Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help_Decrypt and I let it in :-(

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help_Decrypt and I let it in :-(

Unread postby ezlivin11 » May 8th, 2015, 2:48 am

I let it in and have spent weeks trying to recover from my mistake. I do have all my data saved, but it is all suspect. At this point saving the computer is what is important. It all started buy downloading a clean-up tool and Mcafee asked do I really want to do this, and I hit ok, then it was to late. Pop-up's flooded in. I had to do a power off to stop it. I started with a Mcafee and Malwarebytes scan and things were better. After a while the computer started become un-stable, programs not starting then crashing, Mcafee and the firewall not starting, trouble loading programs. I used Glary Utilities and found a Help_Decrypt file and that it had infected my recovery drive also. So far everything I have tried, it gets better, but always comes back. So, I created a windows 8.1 image on a flash drive, and only loaded a few programs. I thought I had it, until I tried to install Office 13 pro and it wouldn't load, Tech support went in and deleted some stuff, and again instability, and crash. This round I was very careful not to delete anything and back-up every step, and I am up to Office again, so I stopped. all was working but very slow. I tried tweaking.com windows repair to fix any errors, and it has been working well for several days, and now it is starting again. I am in need of some serious help please, Thank You in advance EZ/Mike

Here are the FRST results.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by easyl_000 (administrator) on MICHAEL1 on 07-05-2015 21:21:10
Running from C:\Users\easyl_000\Downloads
Loaded Profiles: easyl_000 (Available profiles: Michael & easyl_000)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2015-05-05] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2015-05-05] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe [1101656 2015-04-09] (Nero AG)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-238807202-2743764042-2545225379-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-04-27] (Glarysoft

Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-05-05]
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-238807202-2743764042-2545225379-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-238807202-2743764042-2545225379-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-05-05] (McAfee)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-05-05] (McAfee)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee,

Inc.)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-05-05] (McAfee)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee,

Inc.)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-05-05] (McAfee)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08

-08] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-05]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-05-05]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-05]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-17] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [278880 2015-04-09] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-05] (Glarysoft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-09-11] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-17] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\AcpiVpc.sys AF7A18603B0B82DFA5B420456FAF2201
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys FE14D249D39368CA62D8DA6BC94AC694
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 1104A31260CCF4318C884E0AE6C513BF
C:\Windows\System32\drivers\bthhfenum.sys 272A62B660A48AEF366F8A1836CED19F
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\system32\DRIVERS\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\Windows\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894
C:\Windows\system32\DRIVERS\bthpan.sys 25BB93167DEF270188072603F92A1EF5
C:\Windows\System32\Drivers\BTHport.sys C37F4930795B771400C63C3C87E7A6C2
C:\Windows\System32\Drivers\BTHUSB.sys 08EA90955AED2D959EE67DF6EDF0E2B6
C:\Windows\system32\DRIVERS\btmaux.sys 4428C299BE7B9841ECFA82044B69FA6A
C:\Windows\system32\DRIVERS\btmhsf.sys 7B31A8A9DC95B3634D896FD0F2814F19
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\cfwids.sys 3B6316004C773CFAD5E6C38EC5DDDBD4
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys 8EB7E70C2D348FE2476A2E3F2D585E3D
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 3930E508DDA46C1FF68FD963F350AA0A
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\Windows\System32\drivers\dxgkrnl.sys E1BB0B6F00F470B451AB45EA13EBA0B3
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\Windows\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\Windows\System32\drivers\GUBootStartup.sys C06C3D6C5A0805B314E3E940632C97CB
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HipShieldK.sys 29F981739E50305128022CBE10B3659C
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys E87A6D3B8FECD5B93BC0CFBB48C27970
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorA.sys 57CD95DEB3529181BCC931DD2DFB2341
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\iBtFltCoex.sys 23E22B130EFE5A225E279467BE146317
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9C096BF5E10CA8BFA56F32522A89FAF1
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\Windows\System32\drivers\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\Windows\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys 4E829B18D5BAEC29893792A3C671A847
C:\Windows\System32\Drivers\ksecpkg.sys 15C8C65CEA018C02EA0F648448C491C5
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\L1C63x64.sys 4E5EA006CFFB96E0BAFC767D659AAB9A
C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\system32\drivers\mbamchameleon.sys 54D70409DE6932E9EFA117779611E7A9
C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
C:\Windows\system32\drivers\MBAMSwissArmy.sys E9CD058C79EA15B4AA93E259FA713B07
C:\Windows\system32\drivers\mwac.sys 28B597A61C9AC9B59BC0573D70A62CBF
C:\Windows\system32\drivers\McPvDrv.sys 3DA891A743F714CA07CA769AE6441424
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys 18B9AD128EC84E8D16A83F70CF36594F
C:\Windows\System32\drivers\mfeapfk.sys 1A0C96A38A888838DF9523C973E3FE87
C:\Windows\System32\drivers\mfeavfk.sys 3EAF75ED747B2D60ABA4E45107D96E80
C:\Windows\System32\drivers\mfeelamk.sys B330B4A4F5E41462AB334A26897856BD
C:\Windows\System32\drivers\mfefirek.sys 07CFCE5D75C27474E20DE8715794F229
C:\Windows\System32\drivers\mfehidk.sys 29D0483A9EBB01DB2036A52E3BF23D6B
C:\Windows\system32\DRIVERS\mfencbdc.sys 7E0CB59045BEB5976B32C3541DB0BFBB
C:\Windows\system32\DRIVERS\mfencrk.sys 4B34DFBC138C5C8FAC6F814575E41376
C:\Windows\System32\drivers\mfewfpk.sys 1134C87CC1184F5B88F0C7002ACFDC99
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\Windows\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\Windows\System32\drivers\mountmgr.sys D1D82F007A079A4D623DBD1F36EF30A1
C:\Windows\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\Windows\system32\drivers\mrxdav.sys DB32958F0E704EFBF7F15161A569E39F
C:\Windows\System32\DRIVERS\mrxsmb.sys 31233271EDE50D1BBB220F78AFA60486
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6276AC2AA203CF47811F6EFBBD214FBF
C:\Windows\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\Windows\System32\drivers\ndis.sys 6D3A2565E01B3E4B0F1BEDB0D4B00B3F
C:\Windows\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\Windows\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys B8F36CBC72FC5C8B8A30AD850165EA8E
C:\Windows\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\Windows\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\system32\DRIVERS\NETwew00.sys 75B9B86878CC159FBC40C4F9202ADBE3
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 7F68063A5A0461E02BC860CE0E6BFDDC
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\system32\drivers\nvhda64v.sys 7E4355930B28C2798D9F09AB9F81151F
C:\Windows\system32\DRIVERS\nvlddmkm.sys 7C28BA74B766F3470128107DA764F711
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 3A7B0570D896602E37EAF80EC3D1615A
C:\Windows\system32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\Windows\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\Windows\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\Windows\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 615DFD97DEA56CE1C3A52185A3038FF8
C:\Windows\System32\drivers\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\system32\DRIVERS\rtsuvc.sys 993E6A15FD3EAFC280B8EBB396FA31B2
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\Windows\System32\drivers\sdbus.sys C54B6B2170BF628FD42F799A66956D75
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys CEF109BCF37A0383454CD070C368BAAE
C:\Windows\System32\drivers\spaceport.sys D24B1945ED1F9C96DA786DBBF1E983CE
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 6416E79A58A8FCC33A447A4DDDD3BF04
C:\Windows\System32\DRIVERS\srv2.sys 00D8AC8E3053290BDE6EA2FB6810D2FC
C:\Windows\System32\DRIVERS\srvnet.sys D047CD668E6277FD80F0C613946F034C
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\Windows\system32\DRIVERS\SynTP.sys BA9032F7F531A6C3744FB17CA1E11549
C:\Windows\System32\drivers\tcpip.sys 3C2DF97A21A9BBE6355B0A51F288EFFF
C:\Windows\system32\DRIVERS\tcpip.sys 3C2DF97A21A9BBE6355B0A51F288EFFF
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\Windows\System32\DRIVERS\udfs.sys C61EAF8E1E4B2F62BA4FDF457440B2C6
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\Windows\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\Windows\System32\drivers\usbehci.sys 48BA326A3DBA5B5BEB5F2777F4618696
C:\Windows\System32\drivers\usbhub.sys FEF0BC107812B36849741C3211BA6B60
C:\Windows\System32\drivers\UsbHub3.sys 95B0179BDA907252025DEEA183699FB3
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\System32\drivers\USBSTOR.SYS 66732C13628BDB1AB0D6FD46027327C2
C:\Windows\System32\drivers\usbuhci.sys 064260B3A5868AC894A4943543BC7AB7
C:\Windows\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0
C:\Windows\System32\drivers\USBXHCI.SYS 1A20F03700D2B2ED775E38D751EF2F63
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys F6ECFD6128A16A4851CFE98D4E01B011
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 64CA2B4A49A8EAF495E435623ECCE7DB
C:\Windows\System32\drivers\vpci.sys EF31713EE4C7CCFE4049F7E7F15645A2
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys 1751F6B031ADAC34724511057D2E455D
C:\Windows\System32\drivers\wdcsam64.sys D0335A55E5C3F812548E18300C2ACB62
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys D296D0F0DB2CD1504F90405603664493
C:\Windows\System32\Drivers\WdNisDrv.sys 9F4DF0043965808973023A9B51A11136
C:\Windows\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5
C:\Windows\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
ezlivin11
Active Member
 
Posts: 12
Joined: May 8th, 2015, 12:32 am
Advertisement
Register to Remove

Re: Help_Decrypt and I let it in :-(

Unread postby ezlivin11 » May 8th, 2015, 2:54 am

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== Three Months Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 21:21 - 2015-05-07 21:21 - 00041099 _____ () C:\Users\easyl_000\Downloads\FRST.txt
2015-05-07 21:20 - 2015-05-07 21:21 - 00000000 ____D () C:\FRST
2015-05-07 20:56 - 2015-05-07 20:56 - 00004209 _____ () C:\Users\Michael\Desktop\Malwaretips.txt
2015-05-07 18:48 - 2015-05-07 18:48 - 00569310 _____ () C:\Users\easyl_000\Desktop\System_Information_By_Tweaking.com.txt
2015-05-07 18:47 - 2015-05-07 18:47 - 00225296 _____ () C:\Users\Michael\Downloads\Tweaking.com-System_Information.exe
2015-05-07 18:47 - 2015-05-07 18:47 - 00000000 ____D () C:\Users\Michael\Downloads\Tweaking.com - System Information
2015-05-07 15:45 - 2015-04-24 14:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-07 14:18 - 2015-05-07 14:19 - 00000000 ____D () C:\KVRT_Data
2015-05-07 13:27 - 2015-05-07 13:28 - 110656344 _____ (Kaspersky Lab ZAO) C:\Users\easyl_000\Downloads\KVRT.exe
2015-05-07 11:23 - 2015-05-07 12:25 - 00000000 ____D () C:\Windows\pss
2015-05-07 10:42 - 2015-05-07 10:42 - 00000000 _____ () C:\Users\easyl_000\Desktop\New Text Document.txt
2015-05-07 09:51 - 2015-05-07 09:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MICHAEL1-Windows-8.1-(64-bit).dat
2015-05-07 09:51 - 2015-05-07 09:51 - 00000000 ____D () C:\RegBackup
2015-05-07 09:38 - 2015-05-07 09:38 - 00007605 _____ () C:\Users\easyl_000\AppData\Local\Resmon.ResmonCfg
2015-05-07 09:25 - 2015-05-07 09:25 - 00000602 _____ () C:\Users\easyl_000\Desktop\Repair_Component_Store.txt
2015-05-07 09:07 - 2015-05-07 09:07 - 00768512 _____ (Reimage®) C:\Users\easyl_000\Downloads\ReimageRepair.exe
2015-05-07 08:23 - 2015-05-07 08:23 - 02102272 _____ (Farbar) C:\Users\easyl_000\Downloads\FRST64.exe
2015-05-07 08:19 - 2015-05-07 08:19 - 00602112 _____ (OldTimer Tools) C:\Users\easyl_000\Downloads\OTL.exe
2015-05-07 08:17 - 2015-05-07 08:18 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\easyl_000\Downloads\tdsskiller.exe
2015-05-07 08:15 - 2015-05-07 08:23 - 00000000 ____D () C:\Users\easyl_000\Desktop\Virous tools
2015-05-07 08:15 - 2015-05-07 08:15 - 00050477 _____ () C:\Users\easyl_000\Downloads\Defogger.exe
2015-05-07 07:14 - 2015-05-07 07:20 - 00000000 ____D () C:\Users\easyl_000\Downloads\Driver Backup
2015-05-07 01:36 - 2015-05-07 01:37 - 341589572 _____ () C:\Users\easyl_000\Documents\Tweeking utility.reg
2015-05-07 01:21 - 2015-05-07 01:21 - 00000000 _____ () C:\Users\easyl_000\agent.log
2015-05-07 01:12 - 2015-05-07 01:12 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Nero
2015-05-07 01:12 - 2015-05-07 01:12 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Apple Computer
2015-05-06 22:16 - 2015-05-06 22:16 - 00003662 _____ () C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2015-05-06 22:16 - 2015-05-06 22:16 - 00002175 _____ () C:\Users\easyl_000\Desktop\Tweaking.com - Windows Repair.lnk
2015-05-06 22:16 - 2015-05-06 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-05-06 22:16 - 2015-05-06 22:16 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-05-06 22:15 - 2015-05-06 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Partition Manager
2015-05-06 22:15 - 2015-05-06 22:15 - 00000000 ____D () C:\Program Files\LSoft Technologies
2015-05-06 22:03 - 2015-05-07 13:51 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-06 22:03 - 2015-05-06 22:03 - 00001031 _____ () C:\Users\easyl_000\Desktop\EULAlyzer.lnk
2015-05-06 22:03 - 2015-05-06 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EULAlyzer
2015-05-06 22:03 - 2015-05-06 22:03 - 00000000 ____D () C:\Program Files (x86)\EULAlyzer
2015-05-06 22:03 - 2011-05-15 15:00 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2015-05-06 22:03 - 2011-05-15 15:00 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2015-05-06 21:41 - 2015-05-06 21:01 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow64win.dll
2015-05-06 21:41 - 2015-05-06 21:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow64cpu.dll
2015-05-06 21:40 - 2015-05-06 21:02 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow64.dll
2015-05-06 20:23 - 2015-05-06 20:23 - 00546464 _____ () C:\Users\Michael\Downloads\Autoruns.zip
2015-05-06 20:23 - 2015-05-06 20:23 - 00000000 ____D () C:\Users\Michael\Downloads\Autoruns
2015-05-06 15:45 - 2015-05-06 15:45 - 00000000 ____D () C:\Users\Michael\Desktop\New folder
2015-05-06 15:02 - 2015-05-06 15:02 - 12849824 _____ () C:\Users\Michael\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-05-06 14:57 - 2015-05-06 14:57 - 01733120 _____ (BrightFort LLC ) C:\Users\Michael\Downloads\eulalyzersetup22.exe
2015-05-06 14:49 - 2015-05-06 14:55 - 269284056 _____ (LSoft Technologies Inc ) C:\Users\Michael\Downloads\BootDiskDemo-Setup.exe
2015-05-06 14:47 - 2015-05-06 14:47 - 263195256 _____ (Acronis) C:\Users\Michael\Downloads\ADD12_trial_en-US.exe
2015-05-06 14:46 - 2015-05-06 14:46 - 12898984 _____ (LSoft Technologies Inc ) C:\Users\Michael\Downloads\PartManFree-Setup.exe
2015-05-06 13:04 - 2015-05-06 13:04 - 00000000 ____D () C:\ProgramData\Energy Management
2015-05-06 11:47 - 2015-05-06 11:47 - 00000000 ____D () C:\Users\Michael\Documents\PDF's
2015-05-06 10:36 - 2015-05-06 10:36 - 00000276 _____ () C:\Users\Michael\Documents\Nero-15 Platium Lic.txt
2015-05-06 10:35 - 2015-05-06 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Nero
2015-05-06 10:35 - 2015-05-06 10:35 - 00000000 ____D () C:\Users\Michael\Documents\Nero BackItUp Device Backup
2015-05-06 10:34 - 2015-05-06 10:34 - 00002985 _____ () C:\Users\Public\Desktop\Nero BackItUp.lnk
2015-05-06 10:06 - 2015-05-06 10:06 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2015-05-06 10:05 - 2015-05-06 10:05 - 00002929 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2015-05-06 10:03 - 2015-05-06 10:34 - 00000000 ____D () C:\ProgramData\Nero
2015-05-06 10:03 - 2015-05-06 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-05-06 10:03 - 2015-05-06 10:34 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-05-06 09:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-05-06 09:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-05-06 02:10 - 2015-05-06 02:10 - 78634232 _____ () C:\Users\Michael\Downloads\LEXMARK_Pro700_wcr_64_en.exe
2015-05-06 01:48 - 2015-05-06 01:48 - 00000000 _____ () C:\Users\Michael\agent.log
2015-05-06 01:21 - 2015-05-06 01:21 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Intel
2015-05-06 01:21 - 2015-05-06 01:21 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Intel
2015-05-06 01:20 - 2015-05-06 09:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-06 01:20 - 2015-05-06 01:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-05-06 01:20 - 2015-05-06 01:20 - 00000000 ____D () C:\Users\easyl_000\Intel.sav
2015-05-06 01:20 - 2015-05-06 01:20 - 00000000 ____D () C:\ProgramData\Intel.sav
2015-05-06 01:20 - 2015-05-06 01:20 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-05-06 01:20 - 2015-05-06 01:20 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-05-06 01:11 - 2015-05-06 01:12 - 00001434 _____ () C:\Windows\Synaptics.log
2015-05-06 01:11 - 2015-05-06 01:11 - 00002990 _____ () C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2015-05-06 01:11 - 2015-05-06 01:11 - 00000000 ____D () C:\Program Files\Synaptics
2015-05-06 01:11 - 2015-05-06 01:11 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-05-06 01:11 - 2015-05-06 01:11 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-06 01:11 - 2013-09-17 19:44 - 00722672 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-05-06 01:11 - 2013-09-17 19:44 - 00528624 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-05-06 01:11 - 2013-09-17 19:44 - 00422128 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo19.dll
2015-05-06 01:11 - 2013-09-17 19:44 - 00400112 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-05-06 01:11 - 2013-09-17 19:44 - 00251632 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-05-06 01:11 - 2013-09-17 19:44 - 00169712 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2015-05-06 01:11 - 2013-09-17 19:44 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-06 01:10 - 2015-05-06 01:10 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Intel Corporation
2015-05-06 01:07 - 2015-05-07 11:52 - 00820548 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-06 01:07 - 2015-05-06 01:07 - 00000000 ____D () C:\Users\easyl_000\Intel
2015-05-06 01:07 - 2015-05-06 01:07 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Intel Corporation
2015-05-06 01:01 - 2015-05-06 01:01 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-05-06 01:01 - 2013-07-19 16:58 - 08247640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-05-06 01:01 - 2013-07-19 16:58 - 06340312 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
2015-05-06 01:01 - 2013-07-19 16:58 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2015-05-06 01:01 - 2013-07-19 16:58 - 01157563 _____ () C:\Windows\FTDataP.xml
2015-05-06 01:01 - 2013-07-19 16:58 - 00946032 _____ () C:\Windows\FTData.xml
2015-05-06 01:01 - 2013-07-19 16:58 - 00817241 _____ () C:\Windows\FTDataR1.xml
2015-05-06 01:01 - 2013-07-19 16:58 - 00817191 _____ () C:\Windows\FTDataR0.xml
2015-05-06 01:01 - 2013-07-19 16:58 - 00473304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2015-05-06 01:01 - 2013-07-19 16:58 - 00421080 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2015-05-06 00:58 - 2015-05-06 01:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-05-06 00:58 - 2015-05-06 00:58 - 00003936 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-05-06 00:58 - 2015-05-06 00:58 - 00003690 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-05-06 00:57 - 2015-05-06 01:20 - 00000000 ____D () C:\ProgramData\Intel
2015-05-06 00:57 - 2015-05-06 00:57 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\InstallShield
2015-05-06 00:57 - 2015-05-06 00:57 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-05-06 00:57 - 2013-08-08 13:25 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-06 00:57 - 2013-08-08 13:25 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-05-06 00:57 - 2013-08-08 13:25 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-05-06 00:35 - 2015-05-06 00:35 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2015-05-06 00:35 - 2013-07-18 13:55 - 00130248 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C63x64.sys
2015-05-06 00:27 - 2015-05-06 00:27 - 00000000 ____D () C:\Intel
2015-05-06 00:27 - 2013-08-05 11:50 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-05-05 23:08 - 2015-05-05 23:47 - 00000000 ____D () C:\Users\Michael\AppData\Local\Wide Angle Software
2015-05-05 23:08 - 2015-05-05 23:13 - 00000000 ____D () C:\ProgramData\Wide Angle Software
2015-05-05 23:08 - 2015-05-05 23:08 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\{2A82324E-1E3C-4E88-A68A-8BA11B0417FE}
2015-05-05 23:05 - 2015-05-05 23:05 - 00002643 _____ () C:\Users\Public\Desktop\TouchCopy 12.lnk
2015-05-05 23:05 - 2015-05-05 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TouchCopy 12
2015-05-05 23:05 - 2015-05-05 23:05 - 00000000 ____D () C:\Program Files\Wide Angle Software
2015-05-05 22:59 - 2015-05-05 23:47 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Apple Computer
2015-05-05 22:59 - 2015-05-05 22:59 - 00001765 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-05 22:59 - 2015-05-05 22:59 - 00000000 ____D () C:\Users\Michael\AppData\Local\Apple Computer
2015-05-05 22:59 - 2015-05-05 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-05 22:59 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-05 22:58 - 2015-05-05 22:58 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-05 22:58 - 2015-05-05 22:58 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-05 22:58 - 2015-05-05 22:58 - 00000000 ____D () C:\Program Files\iTunes
2015-05-05 22:58 - 2015-05-05 22:58 - 00000000 ____D () C:\Program Files\iPod
2015-05-05 22:58 - 2015-05-05 22:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-05 22:57 - 2015-05-06 01:36 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-05 22:57 - 2015-05-05 22:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-05 22:57 - 2015-05-05 22:57 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-05 22:57 - 2015-05-05 22:57 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-05 22:57 - 2015-05-05 22:57 - 00000000 ____D () C:\Users\easyl_000\AppData\Local\Apple
2015-05-05 22:57 - 2015-05-05 22:57 - 00000000 ____D () C:\ProgramData\Apple
2015-05-05 22:57 - 2015-05-05 22:57 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-05 22:57 - 2015-05-05 22:57 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-05 22:22 - 2015-05-07 08:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 22:21 - 2015-05-05 22:21 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-05 22:21 - 2015-05-05 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-05 22:21 - 2015-05-05 22:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-05 22:21 - 2015-05-05 22:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-05 22:21 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-05 22:21 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-05 22:21 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-05 22:03 - 2015-05-05 22:04 - 00000000 ____D () C:\Users\Michael\Downloads\Lonovo tools
2015-05-05 20:47 - 2015-05-05 23:01 - 00000438 _____ () C:\Windows\Tasks\GlaryOneClickOptimizer 5.job
2015-05-05 20:47 - 2015-05-05 20:47 - 00003226 _____ () C:\Windows\System32\Tasks\GlaryOneClickOptimizer 5
2015-05-05 20:44 - 2015-05-05 20:44 - 00000772 _____ () C:\Users\Michael\Documents\Glary Utilities pro reiciept.txt
2015-05-05 20:43 - 2015-05-05 20:43 - 00000000 _____ () C:\Users\Michael\Desktop\New Text Document.txt
2015-05-05 20:38 - 2015-05-05 20:38 - 00231018 ____T () C:\Users\easyl_000\Documents\Glary Utilities pro Reiciept.oxps
2015-05-05 20:24 - 2015-05-05 20:24 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Macromedia
2015-05-05 19:56 - 2015-05-07 20:29 - 00000000 __RSD () C:\Users\Michael\Documents\McAfee Vaults
2015-05-05 19:56 - 2015-05-06 08:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\McAfee File Lock
2015-05-05 19:56 - 2015-05-05 19:56 - 00001932 _____ () C:\Users\Public\Desktop\McAfee All Access – Total Protection.lnk
2015-05-05 19:55 - 2015-05-07 21:18 - 00000000 __RSD () C:\Users\easyl_000\Documents\McAfee Vaults
2015-05-05 19:55 - 2015-05-05 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-05-05 19:55 - 2015-05-05 19:56 - 00000000 ____D () C:\Program Files (x86)\SafeKey
2015-05-05 19:55 - 2015-05-05 19:55 - 00000000 ____D () C:\Users\easyl_000\AppData\Local\McAfee File Lock
2015-05-05 19:55 - 2015-05-05 19:55 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2015-05-05 19:55 - 2014-09-11 14:33 - 00076064 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
2015-05-05 19:55 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-05-05 19:54 - 2015-05-05 19:56 - 00000000 ____D () C:\Program Files\McAfee
2015-05-05 19:54 - 2015-05-05 19:54 - 00000000 ____D () C:\Program Files\McAfee.com
2015-05-05 19:53 - 2015-05-05 23:01 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-05-05 19:45 - 2015-05-07 00:47 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-05 19:45 - 2015-05-05 19:56 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-05-05 19:45 - 2014-10-01 12:18 - 00189920 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-05-05 19:40 - 2015-05-07 21:19 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F105BF70-212F-46CE-8AC6-23624F2B1E5E}
2015-05-05 19:40 - 2015-05-05 19:40 - 00000000 __SHD () C:\Users\easyl_000\AppData\Local\EmieUserList
2015-05-05 19:40 - 2015-05-05 19:40 - 00000000 __SHD () C:\Users\easyl_000\AppData\Local\EmieSiteList
2015-05-05 19:40 - 2015-05-05 19:40 - 00000000 __SHD () C:\Users\easyl_000\AppData\Local\EmieBrowserModeList
2015-05-05 18:29 - 2015-05-07 07:10 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\GlarySoft
2015-05-05 18:21 - 2015-05-05 18:21 - 04798416 _____ (McAfee, Inc.) C:\Users\Michael\Downloads\MCPR.exe
2015-05-05 16:47 - 2015-05-07 21:21 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-238807202-2743764042-2545225379-1003
2015-05-05 16:43 - 2015-05-07 21:20 - 00000000 ___RD () C:\Users\easyl_000\OneDrive
2015-05-05 16:41 - 2015-05-05 16:41 - 00000000 ____D () C:\Users\easyl_000\AppData\Local\NVIDIA Corporation
2015-05-05 16:40 - 2015-05-07 01:21 - 00000000 ____D () C:\Users\easyl_000
2015-05-05 16:40 - 2015-05-05 16:43 - 00000000 ____D () C:\Users\easyl_000\AppData\Local\Packages
2015-05-05 16:40 - 2015-05-05 16:40 - 00001442 _____ () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-05 16:40 - 2015-05-05 16:40 - 00000020 ___SH () C:\Users\easyl_000\ntuser.ini
2015-05-05 16:40 - 2015-05-05 16:40 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Adobe
2015-05-05 16:40 - 2015-05-05 16:40 - 00000000 ____D () C:\Users\easyl_000\AppData\Local\VirtualStore
2015-05-05 16:40 - 2015-05-05 16:40 - 00000000 ____D () C:\Users\easyl_000\AppData\Local\NVIDIA
2015-05-05 16:40 - 2015-05-05 13:52 - 00000000 ___RD () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-05 16:40 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-05 16:40 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-05 16:40 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-05 16:40 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-05 16:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\easyl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-05 16:12 - 2015-05-05 16:12 - 00036864 _____ () C:\Windows\system32\config\SOFTWARE.gu
2015-05-05 16:12 - 2015-04-13 00:57 - 00028960 _____ (Glarysoft Ltd) C:\Windows\system32\RegBootDefrag.exe
2015-05-05 15:35 - 2015-05-05 15:35 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-05-05 15:33 - 2015-05-05 15:33 - 00001897 _____ () C:\Users\Michael\Desktop\CCleaner.lnk
2015-05-05 15:33 - 2015-05-05 15:33 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-05 15:33 - 2015-05-05 15:33 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2015-05-05 15:08 - 2015-05-07 21:16 - 00000358 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-05-05 15:08 - 2015-05-07 21:16 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-05-05 15:08 - 2015-05-05 20:27 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-05-05 15:08 - 2015-05-05 20:27 - 00002980 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-05-05 15:08 - 2015-05-05 20:27 - 00002642 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-05-05 15:08 - 2015-05-05 20:27 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-05-05 15:08 - 2015-05-05 20:27 - 00001092 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-05-05 15:08 - 2015-05-05 15:39 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\GlarySoft
2015-05-05 15:08 - 2015-05-05 15:08 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DiskDefrag
2015-05-05 15:08 - 2015-05-05 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-05-05 15:04 - 2015-05-06 20:35 - 00004280 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-05-05 15:03 - 2015-05-05 16:26 - 00000000 ____D () C:\Program Files\Reimage
2015-05-05 15:02 - 2015-05-05 15:04 - 00000156 _____ () C:\Windows\Reimage.ini
2015-05-05 15:02 - 2015-05-05 15:02 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-05 14:51 - 2015-05-05 14:51 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-05-05 14:49 - 2015-05-05 14:49 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\McAfee
2015-05-05 14:35 - 2015-05-05 14:35 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Macromedia
2015-05-05 14:13 - 2015-03-04 16:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-05 14:12 - 2015-05-06 01:20 - 00000000 ____D () C:\Program Files\Intel
2015-05-05 14:12 - 2015-05-06 01:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-05 14:12 - 2015-05-05 14:12 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2015-05-05 14:01 - 2015-05-05 14:01 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-05-05 14:01 - 2015-04-09 17:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-05 14:01 - 2015-04-09 17:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-05 14:01 - 2015-03-19 18:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-05 14:01 - 2015-03-17 10:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-05 14:01 - 2015-03-08 19:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-05 14:01 - 2015-01-05 20:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-05-05 14:01 - 2015-01-05 19:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-05-05 14:01 - 2015-01-05 18:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-05-05 14:01 - 2015-01-05 18:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-05-05 14:00 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-05 14:00 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-05 14:00 - 2015-04-01 15:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-05 14:00 - 2015-04-01 15:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-05 14:00 - 2015-03-31 20:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-05 14:00 - 2015-03-31 19:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-05 14:00 - 2015-03-13 19:03 - 04179968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-05 14:00 - 2015-03-12 19:59 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-05 14:00 - 2015-03-12 19:38 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-05 14:00 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-05 14:00 - 2015-03-12 18:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-05 14:00 - 2015-03-12 17:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-05 14:00 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-05 14:00 - 2015-03-03 18:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-05 14:00 - 2015-03-03 18:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-05 14:00 - 2015-02-17 16:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-05 14:00 - 2015-02-12 19:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-05 14:00 - 2015-02-12 18:46 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-05 14:00 - 2015-01-29 17:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-05 14:00 - 2014-11-17 13:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-05-05 14:00 - 2014-11-17 13:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-05-05 14:00 - 2014-11-13 23:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-05 14:00 - 2014-11-13 23:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-05-05 14:00 - 2014-11-13 23:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-05-05 13:59 - 2015-03-12 21:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-05 13:59 - 2015-03-12 21:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-05 13:59 - 2015-03-10 18:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-05 13:59 - 2015-03-10 18:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-05 13:59 - 2014-11-15 12:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-05 13:59 - 2014-11-14 23:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-05 13:59 - 2014-11-13 23:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-05-05 13:59 - 2014-11-13 22:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-05-05 13:59 - 2014-11-10 11:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-05-05 13:59 - 2014-11-10 11:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-05-05 13:59 - 2014-11-10 11:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-05-05 13:59 - 2014-11-10 11:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-05-05 13:59 - 2014-11-09 19:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-05-05 13:59 - 2014-11-09 18:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-05-05 13:59 - 2014-11-09 18:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-05-05 13:59 - 2014-11-09 18:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-05-05 13:59 - 2014-11-09 18:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-05-05 13:59 - 2014-11-09 18:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-05-05 13:59 - 2014-11-09 18:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-05-05 13:59 - 2014-11-09 18:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-05-05 13:59 - 2014-11-09 17:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-05-05 13:59 - 2014-11-09 17:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-05-05 13:59 - 2014-11-07 21:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-05-05 13:59 - 2014-11-07 20:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-05-05 13:59 - 2014-11-07 20:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-05-05 13:59 - 2014-11-07 20:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-05-05 13:59 - 2014-11-07 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-05-05 13:59 - 2014-11-07 20:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-05-05 13:59 - 2014-11-07 20:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-05-05 13:59 - 2014-11-07 20:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-05-05 13:59 - 2014-11-07 20:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-05-05 13:59 - 2014-11-07 19:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-05-05 13:59 - 2014-11-07 19:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-05-05 13:59 - 2014-11-07 19:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-05-05 13:59 - 2014-11-07 19:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-05-05 13:59 - 2014-11-07 18:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-05-05 13:59 - 2014-11-07 18:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-05-05 13:59 - 2014-11-06 20:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-05-05 13:59 - 2014-11-06 20:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-05-05 13:59 - 2014-11-04 19:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-05-05 13:59 - 2014-11-04 19:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-05-05 13:59 - 2014-11-04 19:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-05-05 13:59 - 2014-11-04 18:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-05-05 13:59 - 2014-11-04 18:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-05-05 13:59 - 2014-11-04 18:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-05-05 13:59 - 2014-11-04 18:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-05-05 13:59 - 2014-11-04 18:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-05-05 13:59 - 2014-11-04 18:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-05-05 13:59 - 2014-11-04 18:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-05-05 13:59 - 2014-11-04 18:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-05-05 13:59 - 2014-11-04 18:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-05-05 13:59 - 2014-11-04 18:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-05-05 13:59 - 2014-11-04 18:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-05-05 13:59 - 2014-11-04 12:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-05-05 13:59 - 2014-11-04 12:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-05-05 13:59 - 2014-11-04 12:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-05-05 13:59 - 2014-11-03 23:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-05-05 13:59 - 2014-11-03 23:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-05-05 13:59 - 2014-11-03 23:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-05-05 13:59 - 2014-11-03 23:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-05-05 13:59 - 2014-11-03 23:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-05-05 13:59 - 2014-11-03 22:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-05-05 13:59 - 2014-10-30 17:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-05-05 13:59 - 2014-10-30 17:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-05-05 13:59 - 2014-10-28 20:05 - 00551232 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-05-05 13:59 - 2014-10-28 18:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-05-05 13:59 - 2014-10-28 18:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-05-05 13:59 - 2014-10-20 18:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-05-05 13:59 - 2014-10-20 18:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-05-05 13:59 - 2014-10-20 17:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-05-05 13:59 - 2014-10-20 17:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-05-05 13:59 - 2014-10-20 17:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-05-05 13:59 - 2014-10-20 17:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-05-05 13:59 - 2014-10-20 17:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-05-05 13:59 - 2014-10-16 21:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-05-05 13:59 - 2014-10-16 20:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-05-05 13:58 - 2015-03-12 17:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-05 13:58 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-05 13:58 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-05 13:52 - 2015-05-05 13:55 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-05 13:52 - 2015-05-05 13:52 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-05 13:52 - 2015-05-05 13:52 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-05 13:45 - 2015-05-05 13:46 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-05 13:45 - 2015-04-01 11:16 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-05 13:39 - 2015-03-03 06:17 - 00295552 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-05-05 13:37 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-05-05 13:37 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-05-05 13:36 - 2015-05-05 12:51 - 00000000 ____D () C:\Windows\Panther
2015-05-05 13:35 - 2015-03-23 14:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-05 13:35 - 2015-03-23 14:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-05 13:35 - 2015-03-23 14:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-05 13:35 - 2015-03-23 14:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-05 13:35 - 2015-03-23 14:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-05 13:35 - 2015-03-19 21:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-05-05 13:35 - 2015-03-19 21:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-05 13:35 - 2015-03-19 21:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-05 13:35 - 2015-03-19 20:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-05 13:35 - 2015-03-19 19:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-05 13:35 - 2015-03-19 19:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-05 13:35 - 2015-03-19 19:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-05 13:35 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-05 13:35 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-05 13:35 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-05 13:35 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-05 13:35 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-05 13:35 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-05 13:35 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-05 13:35 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-05 13:34 - 2015-03-14 01:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-05 13:34 - 2015-03-14 01:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-05 13:34 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-05 13:34 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-05 13:34 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-05 13:34 - 2015-03-12 20:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-05 13:34 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-05 13:34 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-05 13:34 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-05 13:34 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-05 13:34 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-05 13:34 - 2015-03-12 20:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-05 13:34 - 2015-03-12 20:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-05 13:34 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-05 13:34 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-05 13:34 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-05 13:34 - 2015-03-12 19:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-05-05 13:34 - 2015-03-12 19:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-05 13:34 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-05 13:34 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-05 13:34 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-05 13:34 - 2015-03-12 19:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-05-05 13:34 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-05 13:34 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-05 13:34 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-05 13:34 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-05 13:34 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-05 13:34 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-05 13:34 - 2015-03-04 03:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-05-05 13:34 - 2015-03-03 20:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-05 13:34 - 2015-03-03 19:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-05 13:34 - 2015-02-24 01:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-05 13:34 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-05 13:34 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-05 13:34 - 2015-02-20 16:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-05-05 13:34 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-05 13:34 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-05 13:34 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-05 13:34 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-05 13:34 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-05 13:34 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-05-05 13:34 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-05-05 13:34 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-05 13:34 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-05 13:34 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-05 13:34 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-05 13:34 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-05 13:34 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-05 13:34 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-05-05 13:34 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-05 13:34 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-05 13:34 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-05 13:34 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-05 13:34 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-05-05 13:34 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-05-05 13:34 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-05-05 13:34 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-05-05 13:34 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-05-05 13:34 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-05-05 13:34 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-05-05 13:34 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-05-05 13:34 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-05 13:34 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-05 13:34 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-05 13:34 - 2015-01-29 20:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-05-05 13:34 - 2015-01-29 20:00 - 00167424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-05-05 13:34 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-05-05 13:34 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-05-05 13:34 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-05-05 13:34 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-05-05 13:34 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-05-05 13:34 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-05 13:34 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-05 13:34 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-05-05 13:34 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-05-05 13:34 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-05 13:34 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-05 13:34 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-05-05 13:34 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-05 13:34 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-05-05 13:34 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-05-05 13:34 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-05-05 13:34 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-05-05 13:34 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-05-05 13:34 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-05-05 13:34 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-05 13:34 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-05 13:34 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-05-05 13:34 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-05-05 13:34 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-05-05 13:34 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-05-05 13:34 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-05-05 13:34 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-05-05 13:34 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-05-05 13:34 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-05 13:34 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-05 13:34 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-05 13:34 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-05 13:34 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-05 13:34 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-05 13:34 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-05 13:34 - 2014-12-18 23:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-05 13:34 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-05-05 13:34 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-05-05 13:34 - 2014-12-11 19:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-05 13:34 - 2014-12-08 18:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-05 13:34 - 2014-12-08 12:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-05-05 13:34 - 2014-12-08 12:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-05-05 13:34 - 2014-12-08 12:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-05-05 13:34 - 2014-12-08 12:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-05-05 13:34 - 2014-12-08 12:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-05-05 13:34 - 2014-12-08 12:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-05 13:34 - 2014-12-05 20:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-05-05 13:34 - 2014-12-05 18:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-05 13:34 - 2014-12-05 18:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-05-05 13:34 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-05 13:34 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-05 13:34 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-05-05 13:34 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-05-05 13:34 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-05 13:34 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-05 13:34 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-05-05 13:34 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-05-05 13:34 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-05-05 13:34 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-05-05 13:33 - 2015-03-22 15:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-05 13:33 - 2015-03-22 15:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-05 13:33 - 2015-03-22 15:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-05 13:33 - 2015-03-22 15:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-05 13:33 - 2015-03-22 15:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-05 13:33 - 2015-03-22 15:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-05 13:33 - 2015-03-22 15:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-05 13:33 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-05-05 13:33 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-05-05 13:33 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-05-05 13:33 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-05-05 13:33 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-05-05 13:33 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-05-05 13:33 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-05-05 13:33 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-05-05 13:33 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-05-05 13:33 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-05-05 13:33 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-05-05 13:33 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-05-05 13:33 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-05-05 13:33 - 2014-12-08 12:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-05-05 13:33 - 2014-12-08 12:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-05-05 13:33 - 2014-12-02 16:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-05 13:33 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-05 13:33 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-05 13:30 - 2015-05-06 01:20 - 00026610 _____ () C:\Windows\DPINST.LOG
2015-05-05 13:30 - 2015-05-06 01:01 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2015-05-05 13:30 - 2015-05-05 13:30 - 00000000 ____D () C:\Program Files\Lenovo
2015-05-05 13:30 - 2015-05-05 13:30 - 00000000 ____D () C:\Program Files\DIFX
2015-05-05 13:30 - 2015-05-05 13:30 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-05-05 13:30 - 2015-05-05 13:29 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2015-05-05 13:30 - 2015-05-05 13:29 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2015-05-05 13:29 - 2015-05-05 13:29 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2015-05-05 13:20 - 2015-05-07 21:11 - 00000000 ___RD () C:\Users\Michael\OneDrive
2015-05-05 13:16 - 2015-04-08 13:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-05 13:16 - 2015-04-08 10:52 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-05 13:15 - 2015-04-08 17:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-05 13:15 - 2015-04-08 17:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-05 13:15 - 2015-04-08 17:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-05 13:15 - 2015-04-08 17:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-05 13:11 - 2015-05-05 13:11 - 00001393 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-05 13:11 - 2015-05-05 13:11 - 00000000 ____D () C:\Users\Michael\AppData\Local\NVIDIA Corporation
2015-05-05 13:11 - 2015-05-05 13:11 - 00000000 ____D () C:\Users\Michael\AppData\Local\NVIDIA
2015-05-05 13:11 - 2015-05-05 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-05 13:11 - 2015-05-01 09:51 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-05 13:11 - 2015-05-01 09:51 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-05 13:11 - 2015-05-01 09:50 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-05 13:11 - 2015-05-01 09:50 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-05 13:11 - 2014-11-22 03:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-05 13:11 - 2014-11-22 03:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-05-05 13:11 - 2014-11-22 03:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-05 13:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-05-05 13:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-05-05 13:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-05-05 13:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-05-05 13:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-05-05 13:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-05-05 12:58 - 2015-05-07 21:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 12:58 - 2015-05-05 13:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-05 12:58 - 2015-04-08 14:30 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-05 12:58 - 2015-04-08 14:30 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-05 12:58 - 2015-04-08 14:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-05 12:58 - 2015-04-08 14:30 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-05 12:58 - 2015-04-08 14:30 - 00569160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2015-05-05 12:58 - 2015-04-08 14:30 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-05 12:58 - 2015-04-08 14:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-05 12:57 - 2015-05-07 20:36 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-238807202-2743764042-2545225379-1001
2015-05-05 12:57 - 2015-05-05 13:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-05 12:57 - 2015-05-05 13:11 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-05 12:57 - 2015-04-08 17:58 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-05 12:57 - 2015-04-08 17:58 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-05 12:55 - 2015-05-07 15:35 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4EF88F0-6E72-4F0E-B4DC-25C081082066}
2015-05-05 12:55 - 2015-05-05 12:55 - 00000000 __SHD () C:\Users\Michael\AppData\Local\EmieUserList
2015-05-05 12:55 - 2015-05-05 12:55 - 00000000 __SHD () C:\Users\Michael\AppData\Local\EmieSiteList
2015-05-05 12:55 - 2015-05-05 12:55 - 00000000 __SHD () C:\Users\Michael\AppData\Local\EmieBrowserModeList
2015-05-05 12:52 - 2015-05-05 16:42 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-05 12:52 - 2015-05-05 12:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\PackageStaging
2015-05-05 12:50 - 2015-05-07 15:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\Packages
2015-05-05 12:50 - 2015-05-05 12:50 - 00001442 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-05 12:50 - 2015-05-05 12:50 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Adobe
2015-05-05 12:50 - 2015-05-05 12:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\VirtualStore
2015-05-05 12:47 - 2015-05-05 12:47 - 00000020 ___SH () C:\Users\Michael\ntuser.ini
2015-05-05 12:47 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-05 12:47 - 2014-11-21 01:52 - 00000369 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-05 12:46 - 2015-05-06 01:48 - 00000000 ____D () C:\Users\Michael
2015-05-05 12:46 - 2015-03-14 01:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-05 12:46 - 2015-03-13 18:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-05 12:46 - 2015-03-13 18:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-05 12:46 - 2015-03-13 18:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-05 12:46 - 2015-03-13 18:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-05 12:46 - 2015-03-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-05 12:46 - 2015-03-13 17:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-05 12:46 - 2015-03-13 17:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-05 12:46 - 2015-03-13 17:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-05 12:46 - 2015-03-13 17:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-05-05 12:46 - 2015-03-13 17:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-05-05 12:46 - 2015-03-13 17:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-05 12:46 - 2015-03-13 17:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-05 12:46 - 2015-03-13 17:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-05 12:46 - 2015-03-13 17:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-05 12:46 - 2015-03-13 17:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-05 12:46 - 2015-03-13 16:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-05 12:46 - 2015-03-13 16:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-05 12:46 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-05 12:46 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-05 12:46 - 2014-11-21 08:57 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-05 12:46 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-05-05 12:46 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-05 12:45 - 2015-05-07 21:13 - 01377843 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 12:41 - 2015-05-05 12:41 - 00000000 __SHD () C:\Recovery
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 21:18 - 2014-11-21 01:44 - 00820548 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 21:13 - 2013-08-22 07:46 - 00028461 _____ () C:\Windows\setupact.log
2015-05-07 21:12 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 21:12 - 2013-08-22 06:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-07 16:01 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-07 15:46 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-07 15:26 - 2014-11-21 01:34 - 00023458 _____ () C:\Windows\PFRO.log
2015-05-07 12:13 - 2013-08-22 07:44 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-07 11:59 - 2013-08-22 06:25 - 00000128 _____ () C:\Windows\win.ini
2015-05-07 10:10 - 2013-08-22 06:25 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_822
2015-05-07 09:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-07 01:31 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-07 01:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-06 23:36 - 2013-08-22 06:25 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_510
2015-05-06 10:06 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Cursors
2015-05-06 01:20 - 2013-08-22 06:36 - 00000000 ___RD () C:\Users\Default
2015-05-06 00:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-05 23:13 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppCompat
2015-05-05 19:54 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-05-05 16:12 - 2013-08-22 06:25 - 59768832 _____ () C:\Windows\system32\config\SOFTWARE.gu.bak
2015-05-05 16:12 - 2013-08-22 06:25 - 09961472 _____ () C:\Windows\system32\config\SYSTEM.gu.bak
2015-05-05 16:12 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\SECURITY.gu.bak
2015-05-05 16:12 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\SAM.gu.bak
2015-05-05 16:12 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.gu.bak
2015-05-05 14:05 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-05 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-05 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-05 13:52 - 2014-11-21 08:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-05 13:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-05-05 13:36 - 2013-08-22 08:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-05-05 13:36 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-05 13:29 - 2012-07-08 20:22 - 00035600 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
2015-05-05 13:29 - 2012-02-21 05:48 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2015-05-05 12:58 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Help
2015-05-05 12:46 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-05 12:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-05-05 12:41 - 2013-08-22 08:37 - 00002988 _____ () C:\Windows\DtcInstall.log
2015-05-05 12:41 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-04-13 16:24 - 2014-11-21 09:03 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-13 16:24 - 2014-11-21 09:03 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-08 17:58 - 2013-12-26 19:42 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-08 17:58 - 2013-12-26 19:42 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-08 17:58 - 2013-12-26 19:42 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-08 17:58 - 2013-12-26 19:42 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-08 17:58 - 2013-12-26 19:42 - 00029329 _____ () C:\Windows\system32\nvinfo.pb

==================== Files in the root of some directories =======

2015-05-05 19:56 - 2015-05-05 19:56 - 32371688 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-05-07 09:38 - 2015-05-07 09:38 - 0007605 _____ () C:\Users\easyl_000\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\nvStInst.exe
C:\Users\Michael\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Michael\AppData\Local\Temp\ReiSysUpdate.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{d83edcd2-f4ee-11e4-8276-806e6f6e6963}
{d83edcd0-f4ee-11e4-8276-806e6f6e6963}
{d83edcd1-f4ee-11e4-8276-806e6f6e6963}
timeout 0

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {86059c56-f365-11e4-b97e-e8fc9d63eb95}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {86059c4e-f365-11e4-b97e-e8fc9d63eb95}
description EFI Network 0 for IPv4 (28-D2-44-18-83-DC)

Firmware Application (101fffff)
-------------------------------
identifier {86059c4f-f365-11e4-b97e-e8fc9d63eb95}
description EFI Network 0 for IPv6 (28-D2-44-18-83-DC)

Firmware Application (101fffff)
-------------------------------
identifier {86059c53-f365-11e4-b97e-e8fc9d63eb95}
description EFI Network 0 for IPv4 (28-D2-44-18-83-DC)

Firmware Application (101fffff)
-------------------------------
identifier {86059c54-f365-11e4-b97e-e8fc9d63eb95}
description EFI Network 0 for IPv6 (28-D2-44-18-83-DC)

Firmware Application (101fffff)
-------------------------------
identifier {d83edcd0-f4ee-11e4-8276-806e6f6e6963}
description EFI USB Device

Firmware Application (101fffff)
-------------------------------
identifier {d83edcd1-f4ee-11e4-8276-806e6f6e6963}
description EFI DVD/CDROM

Firmware Application (101fffff)
-------------------------------
identifier {d83edcd2-f4ee-11e4-8276-806e6f6e6963}
description EFI Network

Firmware Application (101fffff)
-------------------------------
identifier {d83edcd3-f4ee-11e4-8276-806e6f6e6963}
description EFI Network 0 for IPv4 (28-D2-44-18-83-DC)

Firmware Application (101fffff)
-------------------------------
identifier {d83edcd4-f4ee-11e4-8276-806e6f6e6963}
description EFI Network 0 for IPv6 (28-D2-44-18-83-DC)

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale en-US
inherit {bootloadersettings}
recoverysequence {86059c58-f365-11e4-b97e-e8fc9d63eb95}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {86059c56-f365-11e4-b97e-e8fc9d63eb95}
nx OptIn
bootmenupolicy Legacy

Windows Boot Loader
-------------------
identifier {86059c58-f365-11e4-b97e-e8fc9d63eb95}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{86059c59-f365-11e4-b97e-e8fc9d63eb95}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{86059c59-f365-11e4-b97e-e8fc9d63eb95}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {86059c56-f365-11e4-b97e-e8fc9d63eb95}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {86059c58-f365-11e4-b97e-e8fc9d63eb95}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {86059c59-f365-11e4-b97e-e8fc9d63eb95}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi



LastRegBack: 2015-05-05 12:38

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by easyl_000 at 2015-05-07 21:22:10
Running from C:\Users\easyl_000\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-238807202-2743764042-2545225379-500 - Administrator - Disabled)
easyl_000 (S-1-5-21-238807202-2743764042-2545225379-1003 - Administrator - Enabled) => C:\Users\easyl_000
Guest (S-1-5-21-238807202-2743764042-2545225379-501 - Limited - Disabled)
Michael (S-1-5-21-238807202-2743764042-2545225379-1001 - Limited - Enabled) => C:\Users\Michael

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active@ Partition Manager 4 (HKLM\...\{FE2483C5-A90C-401D-967F-023A9C3CAAAF}_is1) (Version: 4 - LSoft Technologies Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (remove only) (HKLM-x32\...\CCleaner) (Version: - )
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
EULAlyzer 2.2 (HKLM-x32\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC)
Glary Utilities 5.24 (HKLM-x32\...\Glary Utilities 5) (Version: 5.24.0.43 - Glarysoft Ltd)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{72814a2c-2e03-4a50-b30a-43e7884b3934}) (Version: 16.5.1 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.210 - McAfee, Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero BackItUp (HKLM-x32\...\{40F2F005-FA4C-4BEA-83A6-BFD969467594}) (Version: 15.60.61.22 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{2FBCA43F-1CF3-4892-82D0-1BD65F2F2B81}) (Version: 12.0.02800 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero SoundTrax (HKLM-x32\...\{A6DDE8B6-CBDB-41E0-8917-A459F70E571A}) (Version: 12.0.03400 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{5110DEE0-4B2D-45E6-B016-668431EE12CC}) (Version: 12.5.01600 - Nero AG)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.12 - Synaptics Incorporated)
TouchCopy 12 (x64) (HKLM\...\{652E8E44-DE0C-445C-BEF1-2B4671A00FF1}) (Version: 12.69 - Wide Angle Software)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.1.4 - Tweaking.com)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

05-05-2015 12:46:25 Windows Modules Installer
05-05-2015 15:25:12 windows 8.1 perating sysyem install
05-05-2015 22:35:35 Mcafee install
06-05-2015 01:28:51 Itunes/Drivers Install
07-05-2015 01:40:51 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2015-05-07 11:59 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06C9FC62-2F82-407A-912F-3FC27E748585} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-01] (Microsoft Corporation)
Task: {0C75978A-2C76-4E88-BD59-21744AA05949} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-04-27] (Glarysoft Ltd)
Task: {23206EE1-A4DC-4FCB-8888-ACE5D0B42427} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {3B296E43-B721-4446-83D5-7AA332A3A8AC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {4A655888-E2A3-458D-A2ED-96CA44DCA64B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {5B5392CE-73D5-4609-A19A-B732F2AF631C} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {5B7D5FBC-A92A-44E9-8DCF-B2B45982F63C} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [2015-04-27] (Glarysoft Ltd)
Task: {6923EA5C-21C6-457A-B1AC-44AF0C3C638B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-17] (Synaptics Incorporated)
Task: {6A7F03D8-80FE-42B4-A7CE-BB5F5664913E} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {6C497A05-E697-48EB-AED9-3AF2819DCCF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A120301C-32E9-4EAD-B985-1AAFA020E99E} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {A32BE4CD-37D5-4B15-888E-B02BE126723A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-04-27] (Glarysoft Ltd)
Task: {B00B404D-8445-4461-9407-8211E2BC5DD3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {CBCD9277-687F-4EB4-B9EF-9E75E4801FC4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {F83BA505-E597-4FAE-A809-D90445765377} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GlaryOneClickOptimizer 5.job => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-05 12:58 - 2015-04-08 14:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-09 10:36 - 2015-04-09 10:36 - 00607360 _____ () C:\Program Files (x86)\Nero\Nero BackItUp\sqlite3.dll
2015-05-05 13:11 - 2015-05-01 09:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-27 00:06 - 2015-04-27 00:06 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2015-05-06 00:57 - 2013-08-08 13:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:84098FD3
AlternateDataStreams: C:\Users\easyl_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Michael\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\37703182.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\37703182.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
ezlivin11
Active Member
 
Posts: 12
Joined: May 8th, 2015, 12:32 am

Re: Help_Decrypt and I let it in :-(

Unread postby ezlivin11 » May 8th, 2015, 2:55 am

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-238807202-2743764042-2545225379-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8356A8B1-8C15-4738-B7DC-959A6161D6D2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6A355D82-EAC3-4D8F-BC21-DB35CC39AECE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAEAFF41-25CC-46E0-BFD0-BB3E26CE624C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6F633DB9-E401-4352-B7BF-269869470D14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{657881E6-E720-4129-94D7-EA1BD3A5EE6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{20994C4A-490C-41F0-AAA0-C3C8BF20208D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{60E325E3-B049-464A-A3F4-283531D1D98D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{4B358D7B-579D-4E5C-BBCA-CDE0DD8A0806}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BAC89DA1-FE0E-4AA9-A57C-9B32AEF4BB4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B975859-DC31-48C0-8B8D-7204870416F5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E406EF60-0FFB-4691-A9F7-C612B947180C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F83AD540-6F30-44E6-8D01-BE4A0331B9C3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B22DDE54-F49A-4E3C-9D8A-5F9A10E36CFF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{06CEB59A-8EEA-4584-A8E1-A9E9BBAB3F51}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{86AC417F-A00E-45D9-AEEF-E13DED6A2FA6}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{F10D7A72-5F8A-4BC9-AD1E-D7E035D3C213}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{FB34595F-39C4-42F5-990B-A221E647A0A6}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{88BB354B-C313-481E-BA8E-499B44A88D53}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{607564BF-5A99-4F76-ABBA-A1E77C57BB28}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B9215257-707E-42ED-BCF9-2D16FE228D2C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{322120DC-2C4E-4F34-87DE-00BFB5F6B483}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{46A4BAAA-F842-44EA-91B3-7A920B5FBB64}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B25DD2EB-ECCF-4F37-AFA1-93255DBC882F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{80945702-935F-4D14-B71D-083ABB9DFB28}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C892E7DD-9462-4268-9FC7-1D90312D5A5D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{DF6D316F-6F8D-4377-A4CE-DA1F440A6E62}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B49634C6-26B3-46E3-A77B-D247F643E0A7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2EEAA3BF-5373-4C70-AD54-F6348352444C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CE439F16-FD35-41BF-BDE0-DAA81197DD26}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{72D30425-F22B-4A57-BB7F-D1217CB5853C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EB349054-C538-4C66-AE45-496337242C40}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0CE226F1-7E66-496E-AE3C-C9DCCD435646}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E72454FB-A59B-4708-97A8-4CAD6839D20C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 09:12:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc000000d
Fault offset: 0x0000000000101e60
Faulting process id: 0x6f8
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3
Faulting package full name: svchost.exe_DiagTrack4
Faulting package-relative application ID: svchost.exe_DiagTrack5

Error: (05/07/2015 08:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc000000d
Fault offset: 0x0000000000101e60
Faulting process id: 0xc64
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3
Faulting package full name: svchost.exe_DiagTrack4
Faulting package-relative application ID: svchost.exe_DiagTrack5

Error: (05/07/2015 03:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc000000d
Fault offset: 0x0000000000101e60
Faulting process id: 0x6f4
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3
Faulting package full name: svchost.exe_DiagTrack4
Faulting package-relative application ID: svchost.exe_DiagTrack5

Error: (05/07/2015 03:26:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc000000d
Fault offset: 0x0000000000101e60
Faulting process id: 0x6e8
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3
Faulting package full name: svchost.exe_DiagTrack4
Faulting package-relative application ID: svchost.exe_DiagTrack5

Error: (05/07/2015 02:55:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider StorageWMI attempted to register query "select * from MSFT_StorageModificationEvent" whose target class "MSFT_StorageModificationEvent" in //./root/Microsoft/Windows/Storage namespace does not exist. The query will be ignored.

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider StorageWMI attempted to register query "select * from MSFT_StorageDepartureEvent" whose target class "MSFT_StorageDepartureEvent" in //./root/Microsoft/Windows/Storage namespace does not exist. The query will be ignored.

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider StorageWMI attempted to register query "select * from MSFT_StorageArrivalEvent" whose target class "MSFT_StorageArrivalEvent" in //./root/Microsoft/Windows/Storage namespace does not exist. The query will be ignored.

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider StorageWMI attempted to register query "select * from MSFT_StorageAlertEvent" whose target class "MSFT_StorageAlertEvent" in //./root/Microsoft/Windows/Storage namespace does not exist. The query will be ignored.

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from MSFT_StorageModificationEvent" whose target class "MSFT_StorageModificationEvent" in //./root/Microsoft/Windows/Storage namespace does not exist. The query will be ignored.


System errors:
=============
Error: (05/07/2015 09:16:03 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:16:00 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:15:48 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:15:48 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:15:48 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:15:48 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:15:45 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:15:45 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL1)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Michael1easyl_000S-1-5-21-238807202-2743764042-2545225379-1003LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/07/2015 09:13:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1058

Error: (05/07/2015 09:13:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577


Microsoft Office Sessions:
=========================
Error: (05/07/2015 09:12:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e606f801d0893ea1c61b95C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll6a622fa2-f538-11e4-8279-68172949296e

Error: (05/07/2015 08:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e60c6401d08917a8de4aa7C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllc531d1c5-f531-11e4-8278-68172949296e

Error: (05/07/2015 03:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e606f401d08914ee1fb5ebC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlld493ce6e-f50a-11e4-8278-68172949296e

Error: (05/07/2015 03:26:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e606e801d0890c0b1172f2C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll0f3c1627-f508-11e4-8277-68172949296e

Error: (05/07/2015 02:55:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: StorageWMIselect * from MSFT_StorageModificationEventMSFT_StorageModificationEvent//./root/Microsoft/Windows/Storage

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: StorageWMIselect * from MSFT_StorageDepartureEventMSFT_StorageDepartureEvent//./root/Microsoft/Windows/Storage

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: StorageWMIselect * from MSFT_StorageArrivalEventMSFT_StorageArrivalEvent//./root/Microsoft/Windows/Storage

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: StorageWMIselect * from MSFT_StorageAlertEventMSFT_StorageAlertEvent//./root/Microsoft/Windows/Storage

Error: (05/07/2015 11:58:19 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: select * from MSFT_StorageModificationEventMSFT_StorageModificationEvent//./root/Microsoft/Windows/Storage


CodeIntegrity Errors:
===================================
Date: 2015-05-07 21:13:24.865
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 20:25:57.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 15:27:53.684
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 14:24:08.257
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 12:27:03.039
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 12:14:40.689
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 11:35:54.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 11:26:52.035
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 11:17:03.172
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-07 10:25:26.003
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 23%
Total physical RAM: 8138.27 MB
Available physical RAM: 6266.41 MB
Total Pagefile: 10058.27 MB
Available Pagefile: 7976.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931 GB) (Free:724.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 66B87B40)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 66B87BBC)

Partition: GPT Partition Type.

==================== End Of Log ============================
ezlivin11
Active Member
 
Posts: 12
Joined: May 8th, 2015, 12:32 am

Re: Help_Decrypt and I let it in :-(

Unread postby NonSuch » May 9th, 2015, 2:17 am

You have posted multiple responses to your own topic, therefore, we must close this topic.

May I draw your attention to THIS topic, which you should have read before posting for help.

THIS is the section that tells you why you should not reply to your own topic.

This topic will now be closed

If you still require help, please open a new thread in the Malware Removal forum, post the log asked for in the first topic I linked to and wait for assistance.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 388 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware