Short Story: when I click on links (seems random) from legitimate websites, random popups come up to malicious sites. Usually, they are false positive sites or dating websites. There seems to be no consistency to where it sends me.
Long story: I am pretty computer savvy and have purchased Anti-virus (Bitdefender) and I am careful not to go to suspicious sites, so this is surprising indeed! It started about two weeks ago. My main browser is Chrome. I will click on links on Amazon or Google search, links that Bitdefender pre approves and then all of the sudden, another tab will popup to some random site. It is prompted by legitimate sites, like Amazon or Google Books. I have ran a deep scan from Bitdefender, Adwcleaner and Hitman Pro. HMP found a few minor items, mostly cookies. I removed everything that it notated as suspicious.
Then today, the popups continued. While on ebates.com, it happened again and pushed me to:
http://lp.ilividnewtab.com/lpid=4067&ap ... PI04CC3N4E
Other sites it has pushed me to (I will continue to update these as it happens):
I would be glad to describe my system specs even further if need be as in what version my software is. Does any body know of some steps that I may take in order to eliminate this problem?
I could not fit all of the FRST.txt on one post. It was six posts long! They are currently pending for the moderator to look at I think. I have attached the file in case you want to see the full extent of it.
_____________________________________________________________________________________________
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by joshuaslive (administrator) on HTPC on 12-03-2015 17:49:43
Running from C:\Users\joshuaslive\Downloads
Loaded Profiles: joshuaslive & Administrator (Available profiles: joshuaslive & Administrator)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.2\ABService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Code 42 Software) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Nurgo-Software) C:\Program Files (x86)\AquaSnap Pro\AquaSnap.Daemon.exe
(Nurgo-Software) C:\Program Files (x86)\AquaSnap Pro\AquaSnap.Daemon.x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\joshuaslive\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\joshuaslive\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\joshuaslive\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\joshuaslive\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\joshuaslive\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Lifehacker) C:\Program Files (x86)\Belvedere\Belvedere.exe
(Dropbox, Inc.) C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Animagic) C:\Users\joshuaslive\Documents\WinLayoutManager.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Eric Zhang) C:\Program Files (x86)\EZBlocker Real\EZBlocker.exe
(Scrivener HQ Pty Ltd.) C:\Program Files (x86)\Scrivener\Scrivener.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Thomson Reuters) C:\Program Files (x86)\EndNote X7\EndNote.exe
(Mozilla Foundation) C:\Program Files (x86)\Zotero Standalone\zotero.exe
(Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\FoxitReader.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SurfRight B.V.) C:\Users\joshuaslive\Downloads\HitmanPro_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-10] (Bitdefender)
HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
HKLM\...\Run: [Copy Handler] => [X]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-04-03] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [DLSService] => "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [Spotify Web Helper] => C:\Users\joshuaslive\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-10] (Spotify Ltd)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-10] (Bitdefender)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-09-13] (Bitdefender)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [ultracopier] => "C:\Program Files\Supercopier\supercopier.exe"
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [1063680 2014-10-27] (Secomba GmbH)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1867056 2014-03-20] (Sanford, L.P.)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [AquaSnap] => C:\Program Files (x86)\AquaSnap Pro\AquaSnap.Daemon.exe [1581056 2015-01-29] (Nurgo-Software)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [B31765248C8B8DB30D0542907829ECCB51C37359._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\Run: [Spotify] => C:\Users\joshuaslive\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-10] (Spotify Ltd)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\...\MountPoints2: {03fcb7d9-89f3-11e4-bee2-806e6f6e6963} - "D:\ASRSetup.exe"
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-10] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-09-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-09-13] (Bitdefender)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belvedere.lnk
ShortcutTarget: Belvedere.lnk -> C:\Program Files (x86)\Belvedere\Belvedere.exe (Lifehacker)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoHotkey - Copy.lnk
ShortcutTarget: AutoHotkey - Copy.lnk -> C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe ()
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Belvedere.lnk
ShortcutTarget: Belvedere.lnk -> C:\Program Files (x86)\Belvedere\Belvedere.exe (Lifehacker)
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinLayoutManager.exe - Shortcut.lnk
