2014-04-23 14:28 - 2014-04-19 11:21 - 00000000 ___DC () C:\Windows\ERUNT
2014-04-23 12:25 - 2012-08-22 13:26 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Deployment
2014-04-23 11:49 - 2013-01-22 12:52 - 00000000 ___DC () C:\Program Files\Citrix
2014-04-23 11:47 - 2012-04-25 20:11 - 00000000 ___DC () C:\Program Files\Android
2014-04-23 11:04 - 2014-04-23 11:04 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-04-23 11:04 - 2014-04-23 11:04 - 00000000 ___DC () C:\Program Files\Adblock Plus for IE
2014-04-23 10:08 - 2014-04-23 10:08 - 00000000 ___DC () C:\ProgramData\MGTEK
2014-04-23 09:55 - 2014-04-19 16:07 - 00107736 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-22 17:58 - 2010-09-12 05:23 - 00000000 ___DC () C:\Users\AJ\.gimp-2.6
2014-04-22 12:41 - 2011-09-13 16:56 - 00000000 ___DC () C:\Program Files\Internet Download Manager
2014-04-21 15:53 - 2014-04-21 15:53 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Oracle
2014-04-21 15:53 - 2014-04-21 15:53 - 00000000 ___DC () C:\Program Files\Common Files\Java
2014-04-21 15:53 - 2013-10-09 15:59 - 00000000 ___DC () C:\ProgramData\Oracle
2014-04-21 15:52 - 2014-04-21 15:52 - 00264616 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-21 15:52 - 2014-04-21 15:52 - 00175528 ____C (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-21 15:52 - 2014-04-21 15:52 - 00175016 ____C (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-21 15:52 - 2014-04-21 15:52 - 00094632 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-21 15:52 - 2014-04-21 15:52 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-21 15:48 - 2014-04-13 15:02 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2014-04-21 15:44 - 2014-04-21 15:43 - 00004024 ____C () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-21 15:44 - 2010-08-01 23:15 - 00000000 ___DC () C:\Program Files\Java
2014-04-20 18:48 - 2014-04-19 11:35 - 00000000 ___DC () C:\Windows\erdnt
2014-04-19 22:34 - 2010-08-01 17:08 - 00000000 ___DC () C:\Work
2014-04-19 21:53 - 2010-08-01 16:06 - 00000000 ___DC () C:\Users\AJ
2014-04-19 16:49 - 2011-08-22 08:21 - 00000000 ___DC () C:\Program Files\LastPass
2014-04-19 16:48 - 2010-08-28 22:27 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Apps\2.0
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-04-19 16:06 - 2014-04-19 16:06 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-04-19 15:39 - 2013-07-30 01:04 - 00000000 __RDC () C:\Program Files\Skype
2014-04-19 14:46 - 2014-03-04 21:57 - 00000000 ___DC () C:\Program Files\Amazon
2014-04-19 13:11 - 2009-07-13 21:04 - 00000215 ____C () C:\Windows\system.ini
2014-04-19 12:25 - 2009-07-13 21:37 - 00000000 _RHDC () C:\Users\Default
2014-04-19 12:18 - 2009-07-13 21:37 - 00000000 __RDC () C:\Users\Public
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-19 11:09 - 2011-11-07 23:19 - 09925160 ____C (LastPass) C:\Program Files\Common Files\lpuninstall.exe
2014-04-19 11:06 - 2014-04-19 11:05 - 11239936 ____C (LastPass) C:\Users\AJ\Downloads\lastpass(1).exe
2014-04-18 23:19 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-04-15 22:02 - 2014-04-15 22:02 - 00354656 ____C (DivX, Inc.) C:\Windows\system32\DivXControlPanelApplet.cpl
2014-04-15 17:41 - 2009-07-13 21:37 - 00000000 ___DC () C:\Windows\Microsoft.NET
2014-04-13 23:45 - 2011-09-05 16:56 - 00000000 ___DC () C:\Program Files\Google
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-04-13 17:43 - 2014-04-13 17:43 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service
2014-04-13 12:28 - 2011-01-05 17:23 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Google
2014-04-13 10:58 - 2014-04-13 10:58 - 00000000 ___DC () C:\Windows\pss
2014-04-13 10:35 - 2013-01-22 12:53 - 00000000 ___DC () C:\ProgramData\Citrix
2014-04-13 10:32 - 2014-04-12 18:30 - 00000000 ___DC () C:\Users\Guest\AppData\Local\Citrix
2014-04-13 10:32 - 2013-01-22 12:52 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Citrix
2014-04-13 10:30 - 2009-07-13 23:46 - 00001515 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-13 00:25 - 2014-04-12 23:07 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-13 00:23 - 2009-07-13 23:33 - 03783064 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 00:21 - 2014-04-12 22:31 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-13 00:21 - 2014-04-12 22:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-13 00:21 - 2014-04-12 22:31 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-13 00:21 - 2009-07-14 02:50 - 00000000 ___DC () C:\Program Files\Windows Journal
2014-04-13 00:21 - 2009-07-13 21:37 - 00000000 ___DC () C:\Program Files\Common Files\System
2014-04-13 00:20 - 2014-04-12 23:05 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-13 00:19 - 2014-04-13 00:18 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-13 00:19 - 2014-04-13 00:18 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-13 00:18 - 2014-04-12 23:09 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-13 00:18 - 2014-04-12 23:09 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-13 00:18 - 2014-04-12 23:09 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-13 00:18 - 2014-04-12 23:06 - 01210728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-13 00:17 - 2014-04-13 00:16 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-04-13 00:17 - 2014-04-12 23:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-13 00:16 - 2014-04-12 23:08 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-13 00:15 - 2014-04-12 23:06 - 01288984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-13 00:15 - 2014-04-12 23:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-13 00:14 - 2014-04-12 23:06 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-13 00:14 - 2014-04-12 23:05 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-13 00:11 - 2010-08-01 16:10 - 00765238 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-04-13 00:09 - 2014-04-12 23:05 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-13 00:07 - 2014-04-12 23:05 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-13 00:04 - 2014-04-12 23:05 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-13 00:04 - 2014-04-12 23:05 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-13 00:04 - 2014-04-12 23:05 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 03958120 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 03902312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-12 23:58 - 2014-04-12 23:07 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-12 23:57 - 2014-04-12 23:08 - 02614272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-12 23:57 - 2014-04-12 23:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-12 23:57 - 2014-04-12 23:04 - 00197632 _____ (Intel® Corporation) C:\Windows\system32\ir32_32.dll
2014-04-12 23:57 - 2014-04-12 23:04 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-04-12 23:56 - 2014-04-12 23:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-12 23:55 - 2014-04-12 23:09 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-12 23:55 - 2014-04-12 23:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-12 23:55 - 2014-04-12 23:09 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-12 23:55 - 2014-04-12 23:05 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-12 23:55 - 2014-04-12 23:05 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-12 23:55 - 2014-04-12 23:05 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-12 23:55 - 2014-04-12 23:05 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-12 23:55 - 2014-04-12 23:05 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-12 23:54 - 2014-04-12 23:07 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-12 23:53 - 2014-04-12 23:06 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-12 23:53 - 2014-04-12 23:06 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-12 23:53 - 2014-04-12 23:06 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-12 23:53 - 2014-04-12 23:05 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-12 23:52 - 2014-04-12 23:05 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-04-12 23:51 - 2014-04-12 23:04 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-04-12 23:50 - 2014-04-12 23:06 - 00369336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-12 23:50 - 2014-04-12 23:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-12 23:50 - 2014-04-12 23:06 - 00134000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-12 23:50 - 2014-04-12 23:06 - 00067440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-12 23:50 - 2014-04-12 23:05 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-12 23:49 - 2014-04-12 23:05 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-12 23:49 - 2014-04-12 23:05 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-12 23:49 - 2014-04-12 23:05 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-12 23:49 - 2014-04-12 23:04 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-12 23:49 - 2014-04-12 23:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-12 23:48 - 2014-04-12 23:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-12 23:47 - 2014-04-12 23:09 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 23:47 - 2014-04-12 23:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-12 23:47 - 2014-04-12 23:09 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-12 23:46 - 2014-04-12 23:04 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 23:45 - 2014-04-12 23:08 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-12 23:45 - 2014-04-12 23:04 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-12 23:44 - 2014-04-12 23:08 - 01320960 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-04-12 23:44 - 2014-04-12 23:08 - 00507568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-12 23:44 - 2014-04-12 23:08 - 00442920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-12 23:43 - 2014-04-12 23:04 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-12 23:43 - 2014-04-12 23:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-04-12 23:42 - 2014-04-12 23:06 - 01287528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 23:42 - 2014-04-12 23:06 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-04-12 23:42 - 2014-04-12 23:06 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-04-12 23:42 - 2014-04-12 23:06 - 00187240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-12 23:41 - 2014-04-12 23:06 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-12 23:41 - 2014-04-12 23:06 - 11406848 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-12 23:41 - 2014-04-12 23:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-12 23:38 - 2014-04-12 23:08 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-12 23:38 - 2014-04-12 23:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-12 23:38 - 2014-04-12 23:05 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-12 23:37 - 2014-04-12 23:05 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-12 23:36 - 2014-04-12 23:06 - 00826368 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-12 23:36 - 2014-04-12 23:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-12 23:36 - 2014-04-12 23:05 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-04-12 23:36 - 2014-04-12 23:05 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-04-12 23:35 - 2014-04-12 23:06 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-12 23:35 - 2014-04-12 23:06 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-12 23:35 - 2014-04-12 23:06 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-12 23:34 - 2014-04-12 23:06 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-12 23:34 - 2014-04-12 23:06 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-12 23:34 - 2014-04-12 23:05 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-12 23:29 - 2014-04-12 23:28 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-12 23:29 - 2014-04-12 23:28 - 00019312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-12 23:29 - 2014-04-12 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-12 23:29 - 2014-04-12 23:05 - 01034240 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-12 23:28 - 2014-04-12 23:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 23:28 - 2014-04-12 23:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 23:28 - 2014-04-12 23:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-12 23:28 - 2014-04-12 23:28 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-12 23:28 - 2014-04-12 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-12 23:28 - 2014-04-12 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-12 23:28 - 2014-04-12 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-12 23:26 - 2014-04-12 23:08 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-12 23:26 - 2014-04-12 23:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-12 23:26 - 2014-04-12 23:08 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-12 23:26 - 2014-04-12 23:06 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-12 23:26 - 2014-04-12 23:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-12 23:26 - 2014-04-12 23:06 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-12 23:26 - 2014-04-12 23:05 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-12 23:26 - 2014-04-12 23:04 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-12 23:26 - 2014-04-12 23:04 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-12 23:25 - 2014-04-12 23:10 - 00768512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-12 23:25 - 2014-04-12 23:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-12 23:25 - 2014-04-12 23:05 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-12 23:25 - 2014-04-12 23:04 - 00056688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-12 23:24 - 2014-04-12 23:20 - 00000000 ___DC () C:\Windows\system32\MRT
2014-04-12 23:24 - 2014-04-12 23:05 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-12 23:24 - 2014-04-12 23:04 - 00101760 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-12 23:19 - 2014-04-12 23:06 - 01170944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 00739840 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-12 23:19 - 2014-04-12 23:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-12 23:17 - 2014-04-12 23:04 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-04-12 23:16 - 2014-04-12 23:08 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-12 23:16 - 2014-04-12 23:06 - 12868608 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 23:16 - 2014-04-12 23:05 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-12 23:16 - 2014-04-12 23:05 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-12 23:16 - 2014-04-12 23:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-12 23:12 - 2014-04-12 23:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-12 23:11 - 2014-04-12 22:39 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-12 23:11 - 2014-04-12 22:39 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-12 22:32 - 2014-04-12 22:30 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-12 22:32 - 2014-04-12 22:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-12 22:31 - 2014-04-12 22:31 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-12 22:31 - 2014-04-12 22:31 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-12 21:18 - 2010-12-26 01:07 - 00000000 ___DC () C:\Windows\Minidump
2014-04-12 18:46 - 2014-04-12 18:46 - 01615593 ____C () C:\Users\Guest\Desktop\Memoirs_Book Proposal.zip
2014-04-12 18:36 - 2011-11-01 17:30 - 00000000 ___DC () C:\Users\Guest\AppData\Local\Mozilla
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\ICAClient
2014-04-12 18:31 - 2014-04-12 18:31 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-04-12 18:31 - 2011-12-03 21:05 - 00116456 ____C () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 18:30 - 2011-11-01 17:27 - 00000000 ___DC () C:\Users\Guest\AppData\Roaming\Real
2014-04-12 15:06 - 2014-04-12 15:06 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\AVAST Software
2014-04-12 14:52 - 2014-04-12 14:52 - 00067264 ____C (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-12 14:52 - 2014-04-12 14:52 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-04-12 14:52 - 2013-10-09 15:24 - 00180760 ____C () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-12 14:52 - 2013-10-09 15:24 - 00049944 ____C () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-12 14:52 - 2012-02-26 02:49 - 00081768 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-12 14:52 - 2011-09-30 14:50 - 00411552 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-12 14:52 - 2011-09-30 14:49 - 00776976 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-12 14:52 - 2011-09-30 14:49 - 00271264 ____C (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-12 14:52 - 2011-09-30 14:49 - 00067824 ____C (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-12 14:46 - 2011-09-30 11:42 - 00000000 ___DC () C:\ProgramData\AVAST Software
2014-04-12 14:46 - 2009-07-13 21:04 - 00002577 ____C () C:\Windows\system32\config.nt
2014-04-06 16:30 - 2014-04-06 16:30 - 00014348 ____C () C:\Users\AJ\.recently-used.xbel
2014-04-06 16:30 - 2010-09-12 05:29 - 00000000 ___DC () C:\Users\AJ\AppData\Roaming\gtk-2.0
2014-04-04 22:44 - 2014-04-04 19:57 - 00000000 ___DC () C:\Users\AJ\Documents\My Digital Editions
2014-04-04 22:34 - 2014-04-04 22:34 - 00294910 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.mobi
2014-04-04 22:31 - 2014-04-04 22:31 - 00143325 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet.epub
2014-04-04 20:57 - 2014-04-04 20:57 - 00125397 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_15pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00126956 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.epub
2014-04-04 20:32 - 2014-04-04 20:32 - 00105417 ____C () C:\Users\AJ\Downloads\memoirs-of-a-reincarnated-prophet_20pct_sample.lrf
2014-04-04 20:00 - 2014-04-04 20:00 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Adobe_Systems_Incorporate
2014-04-04 19:57 - 2014-04-04 19:57 - 00002140 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-04 19:57 - 2014-04-04 19:57 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-04 19:57 - 2010-08-01 17:16 - 00000000 ___DC () C:\Program Files\Adobe
2014-04-03 16:59 - 2010-08-01 23:58 - 00143872 ____C () C:\Users\AJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 09:51 - 2014-04-19 16:06 - 00073432 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-19 16:06 - 00051416 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-19 16:06 - 00023256 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2010-08-01 16:36 - 00231584 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:51 - 2014-04-12 23:19 - 88028728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-29 17:52 - 2014-03-29 17:52 - 00199046 ____C () C:\Users\AJ\Downloads\BookCover6x9_BW_30.zip
2014-03-29 15:58 - 2014-03-04 20:17 - 00000000 ___DC () C:\Users\AJ\AppData\Local\Amazon
2014-03-28 21:09 - 2014-03-28 21:09 - 00004096 ___HC () C:\Users\AJ\AppData\Local\keyfile3.drm
2014-03-27 10:29 - 2014-03-27 10:29 - 00000132 ____C () C:\Users\AJ\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-03-27 00:42 - 2014-03-27 00:42 - 00081564 ____C () C:\Users\AJ\Downloads\TP010385385.cab

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 14:13

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

I do not see any evidence of infection in those logs..... I also do not see evidence of Service Pack 1 (SP1) being installed...

 

Continue as follows:

 

Read the following link before we continue and run Combofix:

 

ComboFix usage, Questions, Help? - Look here

 

Next,

 

Download Combofix either of the following links :-

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

http://www.infospyware.net/antimalware/combofix/

 

 

  •  

     

  • Ensure that Combofix is saved directly to the Desktop <--- Very important

     

     

     

  • Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.

     

     

     

  • Close any open browsers and any other programs you might have running

     

     

     

  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)

     

     

     

  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.

     

     

     

  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.

     

     

     

  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

     

     

 

 

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

 

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

 

*EXTRA NOTES*

 

  •  

       

  • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.

     

       

  • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal

     

       

  • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

     

     

 

 

Post the log in next reply please...

 

Kevin

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.