Blue screen:
technical information:
*** STOP: 0x00000101 (0x00000061,0x00000000,0x807c4120,0x00000001
dumping physical disc to memory: 100
I have malewarebytes, emisoft and avast. Ran combofix and it repaired things enough to run scan disc at start up (it would not before) and update windows (140 updates!).
But now the blue screen after start up during use
operates just fine in safe mode with networking for a few hours now.
help?
Kim
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 11.0.9600.17496
Run by Judie at 19:21:32 on 2014-12-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1918.1256 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Qustodio\qproxy\qengine.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ask.com/?l=dis&o=14196
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QAppTray] "c:\program files\qustodio\qapp\QAppTray.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [GrpConv] grpconv -o
StartupFolder: c:\users\judie\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\windows\system32\qproxy.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://games.bigfishgames.com/en_dinerd ... 0.0.33.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5}\374756078616E69656 : DHCPNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5}\66D636D27657563747 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5}\66D636D27657563747 : DHCPNameServer = 4.2.2.2 8.8.8.8 192.168.207.103
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5}\D4970286F6D65602E6564777F627B6 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5}\D4970286F6D65602E6564777F627B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{16F67F0C-64EE-4A5F-A47A-90751A647BB5}\D6F62727E65647 : DHCPNameServer = 192.168.254.254 192.168.254.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 qengine;qengine;c:\program files\qustodio\qproxy\qengine.exe [2014-5-29 3884880]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-12-17 49944]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-12-17 206248]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-12-17 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-12-17 423784]
S1 qwd;qwd service;c:\windows\system32\drivers\qwd.sys [2014-10-20 25304]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-12-17 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-12-17 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-12-17 91496]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-12-17 50344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2010-1-11 155648]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-31 1871160]
S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-31 969016]
S2 qupdate;qupdate;c:\program files\qustodio\qapp\QUpdateService.exe [2014-5-29 1853240]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2014-12-17 218192]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2014-12-17 3192344]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CisUtMonitor;CisUtMonitor;c:\windows\system32\drivers\CisUtMonitor.sys [2014-9-9 27600]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-12-17 102912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-31 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-31 114904]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-8-31 51928]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [2010-10-1 52096]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-8-21 1343400]
.
=============== File Associations ===============
.
ShellExec: AcroRd32.exe: NCHconvertdoc="c:\program files\nch software\videopad\videopad.exe" -extfind Doxillion "%L"
.
=============== Created Last 30 ================
.
2014-12-19 12:50:47 -------- d-sh--w- c:\users\judie\appdata\local\EmieUserList
2014-12-19 12:50:47 -------- d-sh--w- c:\users\judie\appdata\local\EmieSiteList
2014-12-19 12:50:47 -------- d-sh--w- c:\users\judie\appdata\local\EmieBrowserModeList
2014-12-19 05:06:26 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2014-12-19 04:34:14 114904 ----a-w- c:\windows\system32\drivers\65A03C1A.sys
2014-12-19 03:58:34 -------- d-----w- c:\program files\Enigma Software Group
2014-12-18 02:58:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-18 01:28:44 -------- d-----w- c:\program files\iPod
2014-12-18 01:28:40 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-12-18 01:07:35 -------- d-----w- c:\users\judie\appdata\roaming\Dropbox
2014-12-18 01:04:13 -------- d-----w- c:\windows\system32\vbox
2014-12-18 01:01:27 -------- d-----w- c:\users\judie\appdata\roaming\AVAST Software
2014-12-18 00:59:13 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-12-18 00:59:12 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-18 00:59:11 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-18 00:59:11 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-18 00:59:10 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-18 00:59:09 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-12-18 00:59:03 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-18 00:58:51 43152 ----a-w- c:\windows\avastSS.scr
2014-12-18 00:56:06 -------- d-----w- c:\program files\AVAST Software
2014-12-18 00:46:46 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-12-18 00:46:46 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-12-17 12:52:00 -------- d-s---w- c:\windows\system32\CompatTel
2014-12-17 12:52:00 -------- d-----w- c:\windows\system32\appraiser
2014-12-17 05:09:04 3209728 ----a-w- c:\windows\system32\mf.dll
2014-12-17 05:09:04 23040 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-17 05:09:04 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-17 05:09:04 103424 ----a-w- c:\windows\system32\mfps.dll
2014-12-17 05:09:03 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-17 04:53:37 -------- d-----w- c:\windows\Migration
2014-12-17 04:37:45 9054624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fff6eef0-202b-4d4d-b78f-4776db8a109c}\mpengine.dll
2014-12-17 04:19:50 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-12-17 04:19:50 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-12-17 04:19:50 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-12-17 04:19:50 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-12-17 04:19:50 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-12-17 04:19:49 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-12-17 04:19:49 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-12-17 04:18:32 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-12-17 04:18:28 8856 ----a-w- c:\windows\system32\icardres.dll
2014-12-17 04:18:18 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-12-17 04:18:15 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-12-17 04:06:11 -------- d-----w- c:\windows\system32\MRT
2014-12-17 03:54:41 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-12-17 03:54:40 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2014-12-17 03:29:39 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2014-12-17 03:29:39 1168384 ----a-w- c:\windows\system32\crypt32.dll
2014-12-17 03:29:39 103936 ----a-w- c:\windows\system32\cryptnet.dll
2014-12-17 03:29:31 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-12-17 03:29:26 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-12-17 03:29:26 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-12-17 03:28:22 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-12-17 03:28:13 903168 ----a-w- c:\windows\system32\certutil.exe
2014-12-17 03:28:13 43008 ----a-w- c:\windows\system32\certenc.dll
2014-12-17 03:28:00 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-12-17 03:28:00 656896 ----a-w- c:\windows\system32\nshwfp.dll
2014-12-17 03:28:00 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-12-17 03:26:49 3969984 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-12-17 03:26:48 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-12-17 03:26:47 538112 ----a-w- c:\windows\system32\objsel.dll
2014-12-17 03:26:47 51200 ----a-w- c:\windows\system32\cngprovider.dll
2014-12-17 03:26:47 49664 ----a-w- c:\windows\system32\adprovider.dll
2014-12-17 03:26:47 48128 ----a-w- c:\windows\system32\capiprovider.dll
2014-12-17 03:26:47 47616 ----a-w- c:\windows\system32\dpapiprovider.dll
2014-12-17 03:26:47 36864 ----a-w- c:\windows\system32\dimsroam.dll
2014-12-17 03:26:47 35328 ----a-w- c:\windows\system32\wincredprovider.dll
2014-12-17 03:26:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2014-12-17 03:26:28 626688 ----a-w- c:\windows\system32\usp10.dll
2014-12-17 03:24:41 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-12-17 03:24:41 619520 ----a-w- c:\windows\system32\tdh.dll
2014-12-17 03:24:41 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-12-17 03:24:40 69632 ----a-w- c:\windows\system32\smss.exe
2014-12-17 03:24:40 38912 ----a-w- c:\windows\system32\csrsrv.dll
2014-12-17 03:24:37 2363904 ----a-w- c:\windows\system32\msi.dll
2014-12-17 03:24:18 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-12-17 03:24:12 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-12-17 03:24:09 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-12-17 03:24:01 155136 ----a-w- c:\windows\system32\charmap.exe
2014-12-17 03:22:58 163840 ----a-w- c:\windows\system32\scrrun.dll
2014-12-17 03:21:48 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-17 03:20:56 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-12-17 03:20:56 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-12-17 03:20:56 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-12-17 03:20:56 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-12-17 03:20:56 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-12-17 03:20:56 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-12-17 03:20:56 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-12-17 03:19:48 47104 ----a-w- c:\windows\system32\appinfo.dll
2014-12-17 03:00:21 248832 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-17 03:00:21 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-17 03:00:21 198656 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-17 03:00:21 145920 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-17 03:00:21 1177088 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-17 02:47:22 2425856 ----a-w- c:\windows\system32\wucltux.dll
2014-12-17 02:46:56 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-12-17 02:46:41 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-12-17 02:46:41 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-12-17 02:41:34 -------- d-sh--w- C:\$RECYCLE.BIN
2014-12-17 02:20:45 98816 ----a-w- c:\windows\sed.exe
2014-12-17 02:20:45 256000 ----a-w- c:\windows\PEV.exe
2014-12-17 02:20:45 208896 ----a-w- c:\windows\MBR.exe
2014-12-17 02:06:49 -------- d-----w- c:\users\judie\appdata\local\Macromedia
2014-12-11 13:52:08 3981488 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
==================== Find3M ====================
.
2014-12-19 22:33:58 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-18 02:58:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-13 23:54:07 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-13 23:54:07 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-04 04:38:59 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 04:38:45 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 04:38:40 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 04:38:37 728576 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 04:38:36 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 04:38:36 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 04:34:13 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28:26 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-24 19:04:58 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 11:14:20 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 11:14:10 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 11:14:06 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 02:44:32 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 01:32:14 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45:09 2048 ----a-w- c:\windows\system32\tzres.dll
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-20 03:31:27 414392 ----a-w- c:\windows\system32\drivers\aswsp.sys.1413775949811
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-09-25 01:40:50 519680 ----a-w- c:\windows\system32\qdvd.dll
.
============= FINISH: 19:24:33.76 ===============