ShortcutTarget: WinLayoutManager.exe - Shortcut.lnk -> C:\Users\joshuaslive\Documents\WinLayoutManager.exe (Animagic)
SSODL: EldosMountNotificator-cbfs4 - {674F2E91-B061-40AC-84AF-2FBF04F26561} - C:\WINDOWS\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL: EldosMountNotificator-cbfs5 - {FA9023B2-3FE6-4946-B663-8B7EB200F9C2} - C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {674F2E91-B061-40AC-84AF-2FBF04F26561} - C:\WINDOWS\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {FA9023B2-3FE6-4946-B663-8B7EB200F9C2} - C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\joshuaslive\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {DCBC8B52-96BE-4BBA-AAF5-7012A098A3C1} => C:\WINDOWS\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {2E9CAF3E-9ECF-4670-A4DB-936A0562F076} => C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {DCBC8B52-96BE-4BBA-AAF5-7012A098A3C1} => C:\WINDOWS\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {2E9CAF3E-9ECF-4670-A4DB-936A0562F076} => C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1758922164-2190628695-3434072302-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-10-11] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-12-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-09-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.48 192.168.100.47
Tcpip\..\Interfaces\{E9075DF9-EF5F-4C45-BE2F-AB14D1EF19DC}: [NameServer] 208.67.222.222,208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.com/calendar/render
FF Keyword.URL: hxxp://www.bing.com/search?FORM=U164DF&PC=U164&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-27] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-27] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-02-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-10-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-1758922164-2190628695-3434072302-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Extension: Bing Extension - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\bingsearch.full@microsoft.com [2015-03-04]
FF Extension: EverSync - Sync bookmarks, backup your favorites. - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\fvdmedia@gmail.com [2015-02-22]
FF Extension: LastPass - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\support@lastpass.com [2014-03-01]
FF Extension: Zotero Word for Windows Integration - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\zoteroWinWordIntegration@zotero.org [2015-02-23]
FF Extension: Google Docs Viewer - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\adonis.cuhk@gmail.com.xpi [2014-02-23]
FF Extension: ShopAtHome - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\toolbar@shopathome.com.xpi [2015-03-05]
FF Extension: Zotero - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\zotero@chnm.gmu.edu.xpi [2014-04-13]
FF Extension: CacheViewer - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}.xpi [2014-02-23]
FF Extension: Adblock Plus - C:\Users\joshuaslive\AppData\Roaming\Mozilla\Firefox\Profiles\qnalfsek.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-23]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-06-22]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://my.iqtell.com/iqtell/workspace"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22]
CHR Extension: (RescueTime for Chrome™ & ChromeOS™) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2014-09-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-22]
CHR Extension: (Quicktime for Chrome) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\cejkmonkejkfelfmmefomcgficedapag [2014-12-25]
CHR Extension: (Pushbullet) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-06-22]
CHR Extension: (FacebookBlocker) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohbmkonphbnkadgpcpofdpjiopbbhdl [2014-06-22]
CHR Extension: (Zotero Connector) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-06-22]
CHR Extension: (AdBlock) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-06-22]
CHR Extension: (mysms - SMS from Computer) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2014-09-13]
CHR Extension: (Kindle Cloud Reader) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-01-28]
CHR Extension: (StayFocusd) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2015-02-19]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-09-13]
CHR Extension: (Google Wallet) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-22]
CHR Extension: (PDF Viewer) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2014-12-21]
CHR Extension: (BackStop) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidcjgldchekcoolelhbjfbnccjkckfj [2015-01-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-06-22]
CHR Extension: (Gmail) - C:\Users\joshuaslive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-22]
CHR HKU\S-1-5-21-1758922164-2190628695-3434072302-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.2\ABService.exe [29912 2014-12-24] (AOMEI Tech Co., Ltd.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-09-13] (Bitdefender)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [79872 2014-01-06] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-14] (Microsoft Corporation)
R2 CrashPlanService; C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [223232 2014-10-13] (Code 42 Software) [File not signed]
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-03] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-11] (IObit)
S3 Media Center 20 Service; C:\Program Files (x86)\J River\Media Center 20\JRService.exe [397600 2015-01-26] (JRiver, Inc.)
S4 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [7599616 2009-08-19] () [File not signed]
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-09-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-10] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S4 NZFSB; C:\Program Files (x86)\FlexRaid Host (4-12-14)\NZFS-TRAID-HOST-1.0_final_2014-03-18\NZFS-TRAID-HOST\common\NZFSB.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2013-07-31] () [File not signed]
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2013-07-31] () [File not signed]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2013-07-31] () [File not signed]
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3301888 2013-04-15] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-10] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-12-10] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-09-13] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-01-30] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 cbfs4; C:\WINDOWS\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R1 cbfs5; C:\WINDOWS\system32\drivers\cbfs5.sys [416960 2014-03-06] (EldoS Corporation)
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) [File not signed]
S3 CPen; C:\Windows\System32\Drivers\CPen.sys [21184 2010-04-08] ()
S3 DMBdtv; C:\Windows\System32\Drivers\DMBdtv.sys [121088 2009-12-30] (Windows (R) Win 7 DDK provider)
S3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-03-12] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R3 jrvad_service; C:\Windows\system32\drivers\JRiverWDMDriver.sys [36872 2015-01-26] (JRiver, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NZFSD; C:\Windows\System32\drivers\NZFSD.sys [280136 2014-03-18] (FlexRAID)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-13] (Realtek Semiconductor Corporation)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-10] (BitDefender S.R.L.)
S1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2013-02-18] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-02-18] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-02-18] (Paragon)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2013-08-30] (EldoS Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\JOSHUA~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 ASUSU1; \SystemRoot\system32\drivers\cm11264.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]
S3 vdrive; \SystemRoot\system32\DRIVERS\vdrive.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-12 17:49 - 2015-03-12 17:49 - 02095616 _____ (Farbar) C:\Users\joshuaslive\Downloads\FRST64.exe
2015-03-12 17:49 - 2015-03-12 17:49 - 00688992 _____ (Swearware) C:\Users\joshuaslive\Downloads\dds (1).scr
2015-03-12 17:49 - 2015-03-12 17:49 - 00038895 _____ () C:\Users\joshuaslive\Downloads\FRST.txt
2015-03-12 17:49 - 2015-03-12 17:49 - 00000000 ____D () C:\FRST
2015-03-12 17:48 - 2015-03-12 17:48 - 00688992 _____ (Swearware) C:\Users\joshuaslive\Downloads\dds.scr
2015-03-12 17:45 - 2015-03-12 17:45 - 00016561 _____ () C:\Users\joshuaslive\Downloads\hijackthis.log
2015-03-12 17:44 - 2015-03-12 17:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\joshuaslive\Downloads\HijackThis.exe
2015-03-12 17:39 - 2015-03-12 17:39 - 00043664 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-03-12 17:38 - 2015-03-12 17:38 - 00000000 ____D () C:\Program Files\HitmanPro
2015-03-12 11:51 - 2015-03-12 11:51 - 00000324 ____N () C:\WINDOWS\DtcInstall.log
2015-03-12 11:26 - 2015-03-12 11:26 - 00001530 _____ () C:\Users\joshuaslive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EZBlocker.exe.lnk
2015-03-12 11:25 - 2015-03-12 11:26 - 00000000 ____D () C:\Users\joshuaslive\Downloads\Ezblocker
2015-03-12 11:25 - 2015-03-12 11:25 - 00433664 _____ (Newtonsoft) C:\Users\joshuaslive\Downloads\Newtonsoft.Json.dll
2015-03-12 11:25 - 2015-03-12 11:25 - 00073728 _____ () C:\Users\joshuaslive\Downloads\CoreAudio.dll
2015-03-12 11:25 - 2015-03-12 11:25 - 00044032 _____ (NirSoft) C:\Users\joshuaslive\Downloads\nircmd.exe
2015-03-11 03:19 - 2015-01-23 03:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 03:19 - 2015-01-23 01:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 03:18 - 2015-03-05 22:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 03:18 - 2015-03-05 22:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 03:18 - 2015-02-25 19:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 03:18 - 2015-02-19 23:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 03:18 - 2015-02-19 22:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 03:18 - 2015-02-19 22:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 03:18 - 2015-02-19 22:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 03:18 - 2015-02-05 21:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 03:18 - 2015-02-05 21:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 03:18 - 2015-02-03 19:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 03:18 - 2015-02-03 19:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 03:18 - 2015-02-03 19:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 03:18 - 2015-02-02 19:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 03:18 - 2015-02-02 19:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 03:18 - 2015-01-30 19:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 03:18 - 2015-01-30 19:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 03:18 - 2015-01-30 19:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 03:18 - 2015-01-28 21:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 03:18 - 2015-01-28 21:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 03:18 - 2015-01-28 21:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 03:18 - 2015-01-28 21:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 03:18 - 2015-01-28 21:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 03:18 - 2015-01-28 21:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 03:18 - 2015-01-28 20:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 03:18 - 2015-01-28 20:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 03:18 - 2015-01-28 20:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 03:18 - 2015-01-28 20:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 03:18 - 2015-01-28 11:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 03:18 - 2015-01-28 11:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 03:18 - 2015-01-28 11:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 03:18 - 2015-01-27 22:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 03:18 - 2015-01-27 21:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 03:18 - 2015-01-27 00:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 03:18 - 2015-01-26 23:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 03:18 - 2015-01-26 22:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 03:18 - 2015-01-23 21:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 03:17 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 03:17 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 03:17 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 03:17 - 2015-02-20 20:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 03:17 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 03:17 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 03:17 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 03:17 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 03:17 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 03:17 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 03:17 - 2015-02-19 22:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 03:17 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 03:17 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 03:17 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 03:17 - 2015-02-19 22:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 03:17 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 03:17 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 03:17 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 03:17 - 2015-02-19 21:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 03:17 - 2015-02-19 21:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 03:17 - 2015-02-19 21:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 03:17 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 03:17 - 2015-02-19 21:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 03:17 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 03:17 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 03:17 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 03:17 - 2015-02-19 21:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 03:17 - 2015-02-19 21:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 03:17 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 03:17 - 2015-02-19 21:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 03:17 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 03:17 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 03:17 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 03:17 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 03:17 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 03:17 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 03:17 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 03:17 - 2015-02-12 13:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 03:17 - 2015-02-12 13:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 03:17 - 2015-02-07 19:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 03:17 - 2015-02-07 19:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 03:17 - 2015-02-06 19:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 03:17 - 2015-02-05 16:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 03:17 - 2015-02-02 20:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 03:17 - 2015-02-02 20:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 03:17 - 2015-01-29 23:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 03:17 - 2015-01-29 23:00 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 03:17 - 2015-01-29 22:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 03:17 - 2015-01-29 22:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 03:17 - 2015-01-29 22:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 03:17 - 2015-01-29 21:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 03:17 - 2015-01-29 21:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 03:17 - 2015-01-29 21:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 03:17 - 2015-01-29 21:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 03:17 - 2015-01-29 21:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 03:17 - 2015-01-29 21:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 03:17 - 2015-01-29 21:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 03:17 - 2015-01-29 21:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 03:17 - 2015-01-29 21:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 03:17 - 2015-01-29 21:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 03:17 - 2015-01-29 14:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 03:17 - 2015-01-29 14:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 03:17 - 2015-01-27 21:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 03:17 - 2015-01-27 21:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 03:17 - 2015-01-27 19:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 03:17 - 2015-01-27 19:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 03:17 - 2015-01-21 01:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 03:17 - 2015-01-21 01:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 03:17 - 2014-12-11 01:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 01:04 - 2015-03-11 01:04 - 00000000 ____D () C:\Users\joshuaslive\Documents\Naturalsoft
2015-03-11 01:04 - 2015-03-11 01:04 - 00000000 ____D () C:\ProgramData\Naturalsoft
2015-03-11 01:04 - 2015-03-11 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Naturalsoft
2015-03-11 01:04 - 2015-03-11 01:04 - 00000000 ____D () C:\Program Files (x86)\Naturalsoft
2015-03-11 01:03 - 2015-03-11 01:03 - 19548464 _____ (Naturalsoft limited ) C:\Users\joshuaslive\Downloads\standardsetup.exe
2015-03-10 18:31 - 2015-03-10 18:31 - 02171392 _____ () C:\Users\joshuaslive\Downloads\adwcleaner_4.112.exe
2015-03-10 15:40 - 2015-03-10 15:40 - 00001210 _____ () C:\Users\joshuaslive\Downloads\goodreads_export.csv
2015-03-10 14:03 - 2015-03-10 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-03-10 14:03 - 2015-03-10 14:03 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-03-10 01:07 - 2015-03-12 17:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-10 00:40 - 2015-03-10 04:03 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-10 00:40 - 2015-03-10 00:40 - 10995632 _____ (SurfRight B.V.) C:\Users\joshuaslive\Downloads\HitmanPro_x64.exe
2015-03-10 00:40 - 2015-03-10 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-10 00:40 - 2015-03-10 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-10 00:40 - 2015-03-10 00:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-10 00:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-10 00:40 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-10 00:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-10 00:39 - 2015-03-10 00:39 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\joshuaslive\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-10 00:37 - 2015-03-10 00:37 - 01388333 _____ (Thisisu) C:\Users\joshuaslive\Downloads\JRT.exe
2015-03-09 19:44 - 2015-03-09 19:49 - 119376770 _____ () C:\Users\joshuaslive\Downloads\CompilingUsingFormatPresetsLarge.mov
2015-03-09 19:43 - 2015-03-09 19:44 - 44092522 _____ () C:\Users\joshuaslive\Downloads\FolderSync.mov
2015-03-09 17:06 - 2015-03-09 17:06 - 01021253 _____ () C:\Users\joshuaslive\Downloads\survey.xlsx
2015-03-09 15:26 - 2015-03-09 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-09 15:25 - 2015-03-09 15:26 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2015-03-09 15:25 - 2015-03-09 15:25 - 00000000 ____D () C:\Program Files\Logitech
2015-03-09 15:22 - 2015-03-09 15:24 - 81533904 _____ (Logitech Inc.) C:\Users\joshuaslive\Downloads\SetPoint6.65.62_64.exe
2015-03-09 15:19 - 2015-03-09 15:26 - 00020256 _____ () C:\WINDOWS\LDPINST.LOG
2015-03-09 08:27 - 2015-03-09 08:27 - 00880208 _____ (Google Inc.) C:\Users\joshuaslive\Downloads\googledrivesync.exe
2015-03-08 14:42 - 2015-03-08 14:42 - 00000056 _____ () C:\WINDOWS\system32\bdsandbox.txt
2015-03-07 13:43 - 2014-10-31 00:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-03-07 13:43 - 2014-10-30 23:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-03-07 13:43 - 2014-10-30 23:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-03-07 13:43 - 2014-10-30 23:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-03-07 13:43 - 2014-10-30 23:18 - 04840960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-03-07 13:43 - 2014-10-30 23:09 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-03-07 13:43 - 2014-10-30 22:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-03-07 13:42 - 2014-10-29 00:03 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-03-07 13:42 - 2014-10-28 23:59 - 03460472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2015-03-07 13:42 - 2014-10-28 23:59 - 00014144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys
2015-03-07 13:42 - 2014-10-28 22:45 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-03-07 13:42 - 2014-10-28 22:29 - 04483072 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-03-07 13:42 - 2014-10-28 22:22 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-03-07 13:42 - 2014-10-28 22:19 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-03-07 13:42 - 2014-10-28 22:08 - 18822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-03-07 13:42 - 2014-10-28 22:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-03-07 13:42 - 2014-10-28 21:45 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-03-07 13:42 - 2014-10-28 21:45 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2015-03-07 13:42 - 2014-10-28 21:43 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2015-03-07 13:42 - 2014-10-28 21:42 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-03-07 13:42 - 2014-10-28 21:40 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2015-03-07 13:42 - 2014-10-28 21:35 - 04709888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-03-07 13:42 - 2014-10-28 21:33 - 15157760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-03-07 13:42 - 2014-10-28 21:28 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2015-03-07 13:42 - 2014-10-28 21:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-07 13:42 - 2014-10-28 21:17 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-03-07 13:42 - 2014-10-28 21:16 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2015-03-07 13:42 - 2014-10-28 21:10 - 02344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-03-07 13:42 - 2014-10-28 21:02 - 14354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-03-07 13:42 - 2014-10-28 20:54 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-03-07 13:42 - 2014-10-28 20:52 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-03-07 13:42 - 2014-10-28 20:51 - 01554432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-03-07 13:42 - 2014-10-28 20:50 - 12749824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-03-07 13:42 - 2014-10-28 20:46 - 09530368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-03-07 13:42 - 2014-10-28 20:45 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-03-07 13:42 - 2014-10-28 20:43 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-03-07 13:42 - 2014-10-28 20:38 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-03-07 13:42 - 2014-10-28 20:37 - 06386176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-03-07 13:42 - 2014-10-28 20:33 - 06213632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-03-07 13:42 - 2014-10-07 02:45 - 03307112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-03-07 13:42 - 2014-10-06 23:44 - 02890296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-03-07 13:41 - 2014-10-29 00:10 - 01816008 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2015-03-07 13:41 - 2014-10-29 00:09 - 01950280 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2015-03-07 13:41 - 2014-10-29 00:09 - 01309744 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2015-03-07 13:41 - 2014-10-29 00:09 - 01239576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2015-03-07 13:41 - 2014-10-29 00:04 - 00105872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-03-07 13:41 - 2014-10-29 00:03 - 00435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 02314952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 02229168 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 01540696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 01385216 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 00740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 00544408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-03-07 13:41 - 2014-10-29 00:00 - 00379568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-03-07 13:41 - 2014-10-28 23:59 - 02529856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-03-07 13:41 - 2014-10-28 23:58 - 00014528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2015-03-07 13:41 - 2014-10-28 23:57 - 03138720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2015-03-07 13:41 - 2014-10-28 23:57 - 03118096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2015-03-07 13:41 - 2014-10-28 23:57 - 02745160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-03-07 13:41 - 2014-10-28 23:57 - 02450216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2015-03-07 13:41 - 2014-10-28 23:57 - 01576312 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2015-03-07 13:41 - 2014-10-28 23:57 - 01552704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-03-07 13:41 - 2014-10-28 23:57 - 01286048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2015-03-07 13:41 - 2014-10-28 23:57 - 01210176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2015-03-07 13:41 - 2014-10-28 23:57 - 01150208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2015-03-07 13:41 - 2014-10-28 23:57 - 00643064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-03-07 13:41 - 2014-10-28 23:57 - 00557832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2015-03-07 13:41 - 2014-10-28 23:57 - 00389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-03-07 13:41 - 2014-10-28 23:55 - 02174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2015-03-07 13:41 - 2014-10-28 23:55 - 01660528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-03-07 13:41 - 2014-10-28 23:55 - 01543768 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2015-03-07 13:41 - 2014-10-28 23:55 - 01133200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-03-07 13:41 - 2014-10-28 23:55 - 01063432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2015-03-07 13:41 - 2014-10-28 23:55 - 00730824 _____ (Microsoft Corporation) C:\WINDOWS\system32\clbcatq.dll
2015-03-07 13:41 - 2014-10-28 23:55 - 00426120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2015-03-07 13:41 - 2014-10-28 23:53 - 00411128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-03-07 13:41 - 2014-10-28 23:52 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-03-07 13:41 - 2014-10-28 23:52 - 02334080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 01518504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 01509688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 01288096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 01165744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 01064720 _____ (Microsoft Corporation) C:\WINDOWS\system32\drmv2clt.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00952384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00850656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00734448 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00634768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00580024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00497936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00444728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00405456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-03-07 13:41 - 2014-10-28 23:52 - 00356936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-03-07 13:41 - 2014-10-28 23:51 - 01310912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-03-07 13:41 - 2014-10-28 23:18 - 01782912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2015-03-07 13:41 - 2014-10-28 23:18 - 01103768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2015-03-07 13:41 - 2014-10-28 23:18 - 00848568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2015-03-07 13:41 - 2014-10-28 23:18 - 00016504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psapi.dll
2015-03-07 13:41 - 2014-10-28 23:13 - 01901240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-03-07 13:41 - 2014-10-28 23:12 - 01946144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-03-07 13:41 - 2014-10-28 23:12 - 01907384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-03-07 13:41 - 2014-10-28 23:12 - 00616704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2015-03-07 13:41 - 2014-10-28 23:12 - 00430176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-03-07 13:41 - 2014-10-28 23:11 - 02689392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2015-03-07 13:41 - 2014-10-28 23:11 - 02528760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-03-07 13:41 - 2014-10-28 23:11 - 02447104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2015-03-07 13:41 - 2014-10-28 23:11 - 01037656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2015-03-07 13:41 - 2014-10-28 23:11 - 01024200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2015-03-07 13:41 - 2014-10-28 23:11 - 00914648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2015-03-07 13:41 - 2014-10-28 23:11 - 00492704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2015-03-07 13:41 - 2014-10-28 23:11 - 00488064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2015-03-07 13:41 - 2014-10-28 23:10 - 01564464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2015-03-07 13:41 - 2014-10-28 23:10 - 01287112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2015-03-07 13:41 - 2014-10-28 23:10 - 01209624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-03-07 13:41 - 2014-10-28 23:10 - 01178104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2015-03-07 13:41 - 2014-10-28 23:10 - 00569128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clbcatq.dll
2015-03-07 13:41 - 2014-10-28 23:10 - 00492232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 02324208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 01321192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 01115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00857384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00705008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00700328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00584120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00551064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00482360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00409040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00399752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-03-07 13:41 - 2014-10-28 23:07 - 00331048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2015-03-07 13:41 - 2014-10-28 23:05 - 00890128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmv2clt.dll
2015-03-07 13:41 - 2014-10-28 22:59 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-03-07 13:41 - 2014-10-28 22:56 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-03-07 13:41 - 2014-10-28 22:50 - 01192960 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-03-07 13:41 - 2014-10-28 22:48 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2015-03-07 13:41 - 2014-10-28 22:48 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-03-07 13:41 - 2014-10-28 22:44 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2015-03-07 13:41 - 2014-10-28 22:43 - 00685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2015-03-07 13:41 - 2014-10-28 22:42 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2015-03-07 13:41 - 2014-10-28 22:40 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2015-03-07 13:41 - 2014-10-28 22:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-07 13:41 - 2014-10-28 22:36 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlcese40.dll
2015-03-07 13:41 - 2014-10-28 22:33 - 07558144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll
2015-03-07 13:41 - 2014-10-28 22:33 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlsrv32.dll
2015-03-07 13:41 - 2014-10-28 22:31 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlceqp40.dll
2015-03-07 13:41 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2015-03-07 13:41 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70404.dll
2015-03-07 13:41 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7001E.dll
2015-03-07 13:41 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll
2015-03-07 13:41 - 2014-10-28 22:29 - 01246720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ogldrv.dll
2015-03-07 13:41 - 2014-10-28 22:29 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2015-03-07 13:41 - 2014-10-28 22:28 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2015-03-07 13:41 - 2014-10-28 22:27 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2015-03-07 13:41 - 2014-10-28 22:27 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2015-03-07 13:41 - 2014-10-28 22:26 - 00771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2015-03-07 13:41 - 2014-10-28 22:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2015-03-07 13:41 - 2014-10-28 22:25 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\blackbox.dll
2015-03-07 13:41 - 2014-10-28 22:24 - 04418560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-03-07 13:41 - 2014-10-28 22:18 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2015-03-07 13:41 - 2014-10-28 22:17 - 02003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2015-03-07 13:41 - 2014-10-28 22:11 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-03-07 13:41 - 2014-10-28 22:11 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2015-03-07 13:41 - 2014-10-28 22:10 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-03-07 13:41 - 2014-10-28 22:09 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2015-03-07 13:41 - 2014-10-28 22:08 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2015-03-07 13:41 - 2014-10-28 22:08 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2015-03-07 13:41 - 2014-10-28 22:08 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-03-07 13:41 - 2014-10-28 22:08 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmnet.dll
2015-03-07 13:41 - 2014-10-28 22:07 - 06692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2015-03-07 13:41 - 2014-10-28 22:07 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2015-03-07 13:41 - 2014-10-28 22:06 - 01313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2015-03-07 13:41 - 2014-10-28 22:06 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2015-03-07 13:41 - 2014-10-28 22:05 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2015-03-07 13:41 - 2014-10-28 22:04 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WavDest.dll
2015-03-07 13:41 - 2014-10-28 22:03 - 02334720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2015-03-07 13:41 - 2014-10-28 22:03 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-03-07 13:41 - 2014-10-28 22:03 - 00832000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2015-03-07 13:41 - 2014-10-28 22:01 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2015-03-07 13:41 - 2014-10-28 22:00 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-03-07 13:41 - 2014-10-28 22:00 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-03-07 13:41 - 2014-10-28 21:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2015-03-07 13:41 - 2014-10-28 21:59 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2015-03-07 13:41 - 2014-10-28 21:59 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2015-03-07 13:41 - 2014-10-28 21:57 - 02924032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2015-03-07 13:41 - 2014-10-28 21:57 - 01479168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2015-03-07 13:41 - 2014-10-28 21:57 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2015-03-07 13:41 - 2014-10-28 21:56 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2015-03-07 13:41 - 2014-10-28 21:56 - 01526784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2015-03-07 13:41 - 2014-10-28 21:56 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-03-07 13:41 - 2014-10-28 21:56 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2015-03-07 13:41 - 2014-10-28 21:55 - 01697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2015-03-07 13:41 - 2014-10-28 21:54 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscp.dll
2015-03-07 13:41 - 2014-10-28 21:54 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-03-07 13:41 - 2014-10-28 21:53 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-03-07 13:41 - 2014-10-28 21:53 - 01065984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2015-03-07 13:41 - 2014-10-28 21:53 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2015-03-07 13:41 - 2014-10-28 21:53 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-03-07 13:41 - 2014-10-28 21:53 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlcese40.dll
2015-03-07 13:41 - 2014-10-28 21:51 - 00941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2015-03-07 13:41 - 2014-10-28 21:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-07 13:41 - 2014-10-28 21:50 - 01289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2015-03-07 13:41 - 2014-10-28 21:50 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlsrv32.dll
2015-03-07 13:41 - 2014-10-28 21:49 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2015-03-07 13:41 - 2014-10-28 21:49 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2015-03-07 13:41 - 2014-10-28 21:49 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlceqp40.dll
2015-03-07 13:41 - 2014-10-28 21:48 - 01080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2015-03-07 13:41 - 2014-10-28 21:48 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2015-03-07 13:41 - 2014-10-28 21:48 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-03-07 13:41 - 2014-10-28 21:47 - 02072064 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2015-03-07 13:41 - 2014-10-28 21:47 - 01096192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ogldrv.dll
2015-03-07 13:41 - 2014-10-28 21:47 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpssvcs.dll
2015-03-07 13:41 - 2014-10-28 21:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2015-03-07 13:41 - 2014-10-28 21:46 - 01497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-03-07 13:41 - 2014-10-28 21:46 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2015-03-07 13:41 - 2014-10-28 21:45 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-03-07 13:41 - 2014-10-28 21:45 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2015-03-07 13:41 - 2014-10-28 21:45 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\blackbox.dll
2015-03-07 13:41 - 2014-10-28 21:44 - 02984448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-03-07 13:41 - 2014-10-28 21:43 - 01092608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2015-03-07 13:41 - 2014-10-28 21:43 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2015-03-07 13:41 - 2014-10-28 21:42 - 03724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2015-03-07 13:41 - 2014-10-28 21:42 - 01999872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-03-07 13:41 - 2014-10-28 21:42 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2015-03-07 13:41 - 2014-10-28 21:40 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-03-07 13:41 - 2014-10-28 21:39 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-03-07 13:41 - 2014-10-28 21:39 - 01571328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2015-03-07 13:41 - 2014-10-28 21:39 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2015-03-07 13:41 - 2014-10-28 21:38 - 04690432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2015-03-07 13:41 - 2014-10-28 21:37 - 01563136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2015-03-07 13:41 - 2014-10-28 21:37 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2015-03-07 13:41 - 2014-10-28 21:36 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2015-03-07 13:41 - 2014-10-28 21:36 - 01252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2015-03-07 13:41 - 2014-10-28 21:36 - 01008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-03-07 13:41 - 2014-10-28 21:36 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-03-07 13:41 - 2014-10-28 21:36 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2015-03-07 13:41 - 2014-10-28 21:36 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2015-03-07 13:41 - 2014-10-28 21:35 - 03256320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2015-03-07 13:41 - 2014-10-28 21:35 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2015-03-07 13:41 - 2014-10-28 21:34 - 01114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-03-07 13:41 - 2014-10-28 21:34 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2015-03-07 13:41 - 2014-10-28 21:33 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll