Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: File recovery from ransomware infection

  1. #1
    Junior Member
    Join Date
    Jan 2015

    Default File recovery from ransomware infection

    Hi Guys

    I hope you can help; I appear to have been the victim of some form of ransomware variant of cryptolocker.

    My system no longer has the infection but it has left in its wake a whole lot of my files and years of photos encrypted.

    The ransom ware demands I pay 0.5 bit coin for the decryption key.

    I’m no computer genius and would really appreciate some help with decrypting the files if possible.

    I have read the forum rules re posting regarding this topic and can provide the results from the Farbar scan tool if you require this.

    The affected folders have been left with two new files instructing me what to do next to decrypt my files, the text of which is below.

    I would be forever grateful if someone could help me out here as I’m gutted regarding the loss of the family photos and really don’t want fund any criminals to regain them.

    Yours hopefully


    Your documents, photos, databases and other important files have been encrypted
    with strongest encryption and unique key, generated for this computer.

    Private decryption key is stored on a secret Internet server and nobody can
    decrypt your files until you pay and obtain the private key.

    If you see the main locker window, follow the instructions on the locker.
    Overwise, it's seems that you or your antivirus deleted the locker program.
    Now you have the last chance to decrypt your files.

    1. Type the address Edit in your Internet browser.
    It opens the Tor site.

    2. Press 'Download Tor', then press 'DOWNLOAD Tor Browser Bundle',
    install and run it.\

    3. Now you have Tor Browser. In the Tor Browser open the Edit
    Note that this server is available via Tor Browser only.
    Retry in 1 hour if site is not reachable.

    4. Copy and paste the following public key in the input form on server. Avoid missprints.
    5. Follow the instructions on the server.
    Last edited by tashi; 2015-01-21 at 15:24. Reason: Removed links and attachment

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005


    Hello waynebinukq,

    Sorry to hear the computer was infected.

    Quote Originally Posted by waynebinukq View Post
    I have read the forum rules re posting regarding this topic and can provide the results from the Farbar scan tool if you require this.
    Could you provide the log please, then I will merge your posts and remove mine as helpers look for a zero response.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Jan 2015


    Hi, the addition log file from Farbar scan tool is now attached.

    It will not allow me to upload the FRST file as it exceeds the file limit of 48.8kb

    Shall I just copy the text into the thread?

    Many thanks

    Attached Files Attached Files

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005


    Hi waynebinukq,

    Quote Originally Posted by waynebinukq View Post
    Shall I just copy the text into the thread?
    Yes please.

    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log into your topic
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please attach that along with the FRST.txt into your reply.

    aswMBR Log

    Important! Please do NOT perform any fix options offered in aswMBR, we just need to see the report.

    Please download aswMBR to your desktop.

    • Double click the aswMBR icon to run it.
    • If a prompt stating: The computer supports "Virtualization Technology" appears select Yes
    • Click the Scan button to start scan.
    • If you are asked to update the Avast Virus database please allow it to do so.
    • When it finishes, press the Save Log button, save the logfile to your desktop and post its contents in your reply with the Farbar (FRST) log.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Junior Member
    Join Date
    Jan 2015


    Hi tashi,

    The text content exceeds the limit of 200000 characters, do you require I add several reply’s in order to fit all the text in?

    I’m not sure if this information will help as Windows has been re-installed by a friend and the infection seems to be gone now, I can provide an example of the encrypted .jpg files if this will help with decryption?

    Sorry if I'm causing you any hassle.


  6. #6
    Junior Member
    Join Date
    Jan 2015

    Default aswMBR scan result

    aswMBR version Copyright(c) 2014 AVAST Software
    Run date: 2015-01-21 15:29:50
    15:29:50.350 OS Version: Windows 6.1.7601 Service Pack 1
    15:29:50.350 Number of processors: 4 586 0xF0B
    15:29:50.350 ComputerName: HOMEPC-PC UserName: HomePC
    15:29:50.911 Initialize success
    15:29:51.208 VM: initialized successfully
    15:29:51.208 VM: Intel CPU supported
    15:29:54.142 VM: supported disk I/O ataport.SYS
    15:31:17.547 AVAST engine defs: 15012100
    15:31:19.310 The log file has been saved successfully to "C:\Users\HomePC\Desktop\aswMBR.txt"

    aswMBR version Copyright(c) 2014 AVAST Software
    Run date: 2015-01-21 15:29:50
    15:29:50.350 OS Version: Windows 6.1.7601 Service Pack 1
    15:29:50.350 Number of processors: 4 586 0xF0B
    15:29:50.350 ComputerName: HOMEPC-PC UserName: HomePC
    15:29:50.911 Initialize success
    15:29:51.208 VM: initialized successfully
    15:29:51.208 VM: Intel CPU supported
    15:29:54.142 VM: supported disk I/O ataport.SYS
    15:31:17.547 AVAST engine defs: 15012100
    15:31:19.310 The log file has been saved successfully to "C:\Users\HomePC\Desktop\aswMBR.txt"
    15:31:37.499 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-7
    15:31:37.515 Disk 0 Vendor: ST2000DL001-9VT156 CC97 Size: 1907729MB BusType: 3
    15:31:37.515 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-3
    15:31:37.515 Disk 1 Vendor: OCZ-OCTANE 1.14 Size: 244198MB BusType: 3
    15:31:37.531 Disk 1 MBR read successfully
    15:31:37.531 Disk 1 MBR scan
    15:31:37.640 Disk 1 Windows 7 default MBR code
    15:31:37.640 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    15:31:37.640 Disk 1 default boot code
    15:31:37.671 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 244096 MB offset 206848
    15:31:37.687 Disk 1 scanning sectors +500115456
    15:31:37.702 Disk 1 scanning C:\Windows\system32\drivers
    15:31:46.033 Service scanning
    15:32:06.190 Modules scanning
    15:32:06.190 Disk 1 trace - called modules:
    15:32:06.206 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
    15:32:06.206 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x85d788f0]
    15:32:06.221 3 CLASSPNP.SYS[8c7c259e] -> nt!IofCallDriver -> [0x85c73408]
    15:32:06.221 5 ACPI.sys[8c2c43d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x858b1030]
    15:32:06.486 AVAST engine scan C:\Windows
    15:32:07.298 AVAST engine scan C:\Windows\system32
    15:35:48.819 AVAST engine scan C:\Windows\system32\drivers
    15:35:56.296 AVAST engine scan C:\Users\HomePC
    15:38:11.474 AVAST engine scan C:\ProgramData
    15:39:09.095 Disk 1 statistics 3292118/0/0 @ 14.52 MB/s
    15:39:09.095 Scan finished successfully
    15:39:37.459 Disk 1 MBR has been saved successfully to "C:\Users\HomePC\Desktop\MBR.dat"
    15:39:37.771 The log file has been saved successfully to "C:\Users\HomePC\Desktop\aswMBR.txt"

  7. #7
    Junior Member
    Join Date
    Jan 2015

    Default Scan result of Farbar Recovery Scan Tool

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
    Ran by HomePC (administrator) on HOMEPC-PC on 21-01-2015 14:40:51
    Running from C:\Users\HomePC\Downloads
    Loaded Profiles: HomePC (Available profiles: HomePC)
    Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool:

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\fshoster32.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
    () C:\Windows\System32\PnkBstrA.exe
    () C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
    (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
    (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
    (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
    (Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
    (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\fshoster32.exe
    (F-Secure Corporation) C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (NVIDIA Corporation) C:\Users\HomePC\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
    HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1310720 2014-12-28] (Analog Devices, Inc.)
    HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
    HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2013-04-16] (Saitek)
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM\...\Run: [F-Secure Hoster (49534)] => C:\Program Files\F-Secure\fshoster32.exe [187432 2014-12-11] (F-Secure Corporation)
    HKLM\...\Run: [F-Secure Manager] => C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-06-24] (F-Secure Corporation)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: ** <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
    HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: bcdedit.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-28] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-636474949-2419348854-2744945084-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
    HKU\S-1-5-21-636474949-2419348854-2744945084-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
    SearchScopes: HKU\S-1-5-21-636474949-2419348854-2744945084-1000 -> DefaultScope {3F941D5A-8FD9-4dc4-94E5-F6C2C7CF6571} URL ={searchTerms}&fs_uo=provider
    SearchScopes: HKU\S-1-5-21-636474949-2419348854-2744945084-1000 -> {3F941D5A-8FD9-4dc4-94E5-F6C2C7CF6571} URL ={searchTerms}&fs_uo=provider
    BHO: Virgin Media Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
    BHO: F-Secure Search -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files\F-Secure\apps\SafeSearch\IE\FSSafeSearch.dll (F-Secure Corporation)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files\F-Secure\apps\SafeSearch\IE\FSSafeSearch.dll (F-Secure Corporation)
    Toolbar: HKU\S-1-5-21-636474949-2419348854-2744945084-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer]

    FF Plugin:,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
    FF Plugin:,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin:,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin:,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin:,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin:,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF HKLM\...\Firefox\Extensions: [{9ff1b92b-58cb-4cdf-8c2d-efe53429008f}] - C:\Program Files\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
    FF Extension: Browsing Protection - C:\Program Files\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2015-01-18]

    CHR Profile: C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-28]
    CHR Extension: (Google Docs) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-28]
    CHR Extension: (Google Drive) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-28]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-28]
    CHR Extension: (YouTube) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-28]
    CHR Extension: (Google Search) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-28]
    CHR Extension: (Google Sheets) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-28]
    CHR Extension: (Browsing Protection by F-Secure) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2015-01-18]
    CHR Extension: (Google Wallet) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-28]
    CHR Extension: (Gmail) - C:\Users\HomePC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-28]
    CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-24] (Disc Soft Ltd)
    R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
    R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
    R2 fshoster; C:\Program Files\F-Secure\fshoster32.exe [187432 2014-12-11] (F-Secure Corporation)
    R3 FSMA; C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-06-24] (F-Secure Corporation)
    R2 FSORSPClient; C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation)
    S3 jswpsapi; C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe [960992 2010-03-22] (Atheros Communications, Inc.)
    R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-28] (Electronic Arts)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-12-28] ()
    R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
    S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
    R2 WSWNA1100; C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1564160 2010-10-11] (Atheros Communications, Inc.)
    R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [25000 2015-01-08] (Disc Soft Ltd)
    R3 F-Secure Gatekeeper; C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [149544 2015-01-18] (F-Secure Corporation)
    R1 F-Secure HIPS; C:\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [74920 2015-01-18] (F-Secure Corporation)
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2015-01-18] ()
    R3 fsni; C:\Program Files\F-Secure\apps\CCF_Scanning\bin\fsni32.sys [73256 2015-01-18] (F-Secure Corporation)
    R1 fsvista; C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [12840 2014-06-24] ()
    R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
    S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
    R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80120.sys [472792 2015-01-18] (IBM Corp.)
    R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251640 2014-12-22] (IBM Corp.)
    R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [208856 2014-12-22] (IBM Corp.)
    R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332696 2014-12-22] (IBM Corp.)
    R3 RecFltr; C:\Windows\System32\Drivers\RecFltr.sys [41984 2007-01-18] ()
    R3 SaiK1705; C:\Windows\System32\DRIVERS\SaiK1705.sys [145256 2012-09-20] (Saitek)
    R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [23200 2013-04-30] (Saitek)
    R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [46624 2013-04-30] (Saitek)
    R3 SaiU1705; C:\Windows\System32\DRIVERS\SaiU1705.sys [41320 2012-09-20] (Saitek)
    R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows (R) Win 7 DDK provider)
    R3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-21] (TP-LINK TECHNOLOGIES CO., LTD)
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-21 14:40 - 2015-01-21 14:41 - 00043282 _____ () C:\Users\HomePC\Downloads\FRST.txt
    2015-01-21 14:35 - 2015-01-21 14:35 - 00000000 ____D () C:\Windows\system32\appmgmt
    2015-01-21 14:11 - 2014-12-21 20:27 - 05292054 _____ () C:\Users\HomePC\Desktop\AllFilesAreLocked 70309.bmp
    2015-01-21 13:57 - 2015-01-21 13:58 - 05198336 _____ (AVAST Software) C:\Users\HomePC\Downloads\aswMBR.exe
    2015-01-21 13:52 - 2015-01-21 13:52 - 00131072 ____N () C:\Windows\Minidump\012115-12027-01.dmp
    2015-01-21 13:50 - 2015-01-21 14:40 - 00000000 ____D () C:\FRST
    2015-01-21 13:48 - 2015-01-21 13:48 - 01118208 _____ (Farbar) C:\Users\HomePC\Downloads\FRST.exe
    2015-01-20 13:58 - 2015-01-20 13:58 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
    2015-01-20 13:58 - 2015-01-20 13:58 - 00000000 ____D () C:\ProgramData\Sun
    2015-01-20 13:58 - 2015-01-20 13:58 - 00000000 ____D () C:\ProgramData\Oracle
    2015-01-20 13:58 - 2015-01-20 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-01-20 13:58 - 2015-01-20 13:58 - 00000000 ____D () C:\Program Files\Java
    2015-01-20 13:58 - 2015-01-20 13:58 - 00000000 ____D () C:\Program Files\Common Files\Java
    2015-01-20 13:57 - 2015-01-20 13:57 - 00638888 _____ (Oracle Corporation) C:\Users\HomePC\Downloads\chromeinstall-8u25.exe
    2015-01-20 13:12 - 2011-09-30 09:02 - 476952047 _____ () C:\Users\HomePC\Desktop\Bus incident.MOV
    2015-01-20 09:18 - 2015-01-20 09:18 - 00000000 ____D () C:\Windows\pss
    2015-01-19 16:40 - 2015-01-19 16:40 - 00000000 ____D () C:\Windows\system32\directx
    2015-01-19 16:40 - 2015-01-19 16:40 - 00000000 ____D () C:\Users\HomePC\Documents\My Games
    2015-01-18 21:35 - 2015-01-18 21:35 - 01540308 _____ () C:\Users\HomePC\Downloads\Fury_2014_BRRip_x264_1080p-NPW.nzb
    2015-01-18 20:13 - 2015-01-18 20:13 - 00737272 _____ (Emsisoft Ltd) C:\Users\HomePC\Downloads\decrypt_pclock.exe
    2015-01-18 18:38 - 2015-01-21 13:52 - 00000596 _____ () C:\Windows\Tasks\Scheduled scanning task.job
    2015-01-18 17:58 - 2015-01-18 17:58 - 00751688 _____ (Emsisoft GmbH) C:\Users\HomePC\Downloads\decrypt_mblblock.exe
    2015-01-18 16:36 - 2015-01-18 16:38 - 00001170 _____ () C:\Users\Public\Desktop\CryptoPrevent.lnk
    2015-01-18 16:36 - 2015-01-18 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
    2015-01-18 16:36 - 2015-01-18 16:36 - 00053248 _____ () C:\Windows\system32\zlib.dll
    2015-01-18 16:36 - 2015-01-18 16:36 - 00000000 ____D () C:\ProgramData\Foolish IT
    2015-01-18 16:36 - 2015-01-18 16:36 - 00000000 ____D () C:\Program Files\Foolish IT
    2015-01-18 16:35 - 2015-01-18 16:36 - 00971528 _____ (Foolish IT LLC ) C:\Users\HomePC\Downloads\CryptoPreventSetup.exe
    2015-01-18 14:07 - 2015-01-18 14:13 - 00044240 _____ () C:\Windows\system32\Drivers\fsbts.sys
    2015-01-18 14:07 - 2015-01-18 14:07 - 00020548 _____ () C:\Windows\prodsett_copy.ini
    2015-01-18 14:07 - 2015-01-18 14:07 - 00000645 _____ () C:\Windows\fsav_db_setup.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 03814543 _____ () C:\Windows\FSISU.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00851447 _____ () C:\Windows\FSSFM.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00694023 _____ () C:\Windows\FSSETUP.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00140703 _____ () C:\Windows\FSDEPH.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00136068 _____ () C:\Windows\FSPROD.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00088551 _____ () C:\Windows\RunSetup.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00066633 _____ () C:\Windows\FSAVINST.LOG
    2015-01-18 14:06 - 2015-01-18 14:07 - 00009832 _____ () C:\Windows\FSAVCSIN.LOG
    2015-01-18 14:06 - 2015-01-18 14:07 - 00004311 _____ () C:\Windows\FSGKIAIN.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00004170 _____ () C:\Windows\fstnbins.LOG
    2015-01-18 14:06 - 2015-01-18 14:07 - 00003255 _____ () C:\Windows\fsavunin.log
    2015-01-18 14:06 - 2015-01-18 14:07 - 00001813 _____ () C:\Windows\FSLDIN.LOG
    2015-01-18 14:06 - 2015-01-18 14:06 - 00019322 _____ () C:\Windows\fspplugin.log
    2015-01-18 14:03 - 2015-01-18 14:03 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Trusteer
    2015-01-18 14:03 - 2015-01-18 14:03 - 00000000 ____D () C:\ProgramData\Trusteer
    2015-01-18 14:03 - 2015-01-18 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
    2015-01-18 14:03 - 2015-01-18 14:03 - 00000000 ____D () C:\Program Files\Trusteer
    2015-01-18 14:02 - 2015-01-18 14:02 - 00436504 _____ (IBM Corp.) C:\Users\HomePC\Downloads\RpprtSetup.exe
    2015-01-18 14:01 - 2015-01-18 14:01 - 00000000 ___SD () C:\Users\HomePC\Documents\Passwords Database
    2015-01-18 13:59 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\HomePC\AppData\Local\F-Secure
    2015-01-18 13:59 - 2015-01-18 14:07 - 00000000 ____D () C:\ProgramData\F-Secure
    2015-01-18 13:59 - 2015-01-18 14:00 - 00000000 ____D () C:\Program Files\F-Secure
    2015-01-18 13:59 - 2015-01-18 13:59 - 00816680 _____ (F-Secure Corporation) C:\Users\HomePC\Downloads\VirginMediaNetworkInstaller_C-GK39H-EBVRH-4UHKC-RT98L_.exe
    2015-01-18 13:59 - 2015-01-18 13:59 - 00001981 _____ () C:\Users\Public\Desktop\F-Secure.lnk
    2015-01-18 13:59 - 2015-01-18 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
    2015-01-18 13:49 - 2015-01-18 13:49 - 04446072 _____ () C:\Users\HomePC\Downloads\Decryptolocker.exe
    2015-01-18 11:35 - 2015-01-18 11:35 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
    2015-01-18 11:34 - 2015-01-18 11:35 - 00000000 ____D () C:\ProgramData\RogueKiller
    2015-01-18 11:34 - 2015-01-18 11:34 - 15340120 _____ () C:\Users\HomePC\Downloads\RogueKiller.exe
    2015-01-18 10:48 - 2015-01-18 10:48 - 00000000 ____D () C:\Users\HomePC\Desktop\Tor Browser
    2015-01-18 10:29 - 2015-01-18 10:29 - 00913400 _____ (Microsoft Corporation) C:\Users\HomePC\Downloads\mssstool32.exe
    2015-01-18 10:15 - 2014-12-28 20:34 - 00000864 _____ () C:\Windows\system32\Drivers\etc\hosts.20150118-101550.backup
    2015-01-18 10:10 - 2015-01-18 10:11 - 16409960 _____ (Safer Networking Limited ) C:\Users\HomePC\Downloads\spybotsd162.exe
    2015-01-18 09:30 - 2015-01-18 09:30 - 00245248 _____ () C:\Users\HomePC\Desktop\Copy of Total loss Calculator.xls (Total loss only).xls
    2015-01-18 09:26 - 2015-01-18 09:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-18 09:25 - 2015-01-18 09:25 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\HomePC\Downloads\mbam-setup-
    2015-01-18 09:03 - 2012-08-31 16:11 - 08286208 _____ (Timespace Technology) C:\Users\HomePC\Desktop\PCPlayerall.exe
    2015-01-18 09:02 - 2014-09-05 15:19 - 180744472 _____ () C:\Users\HomePC\Desktop\AZ3328 19114 11 02 14 SM13 7209.xba
    2015-01-17 13:45 - 2015-01-17 13:45 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\NVIDIA
    2015-01-17 13:44 - 2015-01-17 13:44 - 00000216 _____ () C:\Users\HomePC\Desktop\Scribblenauts Unlimited.url
    2015-01-14 20:58 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-01-14 20:58 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-01-14 20:44 - 2014-12-19 02:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-14 20:44 - 2014-12-19 01:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-14 20:44 - 2014-12-11 17:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-14 20:44 - 2014-12-06 03:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-10 15:35 - 2015-01-10 15:35 - 00186352 _____ () C:\Windows\Minidump\011015-25927-01.dmp
    2015-01-10 07:22 - 2015-01-10 07:22 - 00131072 ____N () C:\Windows\Minidump\011015-14492-01.dmp
    2015-01-10 06:34 - 2015-01-10 06:34 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
    2015-01-10 06:34 - 2015-01-10 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
    2015-01-10 06:34 - 2015-01-10 06:34 - 00000000 ____D () C:\Program Files\epson
    2015-01-10 06:34 - 2008-11-17 00:00 - 00342016 _____ (Seiko Epson Corporation) C:\Windows\system32\eswiaud.dll
    2015-01-10 06:32 - 2008-08-08 02:09 - 00086528 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FLBFME.DLL
    2015-01-10 06:32 - 2007-12-07 02:01 - 00078848 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FD4BFME.DLL
    2015-01-10 06:32 - 2007-04-10 01:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
    2015-01-10 06:31 - 2015-01-10 06:34 - 00000000 ____D () C:\ProgramData\EPSON
    2015-01-10 06:31 - 2015-01-10 06:32 - 12803072 _____ () C:\Users\HomePC\Downloads\epson324769eu.exe
    2015-01-10 06:31 - 2015-01-10 06:31 - 20380672 _____ () C:\Users\HomePC\Downloads\epson374898eu.exe
    2015-01-10 06:20 - 2015-01-10 08:49 - 00016116 ____H () C:\Users\HomePC\Desktop\~WRL3154.tmp
    2015-01-10 06:20 - 2015-01-10 06:24 - 00015112 ____H () C:\Users\HomePC\Desktop\~WRL0965.tmp
    2015-01-10 05:18 - 2015-01-10 05:18 - 00013241 ____H () C:\Users\HomePC\Desktop\~WRL0005.tmp
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\Windows\PCHEALTH
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
    2015-01-10 05:08 - 2015-01-10 05:08 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
    2015-01-10 05:07 - 2015-01-10 05:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-01-10 05:07 - 2015-01-10 05:08 - 00000000 ____D () C:\Program Files\Microsoft Office
    2015-01-10 05:07 - 2015-01-10 05:07 - 00000000 __RHD () C:\MSOCache
    2015-01-10 05:07 - 2015-01-10 05:07 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Microsoft Help
    2015-01-10 05:07 - 2015-01-10 05:07 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
    2015-01-10 05:07 - 2015-01-10 05:07 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
    2015-01-09 20:33 - 2015-01-09 20:33 - 00262144 _____ () C:\Windows\system32\config\elam
    2015-01-09 05:17 - 2015-01-09 21:09 - 00000000 __SHD () C:\Program Files\Windows Manager
    2015-01-08 22:17 - 2015-01-08 22:17 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
    2015-01-08 22:16 - 2015-01-09 06:40 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\70F6FB29-2435-4450-996E-FE9947E0CC89
    2015-01-08 22:16 - 2015-01-08 22:16 - 00025000 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
    2015-01-08 22:16 - 2015-01-08 22:16 - 00001878 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
    2015-01-08 22:16 - 2015-01-08 22:16 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\CloudService
    2015-01-08 22:16 - 2015-01-08 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
    2015-01-08 22:16 - 2015-01-08 22:16 - 00000000 ____D () C:\Program Files\DAEMON Tools Pro
    2015-01-08 22:14 - 2015-01-08 22:16 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\DAEMON Tools Pro
    2015-01-08 22:13 - 2015-01-09 20:35 - 00000000 __SHD () C:\ProgramData\Windows Manager
    2015-01-08 22:13 - 2015-01-09 20:35 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
    2015-01-08 22:12 - 2015-01-08 22:12 - 00000000 __RSH () C:\MSDOS.SYS
    2015-01-08 22:12 - 2015-01-08 22:12 - 00000000 __RSH () C:\IO.SYS
    2015-01-08 22:11 - 2015-01-08 22:11 - 00232936 _____ () C:\Users\HomePC\Downloads\DTLite4491-0356.exe
    2015-01-08 22:07 - 2015-01-08 22:07 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Nero_AG
    2015-01-08 22:06 - 2015-01-08 22:07 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Nero
    2015-01-06 20:31 - 2015-01-06 20:31 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Nero
    2015-01-06 20:23 - 2015-01-21 14:33 - 00000000 ____D () C:\ProgramData\Nero
    2015-01-05 18:01 - 2015-01-05 18:01 - 00131072 ____N () C:\Windows\Minidump\010515-9999-01.dmp
    2015-01-04 18:29 - 2015-01-04 18:29 - 00000000 ____D () C:\Users\HomePC\AppData\Local\CrashRpt
    2015-01-03 20:11 - 2015-01-17 18:41 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Google
    2015-01-03 18:31 - 2015-01-03 18:31 - 00131072 ____N () C:\Windows\Minidump\010315-10155-01.dmp
    2015-01-03 14:33 - 2015-01-03 14:33 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Macromedia
    2015-01-03 14:32 - 2015-01-21 14:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-03 14:32 - 2015-01-17 11:22 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-01-03 14:32 - 2015-01-17 11:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-01-03 14:32 - 2015-01-03 14:33 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Adobe
    2015-01-03 14:32 - 2015-01-03 14:32 - 00000000 ____D () C:\Windows\system32\Macromed
    2015-01-03 01:20 - 2015-01-03 01:20 - 00000000 ____D () C:\Users\HomePC\Documents\Square Enix
    2015-01-02 21:14 - 2015-01-02 21:14 - 00000000 ____D () C:\Users\HomePC\Downloads\FPS_Profiles_v1_2
    2015-01-02 21:13 - 2015-01-02 21:13 - 00411361 _____ () C:\Users\HomePC\Downloads\
    2015-01-02 21:13 - 2015-01-02 21:13 - 00227959 _____ () C:\Users\HomePC\Downloads\
    2015-01-02 21:13 - 2015-01-02 21:13 - 00041877 _____ () C:\Users\HomePC\Downloads\
    2015-01-02 21:11 - 2015-01-02 21:11 - 00257145 _____ () C:\Users\HomePC\Downloads\
    2015-01-01 21:04 - 2015-01-18 18:18 - 00000000 ____D () C:\ProgramData\PMS
    2015-01-01 21:04 - 2015-01-01 21:04 - 00000960 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk
    2015-01-01 21:04 - 2015-01-01 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
    2015-01-01 21:03 - 2015-01-01 21:04 - 00000000 ____D () C:\Program Files\PS3 Media Server
    2015-01-01 21:03 - 2015-01-01 21:03 - 53679694 _____ () C:\Users\HomePC\Downloads\pms-1.90.1-setup-full.exe
    2015-01-01 21:01 - 2015-01-01 21:01 - 91440981 _____ () C:\Users\HomePC\Downloads\pms-1.90.1-setup-macosx.gz
    2015-01-01 21:01 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-01-01 13:03 - 2015-01-01 13:03 - 00000000 ____D () C:\Users\HomePC\Documents\FIFA World
    2015-01-01 00:58 - 2015-01-01 00:58 - 00000000 ____D () C:\Users\HomePC\AppData\Local\SmartTechnology
    2015-01-01 00:57 - 2015-01-01 00:57 - 00006838 _____ () C:\Users\HomePC\Documents\RAT PROFILE DEFAULT.pr0
    2014-12-31 21:03 - 2014-12-31 21:03 - 00000000 ____D () C:\Users\HomePC\AppData\Local\sabnzbd
    2014-12-31 21:02 - 2014-12-31 21:02 - 00000949 _____ () C:\Users\HomePC\Desktop\SABnzbd.lnk
    2014-12-31 21:02 - 2014-12-31 21:02 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd
    2014-12-31 21:02 - 2014-12-31 21:02 - 00000000 ____D () C:\Program Files\SABnzbd
    2014-12-31 21:01 - 2014-12-31 21:01 - 10926924 _____ () C:\Users\HomePC\Downloads\SABnzbd-0.7.20-win32-setup.exe
    2014-12-31 19:34 - 2014-12-31 19:34 - 00000000 ____D () C:\ProgramData\SmartTechnology
    2014-12-31 19:34 - 2014-12-31 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
    2014-12-31 19:34 - 2014-12-31 19:34 - 00000000 ____D () C:\Program Files\SmartTechnology
    2014-12-31 19:19 - 2014-12-31 19:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SaiK1705_01009.Wdf
    2014-12-31 19:10 - 2014-12-31 19:15 - 128485336 _____ (Mad catz ) C:\Users\HomePC\Downloads\Smart Technology 7_0_27_13 32bit.exe
    2014-12-31 19:10 - 2014-12-31 19:10 - 06965936 _____ (Mad catz ) C:\Users\HomePC\Downloads\Range_RAT5_SD7_0_20_0_32Bit_Drivers_NonWHQL.exe
    2014-12-31 14:49 - 2014-12-31 14:49 - 00000000 __SHD () C:\Users\HomePC\AppData\Local\EmieUserList
    2014-12-31 14:49 - 2014-12-31 14:49 - 00000000 __SHD () C:\Users\HomePC\AppData\Local\EmieSiteList
    2014-12-31 14:49 - 2014-12-31 14:49 - 00000000 __SHD () C:\Users\HomePC\AppData\Local\EmieBrowserModeList
    2014-12-31 14:44 - 2014-12-31 14:44 - 01534736 _____ () C:\Users\HomePC\Downloads\battlelog-web-plugins_2.6.2_154 (3).exe
    2014-12-31 09:49 - 2014-06-27 01:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-12-31 09:44 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-31 09:44 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-31 09:44 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-31 09:44 - 2014-11-22 02:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-31 09:44 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-31 09:44 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-31 09:44 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-31 09:44 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-31 09:44 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-31 09:44 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-31 09:44 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-31 09:44 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-31 09:44 - 2014-11-22 01:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-31 09:44 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-31 09:44 - 2014-11-22 01:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-31 09:44 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-31 09:44 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-31 09:44 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-31 09:44 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-31 09:44 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-31 09:44 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-31 09:44 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-31 09:44 - 2014-11-22 01:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-31 09:44 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-31 09:44 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-31 09:44 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-31 09:44 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-31 09:44 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-31 09:44 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-31 09:44 - 2014-09-05 01:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-31 09:44 - 2014-08-29 01:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-12-31 09:44 - 2014-06-24 02:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-12-31 09:44 - 2011-03-11 05:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
    2014-12-31 09:43 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2014-12-31 09:43 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2014-12-31 09:43 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2014-12-31 09:43 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2014-12-31 09:43 - 2014-07-09 01:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2014-12-31 09:43 - 2014-07-08 22:30 - 00419992 _____ () C:\Windows\system32\locale.nls
    2014-12-31 09:43 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2014-12-31 09:43 - 2013-11-23 18:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2014-12-31 09:43 - 2012-02-11 05:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2014-12-31 09:43 - 2011-03-11 05:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
    2014-12-31 09:43 - 2011-03-11 05:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
    2014-12-31 09:43 - 2011-03-11 05:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
    2014-12-31 09:43 - 2011-03-11 05:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
    2014-12-31 09:43 - 2011-03-11 05:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
    2014-12-31 09:43 - 2011-03-11 05:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2014-12-31 09:43 - 2011-03-11 04:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2014-12-31 09:43 - 2011-02-25 05:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2014-12-30 23:15 - 2014-12-31 19:40 - 00000000 ____D () C:\Users\HomePC\Desktop\PtBackup
    2014-12-30 23:11 - 2012-02-21 14:51 - 00491112 _____ (TP-LINK TECHNOLOGIES CO., LTD) C:\Windows\system32\Drivers\tpg86win7.sys
    2014-12-30 23:11 - 2012-02-21 14:51 - 00080488 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp.dll
    2014-12-30 20:53 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-30 17:48 - 2014-12-30 17:49 - 00000000 ____D () C:\Users\HomePC\Documents\Battlefield 4
    2014-12-30 17:46 - 2014-12-30 17:46 - 00000848 _____ () C:\Users\Public\Desktop\NETGEAR WNA1100 Genie.lnk
    2014-12-30 17:46 - 2014-12-30 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA1100 Genie
    2014-12-30 17:46 - 2014-12-30 17:46 - 00000000 ____D () C:\Program Files\NETGEAR
    2014-12-30 17:46 - 2011-07-22 10:35 - 00021472 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
    2014-12-30 17:46 - 2010-10-11 01:09 - 01564160 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athur.sys
    2014-12-30 17:46 - 2008-05-15 02:28 - 00020384 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\jswpslwf.sys
    2014-12-30 17:45 - 2014-12-30 17:45 - 00000000 ____D () C:\Users\HomePC\Downloads\WNA1100-Setup-V2.2.0.1-1_signed
    2014-12-30 17:44 - 2014-12-30 17:45 - 84403983 _____ () C:\Users\HomePC\Downloads\
    2014-12-30 17:43 - 2014-05-08 09:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2014-12-30 15:50 - 2014-12-28 22:31 - 157053068 _____ () C:\Users\HomePC\Desktop\BIKE FALL DEC 2014.AVI
    2014-12-30 14:46 - 2015-01-21 14:34 - 00000000 ____D () C:\Users\HomePC\Desktop\GAMES
    2014-12-30 13:00 - 2012-08-23 14:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-12-30 13:00 - 2012-08-23 14:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-12-30 13:00 - 2012-08-23 11:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
    2014-12-30 12:59 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-30 12:59 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-12-30 12:59 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2014-12-30 12:59 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2014-12-30 12:59 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2014-12-30 12:58 - 2013-10-02 00:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-12-30 12:58 - 2013-10-02 00:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-12-30 12:58 - 2013-10-02 00:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-12-30 12:58 - 2013-10-02 00:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-12-30 12:58 - 2013-10-02 00:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-12-30 12:58 - 2013-10-01 23:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-12-30 12:58 - 2013-10-01 23:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-12-30 12:58 - 2013-10-01 23:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-12-30 12:58 - 2013-10-01 22:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-12-30 12:58 - 2013-10-01 22:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-12-30 12:56 - 2014-12-30 12:56 - 01534736 _____ () C:\Users\HomePC\Downloads\battlelog-web-plugins_2.6.2_154 (2).exe
    2014-12-30 12:56 - 2014-12-30 12:56 - 01534736 _____ () C:\Users\HomePC\Downloads\battlelog-web-plugins_2.6.2_154 (1).exe
    2014-12-30 12:52 - 2012-07-26 03:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2014-12-30 12:52 - 2012-07-26 03:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
    2014-12-30 12:52 - 2012-07-26 03:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2014-12-30 12:52 - 2012-07-26 03:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2014-12-30 12:52 - 2012-07-26 03:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
    2014-12-30 12:52 - 2012-07-26 02:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2014-12-30 12:52 - 2012-07-26 02:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2014-12-30 12:52 - 2012-06-02 14:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    2014-12-30 12:48 - 2014-12-30 12:49 - 01534736 _____ () C:\Users\HomePC\Downloads\battlelog-web-plugins_2.6.2_154.exe
    2014-12-30 12:46 - 2013-05-10 04:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2014-12-30 12:46 - 2013-05-10 04:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2014-12-30 12:41 - 2014-10-14 01:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-12-30 12:41 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-30 12:41 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-30 12:41 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-30 12:41 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-30 12:41 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-30 12:41 - 2014-08-01 11:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-12-30 12:41 - 2014-06-25 01:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-12-30 12:41 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
    2014-12-30 12:41 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
    2014-12-30 12:41 - 2013-08-28 00:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2014-12-30 12:41 - 2013-05-10 03:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
    2014-12-30 12:41 - 2012-12-07 12:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2014-12-30 12:41 - 2012-12-07 12:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
    2014-12-30 12:41 - 2012-12-07 10:46 - 00055296 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00051712 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00046592 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00045568 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00044544 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00043520 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00040960 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00030720 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00023552 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00021504 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-12-07 10:46 - 00015360 _____ (Microsoft) C:\Windows\system32\
    2014-12-30 12:41 - 2012-10-03 16:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
    2014-12-30 12:41 - 2012-10-03 16:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2014-12-30 12:41 - 2012-10-03 16:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2014-12-30 12:41 - 2012-10-03 16:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
    2014-12-30 12:41 - 2012-10-03 16:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2014-12-30 12:41 - 2012-10-03 15:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2014-12-30 12:41 - 2012-08-21 20:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
    2014-12-30 12:41 - 2012-01-04 08:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
    2014-12-30 12:40 - 2014-11-11 01:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-30 12:40 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-30 12:40 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-30 12:40 - 2014-09-25 01:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-12-30 12:40 - 2014-02-04 02:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-12-30 12:40 - 2014-02-04 02:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-12-30 12:40 - 2014-02-04 02:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-12-30 12:40 - 2014-02-04 02:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-12-30 12:40 - 2014-01-28 02:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2014-12-30 12:40 - 2014-01-24 02:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-12-30 12:40 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
    2014-12-30 12:40 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
    2014-12-30 12:40 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
    2014-12-30 12:40 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
    2014-12-30 12:40 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
    2014-12-30 12:40 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
    2014-12-30 12:40 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
    2014-12-30 12:40 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
    2014-12-30 12:40 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
    2014-12-30 12:40 - 2013-10-30 02:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2014-12-30 12:40 - 2013-08-05 01:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2014-12-30 12:40 - 2013-07-04 11:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-12-30 12:40 - 2013-07-04 11:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2014-12-30 12:40 - 2013-03-19 03:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2014-12-30 12:40 - 2013-01-24 04:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2014-12-30 12:40 - 2012-10-09 17:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2014-12-30 12:40 - 2012-10-09 17:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
    2014-12-30 12:40 - 2012-08-22 17:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2014-12-30 12:40 - 2012-07-04 19:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
    2014-12-30 12:40 - 2012-05-05 07:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2014-12-30 12:40 - 2011-12-30 05:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
    2014-12-30 12:40 - 2011-06-16 04:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
    2014-12-30 12:40 - 2011-05-04 04:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2014-12-30 12:40 - 2011-05-04 04:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2014-12-30 12:40 - 2011-05-04 04:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2014-12-30 12:40 - 2011-05-04 04:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2014-12-30 12:40 - 2011-05-04 04:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2014-12-30 12:40 - 2011-05-04 04:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2014-12-30 12:40 - 2011-05-04 04:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2014-12-30 12:40 - 2011-05-04 04:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2014-12-30 12:40 - 2011-05-04 04:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2014-12-30 12:40 - 2011-02-18 05:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
    2014-12-30 12:34 - 2014-12-30 12:34 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Adobe
    2014-12-30 11:44 - 2014-06-30 22:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-12-30 11:44 - 2014-06-06 06:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-12-30 11:44 - 2014-03-09 21:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-12-30 11:44 - 2014-03-09 21:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-12-30 11:43 - 2012-03-01 05:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2014-12-30 11:43 - 2012-03-01 05:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-12-30 11:27 - 2014-12-30 11:27 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-12-30 11:27 - 2014-12-30 11:27 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-12-30 11:27 - 2014-12-30 11:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-12-30 11:27 - 2014-12-30 11:27 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-12-30 11:27 - 2014-12-30 11:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-12-30 11:27 - 2014-12-30 11:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-12-30 11:27 - 2014-12-30 11:27 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-12-30 11:27 - 2014-12-30 11:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-12-30 11:27 - 2014-12-30 11:27 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-12-30 11:26 - 2014-12-30 11:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-12-30 11:26 - 2014-12-30 11:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2014-12-30 11:26 - 2014-12-30 11:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2014-12-30 11:26 - 2014-12-30 11:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2014-12-30 11:26 - 2014-12-30 11:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2014-12-30 11:26 - 2014-12-30 11:26 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
    2014-12-30 11:26 - 2014-12-30 11:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-12-30 11:25 - 2014-12-30 11:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-12-30 11:24 - 2014-12-30 11:24 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
    2014-12-30 11:23 - 2014-12-30 11:28 - 00013785 _____ () C:\Windows\IE11_main.log
    2014-12-30 11:19 - 2014-11-11 02:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-12-30 11:19 - 2014-11-11 02:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-12-30 11:19 - 2014-10-18 01:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-12-30 11:19 - 2014-08-23 01:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-12-30 11:19 - 2014-08-21 06:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-12-30 11:19 - 2014-08-21 06:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-12-30 11:19 - 2014-08-12 01:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2014-12-30 11:19 - 2014-07-17 01:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2014-12-30 11:19 - 2014-07-17 01:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-12-30 11:19 - 2014-07-17 01:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2014-12-30 11:19 - 2014-07-17 01:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2014-12-30 11:19 - 2014-07-17 01:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-12-30 11:19 - 2014-07-14 01:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-12-30 11:19 - 2014-06-16 01:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-12-30 11:19 - 2014-06-16 01:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2014-12-30 11:19 - 2014-06-16 01:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2014-12-30 11:19 - 2014-03-26 14:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2014-12-30 11:19 - 2014-03-26 14:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2014-12-30 11:19 - 2014-03-04 09:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2014-12-30 11:19 - 2013-10-19 01:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2014-12-30 11:19 - 2013-10-12 02:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2014-12-30 11:19 - 2013-10-12 02:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2014-12-30 11:19 - 2013-10-12 01:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2014-12-30 11:19 - 2013-10-12 01:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2014-12-30 11:19 - 2013-07-09 04:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2014-12-30 11:19 - 2013-07-04 11:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2014-12-30 11:19 - 2013-07-03 04:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
    2014-12-30 11:19 - 2013-07-03 03:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2014-12-30 11:19 - 2013-07-03 03:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
    2014-12-30 11:19 - 2013-02-12 03:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2014-12-30 11:19 - 2012-11-02 05:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
    2014-12-30 11:19 - 2012-06-06 05:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
    2014-12-30 11:19 - 2012-04-26 04:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
    2014-12-30 11:19 - 2012-04-26 04:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
    2014-12-30 11:19 - 2011-08-27 04:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
    2014-12-30 11:19 - 2011-08-17 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2014-12-30 11:19 - 2011-08-17 04:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-30 11:19 - 2011-07-09 02:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2014-12-30 11:19 - 2011-05-24 10:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
    2014-12-30 11:19 - 2011-04-29 02:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2014-12-30 11:19 - 2011-04-29 02:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2014-12-30 11:19 - 2011-04-29 02:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2014-12-30 11:19 - 2011-04-27 02:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2014-12-30 11:19 - 2011-04-27 02:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2014-12-30 11:19 - 2011-03-03 05:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2014-12-30 11:19 - 2011-03-03 05:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2014-12-30 11:19 - 2011-03-03 05:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
    2014-12-30 11:18 - 2014-10-14 01:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-12-30 11:18 - 2014-10-14 01:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-12-30 11:18 - 2014-10-14 01:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-12-30 11:18 - 2014-10-14 01:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-12-30 11:18 - 2014-10-14 01:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-12-30 11:18 - 2014-10-03 01:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-12-30 11:18 - 2014-10-03 01:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-12-30 11:18 - 2014-10-03 01:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-12-30 11:18 - 2014-10-03 01:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-12-30 11:18 - 2014-10-03 01:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-12-30 11:18 - 2014-09-04 05:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-12-30 11:18 - 2014-04-12 02:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2014-12-30 11:18 - 2014-04-12 02:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2014-12-30 11:18 - 2014-04-12 02:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2014-12-30 11:18 - 2014-04-12 02:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2014-12-30 11:18 - 2014-04-12 02:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2014-12-30 11:18 - 2013-10-04 01:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2014-12-30 11:18 - 2013-10-04 01:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2014-12-30 11:18 - 2013-07-04 12:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-12-30 11:18 - 2013-02-27 04:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-12-30 11:18 - 2011-10-26 04:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2014-12-30 11:15 - 2014-10-25 01:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-12-30 11:15 - 2014-10-10 00:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-12-30 11:15 - 2014-09-19 09:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-12-30 11:15 - 2014-09-19 09:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-12-30 11:15 - 2014-09-19 09:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-12-30 11:15 - 2014-09-19 09:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-12-30 11:15 - 2014-09-19 09:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-12-30 11:15 - 2014-09-19 09:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-12-30 11:15 - 2014-06-18 22:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2014-12-30 11:15 - 2014-06-18 22:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2014-12-30 11:15 - 2014-06-18 22:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
    2014-12-30 11:15 - 2014-06-18 01:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-12-30 11:15 - 2014-06-06 09:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-12-30 11:15 - 2014-06-03 09:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-12-30 11:15 - 2014-06-03 09:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-12-30 11:15 - 2014-06-03 09:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-12-30 11:15 - 2014-05-30 06:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-12-30 11:15 - 2014-04-25 02:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2014-12-30 11:15 - 2014-04-05 02:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-12-30 11:15 - 2014-04-05 02:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-12-30 11:15 - 2014-03-04 09:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-12-30 11:15 - 2014-01-29 02:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2014-12-30 11:15 - 2013-11-27 01:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-12-30 11:15 - 2013-11-27 01:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-12-30 11:15 - 2013-11-27 01:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-12-30 11:15 - 2013-11-27 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-12-30 11:15 - 2013-11-27 01:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-12-30 11:15 - 2013-11-27 01:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2014-12-30 11:15 - 2013-11-27 01:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-12-30 11:15 - 2013-11-26 11:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-12-30 11:15 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2014-12-30 11:15 - 2013-10-12 02:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2014-12-30 11:15 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2014-12-30 11:15 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-30 11:15 - 2013-08-02 01:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 00:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-12-30 11:15 - 2013-08-02 00:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 00:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2014-12-30 11:15 - 2013-08-02 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2014-12-30 11:15 - 2013-07-26 01:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2014-12-30 11:15 - 2013-07-25 08:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-12-30 11:15 - 2013-07-20 10:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2014-12-30 11:15 - 2013-07-12 10:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
    2014-12-30 11:15 - 2013-07-09 04:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2014-12-30 11:15 - 2013-07-09 04:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2014-12-30 11:15 - 2013-06-25 22:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2014-12-30 11:15 - 2013-06-06 04:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2014-12-30 11:15 - 2013-06-06 04:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2014-12-30 11:15 - 2013-06-06 04:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2014-12-30 11:15 - 2013-06-06 03:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2014-12-30 11:15 - 2013-06-06 03:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2014-12-30 11:15 - 2013-05-13 03:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
    2014-12-30 11:15 - 2013-05-13 03:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
    2014-12-30 11:15 - 2013-04-26 04:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2014-12-30 11:15 - 2012-11-28 22:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
    2014-12-30 11:15 - 2012-11-28 22:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
    2014-12-30 11:15 - 2012-11-28 22:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    2014-12-30 11:15 - 2012-09-25 22:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
    2014-12-30 11:15 - 2012-07-04 21:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
    2014-12-30 11:15 - 2012-07-04 21:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2014-12-30 11:15 - 2012-07-04 21:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
    2014-12-30 11:15 - 2012-05-14 04:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2014-12-30 11:15 - 2012-03-17 07:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2014-12-30 11:15 - 2012-02-17 05:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2014-12-30 11:15 - 2012-02-17 04:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
    2014-12-30 11:15 - 2011-12-16 07:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
    2014-12-30 11:15 - 2011-11-17 05:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
    2014-12-30 11:15 - 2011-10-15 05:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2014-12-30 11:15 - 2011-06-15 08:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
    2014-12-30 11:15 - 2011-06-15 08:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
    2014-12-30 11:15 - 2011-06-15 08:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
    2014-12-30 11:15 - 2011-06-15 08:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
    2014-12-30 11:15 - 2011-06-15 08:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
    2014-12-30 11:15 - 2011-05-03 04:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2014-12-30 11:15 - 2011-03-11 05:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
    2014-12-30 11:15 - 2011-03-11 05:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
    2014-12-30 11:15 - 2011-02-23 04:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2014-12-30 11:15 - 2011-02-12 05:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
    2014-12-30 11:15 - 2010-12-23 05:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2014-12-30 11:15 - 2010-12-23 05:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
    2014-12-30 11:15 - 2010-12-23 05:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-30 11:09 - 2014-12-30 11:09 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Nvidia Corporation

  8. #8
    Junior Member
    Join Date
    Jan 2015

    Default Scan result of Farbar Recovery Scan Tool continued

    2014-12-30 09:02 - 2014-12-30 09:02 - 00000000 ____D () C:\Users\HomePC\Documents\Electronic Arts
    2014-12-29 23:03 - 2015-01-21 14:25 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\vlc
    2014-12-29 23:03 - 2014-12-29 23:03 - 00001024 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2014-12-29 23:03 - 2014-12-29 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2014-12-29 23:03 - 2014-12-29 23:03 - 00000000 ____D () C:\Program Files\VideoLAN
    2014-12-29 23:02 - 2014-12-29 23:02 - 24743106 _____ () C:\Users\HomePC\Downloads\vlc-2.1.5-win32.exe
    2014-12-29 23:01 - 2014-12-29 23:01 - 00373080 _____ () C:\Users\HomePC\Downloads\SoftonicDownloader_for_vlc-media-player.exe
    2014-12-29 22:20 - 2014-12-30 17:47 - 00000000 ____D () C:\Temp
    2014-12-29 22:20 - 2014-12-13 07:03 - 00620176 _____ () C:\Windows\system32\nvStreaming.exe
    2014-12-29 22:19 - 2014-05-14 16:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-12-29 22:19 - 2014-05-14 16:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-12-29 22:19 - 2014-05-14 16:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-12-29 22:19 - 2014-05-14 16:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-12-29 22:19 - 2014-05-14 16:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-12-29 22:19 - 2014-05-14 16:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-12-29 22:19 - 2014-05-14 16:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-12-29 22:19 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-12-29 22:19 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-12-29 22:18 - 2014-12-13 10:02 - 24764048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 20465808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 10771128 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 10710344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 08536208 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2014-12-29 22:18 - 2014-12-13 10:02 - 03249984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 01047696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234709.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 00927888 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234709.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 00905360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 00877984 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 00305136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
    2014-12-29 22:18 - 2014-12-13 10:02 - 00164752 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
    2014-12-29 22:18 - 2014-10-09 17:02 - 00161424 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
    2014-12-29 22:18 - 2014-10-09 17:02 - 00027280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
    2014-12-29 22:18 - 2014-10-09 07:17 - 00908608 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco32.dll
    2014-12-29 21:55 - 2014-12-29 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
    2014-12-29 21:55 - 2014-09-16 18:45 - 00447752 _____ ( C:\Windows\system32\vp6vfw.dll
    2014-12-29 21:50 - 2015-01-21 13:52 - 00000000 ____D () C:\Windows\Minidump
    2014-12-29 21:50 - 2015-01-10 15:35 - 220415051 _____ () C:\Windows\MEMORY.DMP
    2014-12-29 21:50 - 2014-12-29 21:50 - 00538976 _____ () C:\Windows\Minidump\122914-14664-01.dmp
    2014-12-29 04:10 - 2014-12-28 20:32 - 00000000 ____D () C:\Windows\Panther
    2014-12-28 23:26 - 2014-12-31 16:06 - 00000000 ____D () C:\Program Files\Battlelog Web Plugins
    2014-12-28 23:26 - 2014-12-28 23:26 - 00138904 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
    2014-12-28 23:26 - 2014-12-28 23:26 - 00138904 _____ () C:\Users\HomePC\AppData\Roaming\PnkBstrK.sys
    2014-12-28 23:26 - 2014-12-28 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
    2014-12-28 23:25 - 2015-01-06 20:21 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-12-28 23:25 - 2014-12-28 23:25 - 00281872 _____ () C:\Windows\system32\PnkBstrB.exe
    2014-12-28 23:25 - 2014-12-28 23:25 - 00281872 _____ () C:\Windows\system32\PnkBstrB.ex0
    2014-12-28 23:25 - 2014-12-28 23:25 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
    2014-12-28 23:25 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2014-12-28 23:25 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2014-12-28 23:25 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2014-12-28 23:25 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2014-12-28 23:25 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2014-12-28 23:25 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2014-12-28 23:25 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2014-12-28 23:25 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2014-12-28 23:25 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
    2014-12-28 23:25 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
    2014-12-28 23:25 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
    2014-12-28 23:25 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
    2014-12-28 23:25 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
    2014-12-28 23:25 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
    2014-12-28 23:25 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
    2014-12-28 23:25 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
    2014-12-28 23:25 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
    2014-12-28 23:25 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2014-12-28 23:25 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2014-12-28 23:25 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
    2014-12-28 23:25 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
    2014-12-28 23:25 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
    2014-12-28 23:25 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
    2014-12-28 23:25 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
    2014-12-28 23:25 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
    2014-12-28 23:25 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
    2014-12-28 23:25 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
    2014-12-28 23:25 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
    2014-12-28 23:25 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
    2014-12-28 23:25 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
    2014-12-28 23:25 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
    2014-12-28 23:25 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
    2014-12-28 23:25 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
    2014-12-28 23:25 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
    2014-12-28 23:25 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
    2014-12-28 23:25 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
    2014-12-28 23:25 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
    2014-12-28 23:25 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
    2014-12-28 23:25 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
    2014-12-28 23:25 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
    2014-12-28 23:25 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
    2014-12-28 23:25 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
    2014-12-28 23:25 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
    2014-12-28 23:25 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
    2014-12-28 23:25 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
    2014-12-28 23:25 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
    2014-12-28 23:25 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
    2014-12-28 23:25 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
    2014-12-28 23:25 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
    2014-12-28 23:25 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
    2014-12-28 23:25 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
    2014-12-28 23:25 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
    2014-12-28 23:25 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
    2014-12-28 23:25 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
    2014-12-28 23:25 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
    2014-12-28 23:25 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
    2014-12-28 23:25 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
    2014-12-28 23:25 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
    2014-12-28 23:25 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2014-12-28 23:25 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
    2014-12-28 23:25 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
    2014-12-28 23:25 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
    2014-12-28 23:25 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
    2014-12-28 23:25 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
    2014-12-28 23:25 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
    2014-12-28 23:25 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2014-12-28 23:25 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2014-12-28 23:25 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
    2014-12-28 23:25 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2014-12-28 23:25 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
    2014-12-28 23:25 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2014-12-28 23:25 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2014-12-28 23:25 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2014-12-28 23:25 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2014-12-28 23:25 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
    2014-12-28 23:25 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2014-12-28 23:25 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2014-12-28 23:25 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2014-12-28 23:25 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2014-12-28 23:25 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2014-12-28 23:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2014-12-28 23:25 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2014-12-28 23:25 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2014-12-28 23:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2014-12-28 23:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2014-12-28 23:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2014-12-28 23:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2014-12-28 23:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2014-12-28 23:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2014-12-28 23:25 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2014-12-28 23:25 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2014-12-28 22:32 - 2015-01-19 16:09 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-12-28 22:02 - 2014-12-28 22:02 - 00000000 ____D () C:\Windows\system32\SPReview
    2014-12-28 22:02 - 2014-12-28 22:02 - 00000000 ____D () C:\Windows\system32\EventProviders
    2014-12-28 22:00 - 2015-01-18 14:01 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2014-12-28 22:00 - 2015-01-18 14:01 - 00000000 ____D () C:\Program Files\Kaspersky Lab
    2014-12-28 21:56 - 2015-01-21 14:29 - 00000000 ____D () C:\Program Files\Origin Games
    2014-12-28 21:56 - 2010-11-20 12:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
    2014-12-28 21:56 - 2010-11-20 12:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
    2014-12-28 21:56 - 2010-11-20 12:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
    2014-12-28 21:56 - 2010-11-20 12:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
    2014-12-28 21:56 - 2010-11-20 12:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00175360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00078208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00040704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
    2014-12-28 21:56 - 2010-11-20 12:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
    2014-12-28 21:56 - 2010-11-20 12:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
    2014-12-28 21:56 - 2010-11-20 12:29 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
    2014-12-28 21:56 - 2010-11-20 12:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
    2014-12-28 21:56 - 2010-11-20 12:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
    2014-12-28 21:56 - 2010-11-20 12:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2014-12-28 21:56 - 2010-11-20 12:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
    2014-12-28 21:56 - 2010-11-20 12:29 - 00043392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
    2014-12-28 21:56 - 2010-11-20 12:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
    2014-12-28 21:56 - 2010-11-20 12:24 - 00690680 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2014-12-28 21:56 - 2010-11-20 12:24 - 00508904 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-12-28 21:56 - 2010-11-20 12:24 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-12-28 21:56 - 2010-11-20 12:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
    2014-12-28 21:56 - 2010-11-20 12:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2014-12-28 21:56 - 2010-11-20 12:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2014-12-28 21:56 - 2010-11-20 12:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2014-12-28 21:56 - 2010-11-20 12:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
    2014-12-28 21:56 - 2010-11-20 12:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
    2014-12-28 21:56 - 2010-11-20 12:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2014-12-28 21:56 - 2010-11-20 12:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
    2014-12-28 21:56 - 2010-11-20 12:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
    2014-12-28 21:56 - 2010-11-20 12:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
    2014-12-28 21:56 - 2010-11-20 12:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
    2014-12-28 21:56 - 2010-11-20 12:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
    2014-12-28 21:56 - 2010-11-20 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
    2014-12-28 21:56 - 2010-11-20 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
    2014-12-28 21:56 - 2010-11-20 12:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2014-12-28 21:56 - 2010-11-20 12:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
    2014-12-28 21:56 - 2010-11-20 12:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
    2014-12-28 21:56 - 2010-11-20 12:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
    2014-12-28 21:56 - 2010-11-20 12:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
    2014-12-28 21:56 - 2010-11-20 12:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
    2014-12-28 21:56 - 2010-11-20 12:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2014-12-28 21:56 - 2010-11-20 12:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
    2014-12-28 21:56 - 2010-11-20 12:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
    2014-12-28 21:56 - 2010-11-20 12:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
    2014-12-28 21:56 - 2010-11-20 12:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00080896 _____ () C:\Windows\system32\RDVGHelper.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00066048 _____ () C:\Windows\system32\PrintBrmUi.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
    2014-12-28 21:56 - 2010-11-20 12:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
    2014-12-28 21:56 - 2010-11-20 12:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
    2014-12-28 21:56 - 2010-11-20 12:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
    2014-12-28 21:56 - 2010-11-20 12:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2014-12-28 21:56 - 2010-11-20 12:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
    2014-12-28 21:56 - 2010-11-20 12:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
    2014-12-28 21:56 - 2010-11-20 12:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
    2014-12-28 21:56 - 2010-11-20 12:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
    2014-12-28 21:56 - 2010-11-20 12:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
    2014-12-28 21:56 - 2010-11-20 12:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
    2014-12-28 21:56 - 2010-11-20 12:16 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\
    2014-12-28 21:56 - 2010-11-20 12:16 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
    2014-12-28 21:56 - 2010-11-20 12:16 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
    2014-12-28 21:56 - 2010-11-20 12:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
    2014-12-28 21:56 - 2010-11-20 12:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
    2014-12-28 21:56 - 2010-11-20 12:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
    2014-12-28 21:56 - 2010-11-20 12:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
    2014-12-28 21:56 - 2010-11-20 12:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
    2014-12-28 21:56 - 2010-11-20 12:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
    2014-12-28 21:56 - 2010-11-20 12:03 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
    2014-12-28 21:56 - 2010-11-20 12:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
    2014-12-28 21:56 - 2010-11-20 12:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
    2014-12-28 21:56 - 2010-11-20 12:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
    2014-12-28 21:56 - 2010-11-20 12:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
    2014-12-28 21:56 - 2010-11-20 12:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
    2014-12-28 21:56 - 2010-11-20 12:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
    2014-12-28 21:56 - 2010-11-20 11:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
    2014-12-28 21:56 - 2010-11-20 11:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
    2014-12-28 21:56 - 2010-11-20 11:54 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-28 21:56 - 2010-11-20 10:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
    2014-12-28 21:56 - 2010-11-20 10:24 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
    2014-12-28 21:56 - 2010-11-20 10:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
    2014-12-28 21:56 - 2010-11-20 10:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
    2014-12-28 21:56 - 2010-11-20 10:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll
    2014-12-28 21:56 - 2010-11-20 10:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys
    2014-12-28 21:56 - 2010-11-20 10:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
    2014-12-28 21:56 - 2010-11-20 10:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2014-12-28 21:56 - 2010-11-20 10:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2014-12-28 21:56 - 2010-11-20 10:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2014-12-28 21:56 - 2010-11-20 10:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
    2014-12-28 21:56 - 2010-11-20 10:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
    2014-12-28 21:56 - 2010-11-20 10:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
    2014-12-28 21:56 - 2010-11-20 10:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
    2014-12-28 21:56 - 2010-11-20 10:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
    2014-12-28 21:56 - 2010-11-20 10:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
    2014-12-28 21:56 - 2010-11-20 10:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
    2014-12-28 21:56 - 2010-11-20 09:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2014-12-28 21:56 - 2010-11-20 09:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
    2014-12-28 21:56 - 2010-11-20 09:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2014-12-28 21:56 - 2010-11-20 09:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
    2014-12-28 21:56 - 2010-11-20 09:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
    2014-12-28 21:56 - 2010-11-20 09:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
    2014-12-28 21:56 - 2010-11-20 09:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2014-12-28 21:56 - 2010-11-20 09:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
    2014-12-28 21:56 - 2010-11-20 09:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2014-12-28 21:56 - 2010-11-20 09:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
    2014-12-28 21:56 - 2010-11-20 09:14 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
    2014-12-28 21:56 - 2010-11-20 09:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
    2014-12-28 21:56 - 2010-11-20 09:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
    2014-12-28 21:56 - 2010-11-20 09:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
    2014-12-28 21:56 - 2010-11-20 09:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
    2014-12-28 21:56 - 2010-11-20 09:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
    2014-12-28 21:56 - 2010-11-20 09:14 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
    2014-12-28 21:56 - 2010-11-20 08:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
    2014-12-28 21:56 - 2010-11-20 08:44 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
    2014-12-28 21:56 - 2010-11-20 08:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2014-12-28 21:56 - 2010-11-20 08:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2014-12-28 21:56 - 2010-11-20 08:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2014-12-28 21:56 - 2010-11-20 08:40 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2014-12-28 21:56 - 2010-11-20 08:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2014-12-28 21:56 - 2010-11-20 08:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
    2014-12-28 21:56 - 2010-11-20 08:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
    2014-12-28 21:56 - 2010-11-20 05:23 - 00053600 _____ () C:\Windows\system32\dosx.exe
    2014-12-28 21:56 - 2010-11-10 01:45 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml
    2014-12-28 21:56 - 2010-11-05 02:20 - 00146852 _____ () C:\Windows\system32\systemsf.ebd
    2014-12-28 21:56 - 2010-11-05 02:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml
    2014-12-28 21:56 - 2010-11-05 02:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
    2014-12-28 21:56 - 2010-11-05 01:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
    2014-12-28 21:56 - 2010-11-05 01:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
    2014-12-28 21:56 - 2010-11-05 01:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
    2014-12-28 21:56 - 2010-11-05 01:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
    2014-12-28 21:55 - 2014-12-28 21:56 - 193804728 _____ (Kaspersky Lab ZAO) C:\Users\HomePC\Downloads\pur13.0.2.558abcdEN_5359.exe
    2014-12-28 21:54 - 2015-01-20 09:19 - 00000000 ____D () C:\ProgramData\Origin
    2014-12-28 21:54 - 2015-01-20 09:15 - 00000000 ____D () C:\Program Files\Origin
    2014-12-28 21:54 - 2015-01-14 19:28 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Origin
    2014-12-28 21:54 - 2014-12-30 17:48 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Origin
    2014-12-28 21:54 - 2014-12-30 08:54 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2014-12-28 21:54 - 2014-12-28 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2014-12-28 21:53 - 2014-12-28 21:53 - 17102864 _____ (Electronic Arts, Inc.) C:\Users\HomePC\Downloads\OriginThinSetup.exe
    2014-12-28 21:52 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files\Steam
    2014-12-28 21:52 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files\Common Files\Steam
    2014-12-28 21:52 - 2014-12-28 21:52 - 01142392 _____ () C:\Users\HomePC\Downloads\SteamSetup.exe
    2014-12-28 21:52 - 2014-12-28 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2014-12-28 21:32 - 2014-12-30 17:46 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
    2014-12-28 21:32 - 2014-12-28 21:32 - 00413696 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
    2014-12-28 21:32 - 2014-12-28 21:32 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
    2014-12-28 21:32 - 2014-12-28 21:32 - 00007897 _____ () C:\Windows\SMinstall.log
    2014-12-28 21:32 - 2014-12-28 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundMAX
    2014-12-28 21:32 - 2014-12-28 21:32 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\InstallShield
    2014-12-28 21:32 - 2014-12-28 21:32 - 00000000 ____D () C:\ProgramData\SonicFocus
    2014-12-28 21:32 - 2014-12-28 21:32 - 00000000 ____D () C:\Program Files\Creative
    2014-12-28 21:32 - 2014-12-28 21:32 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
    2014-12-28 21:32 - 2014-12-28 21:32 - 00000000 ____D () C:\Program Files\Analog Devices
    2014-12-28 21:32 - 2008-09-17 15:07 - 01503232 ____N (Creative) C:\Windows\system32\adi_oal.dll
    2014-12-28 21:31 - 2014-12-28 21:32 - 00000000 ____D () C:\Users\HomePC\Downloads\AD1988AB_Audio_V6585_XpVistaWin7
    2014-12-28 21:30 - 2014-12-28 21:30 - 76350411 _____ () C:\Users\HomePC\Downloads\AD1988AB_Audio_V6585_XpVistaWin7 (1).zip
    2014-12-28 21:30 - 2014-12-28 21:30 - 00001769 _____ () C:\Windows\Language_trs.ini
    2014-12-28 21:17 - 2014-12-28 22:41 - 00000000 ____D () C:\Users\HomePC\AppData\Local\NVIDIA
    2014-12-28 21:16 - 2015-01-18 16:13 - 00033406 _____ () C:\Windows\PFRO.log
    2014-12-28 20:52 - 2014-12-28 20:53 - 76350411 _____ () C:\Users\HomePC\Downloads\
    2014-12-28 20:51 - 2014-12-28 20:52 - 120177816 _____ () C:\Users\HomePC\Downloads\
    2014-12-28 20:50 - 2015-01-10 05:08 - 00000000 ____D () C:\Program Files\Microsoft.NET
    2014-12-28 20:50 - 2014-12-28 20:50 - 00000000 ____D () C:\ProgramData\boost_interprocess
    2014-12-28 20:50 - 2014-11-22 10:46 - 00032912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
    2014-12-28 20:50 - 2014-11-22 10:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
    2014-12-28 20:49 - 2014-12-28 20:49 - 31338232 _____ (NVIDIA Corporation) C:\Users\HomePC\Downloads\GeForce_Experience_v2.1.5.0.exe
    2014-12-28 20:47 - 2015-01-08 09:55 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-12-28 20:47 - 2014-12-29 22:20 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-12-28 20:47 - 2014-12-29 22:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-12-28 20:47 - 2014-12-28 22:41 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-12-28 20:47 - 2014-12-13 10:02 - 00060560 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2014-12-28 20:47 - 2014-12-13 07:30 - 04403016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2014-12-28 20:47 - 2014-12-13 07:30 - 03056784 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
    2014-12-28 20:47 - 2014-12-13 07:30 - 02554000 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2014-12-28 20:47 - 2014-12-13 07:30 - 00669840 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2014-12-28 20:47 - 2014-12-13 07:30 - 00375112 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2014-12-28 20:47 - 2014-12-13 07:30 - 00062784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2014-12-28 20:47 - 2014-12-11 12:49 - 04151176 _____ () C:\Windows\system32\nvcoproc.bin
    2014-12-28 20:46 - 2015-01-21 14:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-28 20:46 - 2015-01-21 13:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-28 20:46 - 2015-01-18 14:05 - 00000000 ____D () C:\Program Files\Google
    2014-12-28 20:46 - 2015-01-18 14:02 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Google
    2014-12-28 20:46 - 2015-01-18 09:52 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-12-28 20:46 - 2014-12-28 20:46 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Deployment
    2014-12-28 20:46 - 2014-12-28 20:46 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Apps\2.0
    2014-12-28 20:46 - 2014-12-28 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-12-28 20:45 - 2015-01-14 21:17 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-28 20:45 - 2015-01-14 21:13 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-28 20:44 - 2011-04-09 05:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2014-12-28 20:42 - 2015-01-10 14:40 - 00109280 _____ () C:\Users\HomePC\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-12-28 20:42 - 2015-01-03 17:26 - 00000000 ____D () C:\Users\HomePC\AppData\Roaming\Apple Computer
    2014-12-28 20:42 - 2014-12-28 20:42 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-12-28 20:42 - 2014-12-28 20:42 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Apple Computer
    2014-12-28 20:42 - 2014-12-28 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-12-28 20:42 - 2014-12-28 20:42 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
    2014-12-28 20:42 - 2014-12-28 20:42 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-12-28 20:42 - 2014-12-28 20:42 - 00000000 ____D () C:\Program Files\iTunes
    2014-12-28 20:42 - 2014-12-28 20:42 - 00000000 ____D () C:\Program Files\iPod
    2014-12-28 20:42 - 2012-10-03 16:14 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2014-12-28 20:41 - 2014-12-28 20:42 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-12-28 20:41 - 2014-12-28 20:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-12-28 20:41 - 2014-12-28 20:41 - 00000000 ____D () C:\Users\HomePC\AppData\Local\Apple
    2014-12-28 20:41 - 2014-12-28 20:41 - 00000000 ____D () C:\ProgramData\Apple
    2014-12-28 20:41 - 2014-12-28 20:41 - 00000000 ____D () C:\Program Files\Bonjour
    2014-12-28 20:41 - 2014-12-28 20:41 - 00000000 ____D () C:\Program Files\Apple Software Update
    2014-12-28 20:39 - 2015-01-20 09:19 - 00006214 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-28 20:33 - 2015-01-21 14:37 - 01734299 _____ () C:\Windows\WindowsUpdate.log
    2014-12-28 20:32 - 2015-01-08 22:15 - 00000000 ____D () C:\Users\HomePC\AppData\Local\VirtualStore
    2014-12-28 20:32 - 2014-12-28 20:32 - 00001413 _____ () C:\Users\HomePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-12-28 20:32 - 2014-12-28 20:32 - 00000020 ___SH () C:\Users\HomePC\ntuser.ini
    2014-12-28 20:32 - 2014-12-28 20:32 - 00000000 __SHD () C:\Recovery
    2014-12-28 20:32 - 2014-12-28 20:32 - 00000000 ____D () C:\Users\HomePC
    2014-12-28 20:32 - 2009-07-14 04:42 - 00000000 ___RD () C:\Users\HomePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-28 20:32 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\HomePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2014-12-28 20:13 - 2014-12-28 20:13 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2014-12-28 20:13 - 2014-12-28 20:13 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2014-12-28 20:11 - 2014-12-28 20:13 - 00001313 _____ () C:\Windows\TSSysprep.log
    2014-12-28 20:11 - 2014-12-28 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2014-12-22 17:52 - 2014-12-22 17:52 - 00208856 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-21 14:39 - 2009-07-14 04:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-21 14:39 - 2009-07-14 04:39 - 00027995 _____ () C:\Windows\setupact.log
    2015-01-21 14:37 - 2009-07-14 04:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-21 14:37 - 2009-07-14 04:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-21 14:35 - 2009-07-14 04:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-01-20 21:01 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\LogFiles
    2015-01-20 08:23 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\NDF
    2015-01-18 14:01 - 2009-07-14 02:37 - 00000000 ___RD () C:\Users\Public
    2015-01-10 07:22 - 2009-07-14 04:33 - 00408064 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-10 07:02 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-01-10 06:34 - 2009-07-14 04:52 - 00000000 ____D () C:\Windows\twain_32
    2015-01-10 05:08 - 2009-07-14 07:49 - 00000000 ____D () C:\Windows\ShellNew
    2015-01-10 05:08 - 2009-07-14 04:52 - 00000000 ____D () C:\Program Files\MSBuild
    2015-01-10 05:08 - 2009-07-14 02:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2015-01-10 05:07 - 2009-07-14 02:37 - 00000000 ____D () C:\Program Files\Common Files\System
    2015-01-10 05:07 - 2009-07-14 02:04 - 00000478 _____ () C:\Windows\win.ini
    2015-01-06 20:26 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Cursors
    2015-01-01 00:53 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\rescache
    2014-12-30 17:30 - 2009-07-14 02:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-30 12:30 - 2009-07-14 07:50 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-30 12:30 - 2009-07-14 04:52 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\zh-TW
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\zh-HK
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\zh-CN
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\sv-SE
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\ru-RU
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\pt-PT
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\pt-BR
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\pl-PL
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\nl-NL
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\nb-NO
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\ko-KR
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\ja-JP
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\it-IT
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\hu-HU
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\fr-FR
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\fi-FI
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\el-GR
    2014-12-30 12:30 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\de-DE
    2014-12-29 04:09 - 2009-07-14 04:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
    2014-12-29 04:09 - 2009-07-14 04:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
    2014-12-28 22:14 - 2009-07-14 07:49 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
    2014-12-28 22:14 - 2009-07-14 04:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
    2014-12-28 22:14 - 2009-07-14 04:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
    2014-12-28 22:14 - 2009-07-14 04:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
    2014-12-28 22:14 - 2009-07-14 04:52 - 00000000 ____D () C:\Program Files\DVD Maker
    2014-12-28 22:14 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2014-12-28 22:05 - 2009-07-14 02:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00380416 _____ (Analog Devices, Inc.) C:\Windows\system32\Drivers\ADIHdAud.sys
    2014-12-28 21:31 - 2009-06-05 17:42 - 00364544 _____ (Andrea Electronics Corporation) C:\Windows\system32\AEADIExt.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00208896 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXProc.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00156672 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXCPBL.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00139264 _____ (Andrea Electronics Corporation) C:\Windows\system32\AEADIAPO.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00122880 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXCPStr.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00090112 _____ (Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
    2014-12-28 21:31 - 2009-06-05 17:42 - 00070144 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXSAPO.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00069632 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXHAPO.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00069632 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXDAPO.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00062464 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXComm.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00053760 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFFXMAPO.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00050176 _____ (Andrea Electronics Corporation) C:\Windows\system32\AEADIAPR.dll
    2014-12-28 21:31 - 2009-06-05 17:42 - 00034304 _____ (Analog Devices, Inc.) C:\Windows\system32\SmaxCo.dll
    2014-12-28 20:47 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Help
    2014-12-28 20:40 - 2009-07-14 04:52 - 00000000 ____D () C:\Windows\system32\restore
    2014-12-28 20:40 - 2009-07-14 02:37 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-12-28 20:11 - 2009-07-14 07:49 - 00000000 ____D () C:\Windows\CSC
    2014-12-28 20:11 - 2009-07-14 04:34 - 00001774 _____ () C:\Windows\DtcInstall.log

    ==================== Files in the root of some directories =======
    2014-12-28 23:26 - 2014-12-28 23:26 - 0138904 _____ () C:\Users\HomePC\AppData\Roaming\PnkBstrK.sys

    Some content of TEMP:

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-01-17 18:24

    ==================== End Of Log ============================

  9. #9
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005


    Hello Wayne,

    Quote Originally Posted by waynebinukq View Post
    I’m not sure if this information will help as Windows has been re-installed by a friend and the infection seems to be gone now, I can provide an example of the encrypted .jpg files if this will help with decryption?
    When was Windows re-installed, please be specific. Where are the infected/encrypted files held?

    Quote Originally Posted by waynebinukq View Post
    Sorry if I'm causing you any hassle.

    No hassle, we are all here to help.
    Last edited by tashi; 2015-01-21 at 17:13. Reason: Edited as log was posted.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  10. #10
    Junior Member
    Join Date
    Jan 2015


    Hi tashi,

    Windows was re-installed around Christmas time; I can’t be too specific as to the exact date.

    The encrypted files are stored on a separate storage D: drive not the C: drive, I still all the files I just can’t open or do anything with them.

    The ransomware demands I pay to have them decrypted, some of the research I’ve done around this doesn’t fill me with much hope hence the reason I’m calling upon you guys.

    I really do appreciate your time.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts