# My IE 11 keeps resetting resetting proxy server



## RonnSull

Hello guys, I just recently fell victim to so nasty malware and a couple of trojans. I done scans with malware bites and avg 2014 and got rid of everything they both could find. Now I am having problems getting IE 11 to work.

The proxy server isnt responding


Check your proxy settings *127.0.0.1:8877*.
Go to Tools > Internet Options > Connections. If you are on a LAN, click LAN settings.
Make sure your firewall settings arent blocking your web access.
Ask your system administrator for help.
Is what appears now. I manually went Internet options/Connections/LAN Settings unchecked "Use a proxy for your LAN". Click OK and go out try to use IE again and get same message, so I go to LAN settings again and Proxy Server is checked again. Firefox also acted the same way but I was able to fix it after the malware scans. Can anyone please give me a little input on this? Thanks

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 12249 Mb
Graphics Card: NVIDIA GeForce GT 620, 1024 Mb
Hard Drives: C: Total - 938063 MB, Free - 785046 MB;
Motherboard: Dell Inc., 0NW73C
Antivirus: AVG AntiVirus 2014, Updated and Enabled


----------



## RonnSull

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:51:04 PM, on 5/10/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Ronnie\Downloads\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U156&form=U156HP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Shwicon9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PowerDVD13Agent] "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: CyberLink PowerDVD 13 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
O23 - Service: CyberLink PowerDVD 13 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

--
End of file - 11058 bytes


----------



## RonnSull

I also can't get dds or GMER to run. When I run GMER I get C:\WINDOWS\system32\config\system: The process cannot access the file because it is being used by another process. DDS says DDS is not meant to run in 'Compatibility Mode'. The program shall now exit.


----------



## Phantom010

1- Please run *HijackThis* again.

2- Click on *Open The Misc Tools section *from the Main Menu.

3- Click on *Open Uninstall Manager*.

4- Click on *Save list...*

5- Save the text file to the desktop.

6- Copy and paste the log from Notepad into your next reply.


----------



## RonnSull

Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
AVG PC TuneUp 2014
ConvertXtoDVD 4.1.19.365
Coupon Printer for Windows
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink Media Suite Essentials
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD 10
CyberLink PowerDVD 13
CyberLink PowerDVD 13
D3DX10
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Digital Delivery
Dell WLAN and Bluetooth Client Installation
FrostWire 5.5.5
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
Movie Maker
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
Multimedia Card Reader
MyDriveConnect 3.3.0.1502
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OJOsoft Total Video Converter
OpenOffice.org 3.4.1
Photo Common
Photo Gallery
Photo Gallery
Realtek High Definition Audio Driver
Spybot - Search & Destroy
swMSM
Visual Studio 2012 x86 Redistributables
Visual Studio C++ 10.0 Runtime
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack


----------



## Phantom010

Please download *AdwCleaner*.


Double-click the *adwcleaner.exe* to run the tool.
 Click *Scan*.
 When the scan is finished, click *Clean*.
When the cleaning process is over, click *Report* and a Notepad window will be opened.
 Please post the contents here in your topic.


----------



## RonnSull

# AdwCleaner v3.207 - Report created 10/05/2014 at 20:29:11
# Updated 05/05/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Ronnie - DESKTOP
# Running from : C:\Users\Ronnie\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\Ronnie\AppData\Roaming\aps.uninstall.scan.results
File Deleted : C:\Users\Ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\z5wdyv4y.default\searchplugins\conduit-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKCU\Software\AnyProtect

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\z5wdyv4y.default\prefs.js ]


----------



## Phantom010

Are the proxy settings still resetting?


----------



## RonnSull

Yes they are


----------



## Phantom010

I believe your computer is infected with something that will need more powerful removal tools.

Please click on *Report* and ask for a malware removal expert's assistance.


----------



## RonnSull

Ok thanks


----------



## RonnSull

bump


----------



## RonnSull

bump


----------



## Mark1956

Hi RonnSull, please run this scan below and post the results.

Download RogueKiller (by tigzy) and save direct to your Desktop.
On the web page, scroll down until you see these two icons:  Select the 32bit (on the left) or the 64bit button to match the bit rate of your version of Windows.


Quit all running programs. 
Start RogueKiller.exe by double clicking on the icon. 
Wait until Prescan has finished. 
Ensure all boxes are ticked under "Report" tab. 
Click on Scan. 
Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
NOTE: *DO NOT attempt to remove anything that the scan detects.*


----------



## RonnSull

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Ronnie [Admin rights]
Mode : Scan -- Date : 05/12/2014 16:20:24
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[PROXY IE][PUM] HKLM\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877 [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND
[PROXY IE][PUM] HKLM\[...]\Internet Settings : ProxyEnable (1) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E274C)
[Address] EAT @explorer.exe (DllGetClassObject) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E4984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E8180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E2C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E8180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E2A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5EC60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E3788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E2DC0)
[Address] EAT @explorer.exe (DwmFlush) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E26C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5EC118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E1D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E8180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E8180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5EC8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E1010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E6308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E11B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ED050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E6F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E69A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E7CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ED050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ED1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ED558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ED050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E10E8)
[Address] EAT @explorer.exe (DwmShowContact) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E3A90)
[Address] EAT @explorer.exe (DwmTetherContact) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ECB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5EDBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E3A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E2320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E5FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E7710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E3760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5E22E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : dxgi.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x5F5ECE70)
[Address] EAT @explorer.exe (AppCacheCheckManifest) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596D5828)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596D17E0)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E1320)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E1378)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596D1950)
[Address] EAT @explorer.exe (AppCacheFinalize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E13D0)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E1428)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597297C0)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A7548)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E1510)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E1568)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5973BB94)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972979C)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E15C0)
[Address] EAT @explorer.exe (AppCacheGetInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E1618)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596D40B0)
[Address] EAT @explorer.exe (AppCacheLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F6FF8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BB2C0)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EC888)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EE4C0)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B8690)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A322C)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A3388)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BB450)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59729E7C)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59729E58)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E252C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E6A34)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A7A00)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596D83B0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B5494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B5494)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A7B70)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E262C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5979F270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5979F76C)
[Address] EAT @explorer.exe (DispatchAPICall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59671B28)
[Address] EAT @explorer.exe (DllCanUnloadNow) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596E9CC0)
[Address] EAT @explorer.exe (DllGetClassObject) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596E5990)
[Address] EAT @explorer.exe (DllInstall) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977A544)
[Address] EAT @explorer.exe (DllRegisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597822D0)
[Address] EAT @explorer.exe (DllUnregisterServer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59782310)
[Address] EAT @explorer.exe (FindCloseUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967A0C0)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EE16C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A2CB4)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967BA6C)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596E7DA8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A97E0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596E7570)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E2730)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EE044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A2F48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967BED0)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E2878)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E2A48)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A9400)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E2C18)
[Address] EAT @explorer.exe (ForceNexusLookup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B889C)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B88F0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E2D34)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A66F0)
[Address] EAT @explorer.exe (FtpCommandA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978D388)
[Address] EAT @explorer.exe (FtpCommandW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59790D4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978D46C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59790EE8)
[Address] EAT @explorer.exe (FtpDeleteFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978D50C)
[Address] EAT @explorer.exe (FtpDeleteFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791050)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978D5AC)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597911B8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978D818)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791390)
[Address] EAT @explorer.exe (FtpGetFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978D8D8)
[Address] EAT @explorer.exe (FtpGetFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791518)
[Address] EAT @explorer.exe (FtpGetFileSize) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978DAFC)
[Address] EAT @explorer.exe (FtpGetFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597916AC)
[Address] EAT @explorer.exe (FtpOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978DD70)
[Address] EAT @explorer.exe (FtpOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597917B0)
[Address] EAT @explorer.exe (FtpPutFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978DE50)
[Address] EAT @explorer.exe (FtpPutFileEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791840)
[Address] EAT @explorer.exe (FtpPutFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597919A4)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978E1D0)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791A78)
[Address] EAT @explorer.exe (FtpRenameFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978E270)
[Address] EAT @explorer.exe (FtpRenameFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791BD4)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978E324)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59791DF4)
[Address] EAT @explorer.exe (GetProxyDllInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59777C00)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E2F54)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A62C8)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967ACF0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E31F0)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E33A8)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EF540)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59677824)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E35F0)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E3858)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5968BDE0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherGetAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherGetAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherOpenFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (GopherOpenFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59684140)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59697A30)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A45C8)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F30E0)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F3240)
[Address] EAT @explorer.exe (HttpEndRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B8A68)
[Address] EAT @explorer.exe (HttpEndRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A4C64)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597BCBCC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59787058)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F63C0)
[Address] EAT @explorer.exe (HttpOpenRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A52C0)
[Address] EAT @explorer.exe (HttpOpenRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59682EE0)
[Address] EAT @explorer.exe (HttpPushClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59787D94)
[Address] EAT @explorer.exe (HttpPushEnable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59787E44)
[Address] EAT @explorer.exe (HttpPushWait) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59787E9C)
[Address] EAT @explorer.exe (HttpQueryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59688B60)
[Address] EAT @explorer.exe (HttpQueryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5968A090)
[Address] EAT @explorer.exe (HttpSendRequestA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597240D0)
[Address] EAT @explorer.exe (HttpSendRequestExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A4D64)
[Address] EAT @explorer.exe (HttpSendRequestExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B8880)
[Address] EAT @explorer.exe (HttpSendRequestW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59697634)
[Address] EAT @explorer.exe (HttpWebSocketClose) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B5350)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B58DC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B5498)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B5D7C)
[Address] EAT @explorer.exe (HttpWebSocketSend) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B62C0)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597B6580)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B74F4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C1ABC)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C1CA0)
[Address] EAT @explorer.exe (InternetAttemptConnect) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977BF9C)
[Address] EAT @explorer.exe (InternetAutodial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781148)
[Address] EAT @explorer.exe (InternetAutodialCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977844C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597811E0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977C004)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59727A50)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977C110)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977D40C)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A5D68)
[Address] EAT @explorer.exe (InternetCloseHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596871F4)
[Address] EAT @explorer.exe (InternetCombineUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977C5B8)
[Address] EAT @explorer.exe (InternetCombineUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596DC930)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2A6C)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59721BD0)
[Address] EAT @explorer.exe (InternetConnectA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977C6D0)
[Address] EAT @explorer.exe (InternetConnectW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596865EC)
[Address] EAT @explorer.exe (InternetCrackUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B30E4)
[Address] EAT @explorer.exe (InternetCrackUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F9760)
[Address] EAT @explorer.exe (InternetCreateUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977C800)
[Address] EAT @explorer.exe (InternetCreateUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596DBEC8)
[Address] EAT @explorer.exe (InternetDial) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781270)
[Address] EAT @explorer.exe (InternetDialA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781270)
[Address] EAT @explorer.exe (InternetDialW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5978131C)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A5D74)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A5DE0)
[Address] EAT @explorer.exe (InternetErrorDlg) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2B24)
[Address] EAT @explorer.exe (InternetFindNextFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597906A8)
[Address] EAT @explorer.exe (InternetFindNextFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597929E8)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59787EF4)
[Address] EAT @explorer.exe (InternetFreeCookies) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B6AC8)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972762C)
[Address] EAT @explorer.exe (InternetGetCertByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59674D80)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59674D80)
[Address] EAT @explorer.exe (InternetGetConnectedState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EEE28)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597282A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597282A0)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596CAD90)
[Address] EAT @explorer.exe (InternetGetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A70B0)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B6A98)
[Address] EAT @explorer.exe (InternetGetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A70E0)
[Address] EAT @explorer.exe (InternetGetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B6B34)
[Address] EAT @explorer.exe (InternetGetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A73E4)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977C898)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977D500)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A5EC4)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A5F14)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59727374)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977CA38)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977D6BC)
[Address] EAT @explorer.exe (InternetGoOnline) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597813D0)
[Address] EAT @explorer.exe (InternetGoOnlineA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597813D0)
[Address] EAT @explorer.exe (InternetGoOnlineW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781468)
[Address] EAT @explorer.exe (InternetHangUp) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781500)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596DC574)
[Address] EAT @explorer.exe (InternetLockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F02BC)
[Address] EAT @explorer.exe (InternetOpenA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596AD55C)
[Address] EAT @explorer.exe (InternetOpenUrlA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977CB50)
[Address] EAT @explorer.exe (InternetOpenUrlW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977D7B8)
[Address] EAT @explorer.exe (InternetOpenW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596AD3D4)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5969AB70)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59787F54)
[Address] EAT @explorer.exe (InternetQueryOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59680D50)
[Address] EAT @explorer.exe (InternetQueryOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59681220)
[Address] EAT @explorer.exe (InternetReadFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59698430)
[Address] EAT @explorer.exe (InternetReadFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BDF90)
[Address] EAT @explorer.exe (InternetReadFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BDF00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C1E78)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C1FE8)
[Address] EAT @explorer.exe (InternetSetCookieA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A7404)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A742C)
[Address] EAT @explorer.exe (InternetSetCookieExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A748C)
[Address] EAT @explorer.exe (InternetSetCookieExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B2BB0)
[Address] EAT @explorer.exe (InternetSetCookieW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A7530)
[Address] EAT @explorer.exe (InternetSetDialState) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781580)
[Address] EAT @explorer.exe (InternetSetDialStateA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59781580)
[Address] EAT @explorer.exe (InternetSetDialStateW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597815D8)
[Address] EAT @explorer.exe (InternetSetFilePointer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972A07C)
[Address] EAT @explorer.exe (InternetSetOptionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967DF30)
[Address] EAT @explorer.exe (InternetSetOptionExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977DDE0)
[Address] EAT @explorer.exe (InternetSetOptionExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977DED4)
[Address] EAT @explorer.exe (InternetSetOptionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967E3F0)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A5FAC)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A6044)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596AE178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596AE178)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BEF08)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977CBE4)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5977D970)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F18FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F18FC)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972AD7C)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59724760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59724760)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972468C)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596EFFF0)
[Address] EAT @explorer.exe (InternetWriteFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B8B08)
[Address] EAT @explorer.exe (InternetWriteFileExA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (InternetWriteFileExW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596CBC50)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E3A8C)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972A290)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59799C6C)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2158)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B46B8)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597A4318)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BCBBC)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E3BDC)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596E9ED8)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59780670)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E3CEC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E3EC8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E40A0)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597280B8)
[Address] EAT @explorer.exe (RunOnceUrlCache) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x59674D80)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E42A4)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E43D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E44D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E44D8)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596B1278)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596BC1EC)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E46A4)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4860)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4A50)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4C10)
[Address] EAT @explorer.exe (ShowCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2158)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2158)
[Address] EAT @explorer.exe (ShowSecurityInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2178)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597C2310)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4D30)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4E68)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F2364)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E4FA8)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E50C8)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E5120)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E516C)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A2630)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596A77A0)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5972BA04)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F89A8)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E51C4)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x5967A5B0)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E521C)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E5274)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E52D4)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E532C)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E5384)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597E53E4)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x596F8FF4)
[Address] EAT @explorer.exe (UrlZonesDetach) : iertutil.dll -> HOOKED (C:\WINDOWS\System32\WININET.dll @ 0x597BD000)
[Address] EAT @explorer.exe (AsyncGetClassBits) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE73FC)
[Address] EAT @explorer.exe (CoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B95660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B980A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B846A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B843C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD5280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B51EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B60810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C10284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD53D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B99CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B52460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B98DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B951B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B91820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B856A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B61490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B97C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD5AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B6D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B94044)
[Address] EAT @explorer.exe (CopyBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE3020)
[Address] EAT @explorer.exe (CopyStgMedium) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B5BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BA86C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B93D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B768E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B53660)
[Address] EAT @explorer.exe (CreateURLMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BACCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B578D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B940F0)
[Address] EAT @explorer.exe (CreateUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B516F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B51600)
[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B9AB3C)
[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2458)
[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BAE070)
[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2470)
[Address] EAT @explorer.exe (Extract) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B86B60)
[Address] EAT @explorer.exe (FindMediaType) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B76080)
[Address] EAT @explorer.exe (FindMimeFromData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B950BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C102B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BAB8EC)
[Address] EAT @explorer.exe (GetClassURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B6C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C18B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C09390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1EA4)
[Address] EAT @explorer.exe (GetPropertyName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BAE070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BADEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B56D90)
[Address] EAT @explorer.exe (HlinkGoBack) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C06E78)
[Address] EAT @explorer.exe (HlinkGoForward) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C06F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C06FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C07004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C07038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C075E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE12FC)
[Address] EAT @explorer.exe (IEDllLoader) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD26F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE3244)
[Address] EAT @explorer.exe (IEInstallScope) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B921FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C10668)
[Address] EAT @explorer.exe (IsJITInProgress) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B6B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C0855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C08688)
[Address] EAT @explorer.exe (IsStringProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD1ED4)
[Address] EAT @explorer.exe (IsValidURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B87610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BA92F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BDDCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE7560)
[Address] EAT @explorer.exe (QueryAssociations) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B6E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B8F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B91C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD20C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B88C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B57D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B8FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD22CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BE3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BAE070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BDDE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B93A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C10820)
[Address] EAT @explorer.exe (URLDownloadA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD5CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C07D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B7A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C07F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B7EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD5D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C08058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C08138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C0821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C082E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C08408)
[Address] EAT @explorer.exe (URLOpenStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C084D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BAC9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59BD2804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B63E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B8D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59B7A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C085D0)
[Address] EAT @explorer.exe (ZonesReInit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x59C09C30)
[Address] EAT @explorer.exe (DllCanUnloadNow) : msxml6.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x5B2C1010)
[Address] EAT @explorer.exe (DllGetClassObject) : msxml6.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x5B2C1130)
[Address] EAT @explorer.exe (CscNetApiGetInterface) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A21530)
[Address] EAT @explorer.exe (CscSearchApiGetInterface) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A23CB8)
[Address] EAT @explorer.exe (OfflineFilesEnable) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A26FA0)
[Address] EAT @explorer.exe (OfflineFilesGetShareCachingMode) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A27434)
[Address] EAT @explorer.exe (OfflineFilesQueryStatus) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A22F50)
[Address] EAT @explorer.exe (OfflineFilesQueryStatusEx) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A22D50)
[Address] EAT @explorer.exe (OfflineFilesStart) : MSVCP110.dll -> HOOKED (C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x57A274F0)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-1CH162 +++++
--- User ---
[MBR] d51efa1dc330366a38ff4de1350b8b89
[BSP] dd731811231384795e2bc1263add01a1 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Brother MFC-295CN USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- SD/MMC USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- Compact Flash USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

+++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ USB) SAMSUNG SCH-I500 Card USB Device +++++
Error reading User MBR! ([0x15] The device is not ready. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

Finished : << RKreport[0]_S_05122014_162024.txt >>


----------



## Mark1956

That found the Proxy setting, lets see if it will fix it. Post the resulting log and then reboot the system and check to see if the Proxy is still set or not.


Quit all running programs.
Start RogueKiller.exe by double clicking on the icon.
Wait until Prescan has finished.
Ensure all boxes are ticked under "Report" tab.
Click on Scan.
When the scan has completed click on *ProxyFix*.
Click on Report when the Deletion completes. Copy/paste the contents of the report into your next reply.


----------



## RonnSull

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Ronnie [Admin rights]
Mode : ProxyFix -- Date : 05/12/2014 17:20:31
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[PROXY IE][PUM] HKLM\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877 [Country: (Private Address) (XX), City: (Private Address)]) -> DELETED
[PROXY IE][PUM] HKLM\[...]\Internet Settings : ProxyEnable (1) -> REPLACED (0)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[0]_PR_05122014_172031.txt >>
RKreport[0]_S_05122014_162024.txt;RKreport[0]_S_05122014_171928.txt


----------



## Mark1956

Has that fixed the problem?


----------



## RonnSull

Nope still showing the same message.


----------



## Mark1956

Ok, lets try something else, this scan will not make any changes until I issue further instructions, I need to see what is on the system and then create a script to remove the cause.

Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download Regclean Pro.

*Note:* If you get a warning that the download could harm your system, please ignore it and allow the download to go ahead. FRST is perfectly safe and we would never ask you to download anything that isn't.

*Note*: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click on FRST to run it. When the tool opens click *Yes* to the disclaimer.
Press the* Scan* button. *DO NOT* check any of the Optional Scan options unless requested.
It will make a log (*FRST.txt*) in the same directory the tool is run from. Please copy and paste it into your next reply.
The first time the tool is run, it makes another log (*Addition.txt*). Please also copy and paste that into your reply.


----------



## RonnSull

This is going to be in 2 parts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Ronnie (administrator) on DESKTOP on 12-05-2014 18:02:22
Running from C:\Users\Ronnie\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [757888 2012-07-02] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127104 2012-07-02] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] ()
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3856921359-2614390849-1675835353-1002\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-3856921359-2614390849-1675835353-1002\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\S-1-5-21-3856921359-2614390849-1675835353-1002\...\MountPoints2: {196d2131-2a67-11e3-be8b-9c2a7048404e} - "K:\menu.exe" 
Startup: C:\Users\Ronnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U156&form=U156HP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {1B27779C-D4CB-4648-A2EF-8870918F9C3E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {1B27779C-D4CB-4648-A2EF-8870918F9C3E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {1B27779C-D4CB-4648-A2EF-8870918F9C3E} URL = 
SearchScopes: HKCU - {1B27779C-D4CB-4648-A2EF-8870918F9C3E} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Ronnie\AppData\Roaming\Mozilla\Firefox\Profiles\z5wdyv4y.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.bing.com/?pc=U156&form=U156HP
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [128640 2012-07-02] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915408 2013-10-10] (SoftThinks SAS)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2014-01-31] ()
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-09] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-12 18:02 - 2014-05-12 18:02 - 00015784 _____ () C:\Users\Ronnie\Downloads\FRST.txt
2014-05-12 18:02 - 2014-05-12 18:02 - 00000000 ____D () C:\FRST
2014-05-12 18:01 - 2014-05-12 18:02 - 02066944 _____ (Farbar) C:\Users\Ronnie\Downloads\FRST64.exe
2014-05-12 17:34 - 2014-05-12 17:34 - 00000000 ___RD () C:\Users\Ronnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-12 17:20 - 2014-05-12 17:20 - 00001008 _____ () C:\Users\Ronnie\Desktop\RKreport[0]_PR_05122014_172031.txt
2014-05-12 17:19 - 2014-05-12 17:19 - 00061007 _____ () C:\Users\Ronnie\Desktop\RKreport[0]_S_05122014_171928.txt
2014-05-12 16:20 - 2014-05-12 16:20 - 00060974 _____ () C:\Users\Ronnie\Desktop\RKreport[0]_S_05122014_162024.txt
2014-05-12 16:17 - 2014-05-12 17:20 - 00000000 ____D () C:\Users\Ronnie\Desktop\RK_Quarantine
2014-05-12 16:17 - 2014-05-12 16:17 - 04527616 _____ () C:\Users\Ronnie\Desktop\RogueKillerX64.exe
2014-05-11 00:38 - 2014-05-11 00:38 - 00002762 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-10 20:31 - 2014-05-12 05:32 - 00002980 _____ () C:\WINDOWS\PFRO.log
2014-05-10 20:31 - 2014-05-10 20:31 - 00507768 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-10 20:28 - 2014-05-10 20:29 - 00000000 ____D () C:\AdwCleaner
2014-05-10 20:28 - 2014-05-10 20:28 - 01316991 _____ () C:\Users\Ronnie\Desktop\adwcleaner.exe
2014-05-10 20:15 - 2014-05-10 20:15 - 00001794 _____ () C:\Users\Ronnie\Desktop\uninstall_list.txt
2014-05-10 18:54 - 2014-05-10 18:54 - 00380416 _____ () C:\Users\Ronnie\Desktop\b4ee5oyo.exe
2014-05-10 18:52 - 2014-05-10 18:52 - 00688992 _____ (Swearware) C:\Users\Ronnie\Desktop\dds.scr
2014-05-10 18:51 - 2014-05-10 18:51 - 00011060 _____ () C:\Users\Ronnie\Desktop\hijackthis.log
2014-05-10 18:49 - 2014-05-10 18:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ronnie\Desktop\HijackThis.exe
2014-05-10 18:45 - 2014-05-10 18:45 - 00509440 _____ (Tech Support Guy System) C:\Users\Ronnie\Desktop\SysInfo.exe
2014-05-10 17:43 - 2014-05-10 17:43 - 00662016 _____ () C:\Users\Ronnie\Downloads\MicrosoftFixit50566.msi
2014-05-10 17:31 - 2014-05-10 17:31 - 00003694 _____ () C:\WINDOWS\System32\Tasks\Adobe online update program
2014-05-10 16:24 - 2014-05-10 16:24 - 00002247 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00002233 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00002221 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\AVG
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\AVG
2014-05-10 16:24 - 2014-04-15 16:23 - 00040248 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-05-10 16:24 - 2014-04-15 16:23 - 00029496 _____ (AVG) C:\WINDOWS\system32\authuitu.dll
2014-05-10 16:24 - 2014-04-15 16:23 - 00025400 _____ (AVG) C:\WINDOWS\SysWOW64\authuitu.dll
2014-05-10 16:22 - 2014-05-10 20:31 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-10 16:22 - 2014-05-10 16:25 - 00000000 ____D () C:\ProgramData\AVG
2014-05-10 10:48 - 2014-05-10 10:48 - 00000000 ____D () C:\WINDOWS\pss
2014-05-10 10:32 - 2014-05-10 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 21:01 - 2014-05-12 12:19 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C0E9A0E7-8FE3-49A3-83E6-DADA1D3CC57A}
2014-05-08 21:01 - 2014-05-08 21:01 - 00000000 __SHD () C:\Users\Ronnie\AppData\Local\EmieUserList
2014-05-08 21:01 - 2014-05-08 21:01 - 00000000 __SHD () C:\Users\Ronnie\AppData\Local\EmieSiteList
2014-05-08 20:17 - 2014-05-08 20:17 - 00000000 ___HD () C:\$AVG-SHREDDER-TMP-010f4a42-4321-433c-8b94-d819e05d2a70
2014-05-08 20:12 - 2014-05-08 20:55 - 00000000 ____D () C:\ProgramData\pastaleads
2014-05-08 20:05 - 2014-05-08 20:05 - 00000000 ____D () C:\Users\Ronnie\Documents\CS6-Windows
2014-05-08 20:02 - 2014-05-08 20:55 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\GetNowUpdater
2014-05-08 20:02 - 2014-05-08 20:55 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\CrashRpt
2014-05-08 20:02 - 2014-05-08 20:02 - 00000000 ____D () C:\Users\Ronnie\.android
2014-05-08 20:01 - 2014-05-08 20:55 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\Angry_Birds
2014-05-08 20:01 - 2014-05-08 20:01 - 01745400 _____ (AnyProtect.com) C:\Users\Ronnie\AppData\Local\nsaB17A.tmp
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\TomTom
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2014-05-02 04:32 - 2014-05-02 04:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-02 04:32 - 2014-05-02 04:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-02 04:32 - 2014-04-29 10:01 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-02 04:32 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-01 19:44 - 2014-05-01 19:44 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-24 08:11 - 2014-04-24 08:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-24 08:11 - 2014-04-24 08:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-23 16:31 - 2014-04-23 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-04-23 16:25 - 2014-04-23 16:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-20 21:37 - 2014-04-20 21:37 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-20 21:37 - 2014-04-20 21:37 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-20 21:35 - 2014-04-20 21:35 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-20 21:35 - 2014-04-20 21:35 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-20 21:35 - 2014-04-20 21:35 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-20 19:41 - 2014-02-17 20:25 - 00000426 _____ () C:\AVScanner.ini
2014-04-20 19:37 - 2014-04-20 19:37 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\AVG2014
2014-04-20 19:36 - 2014-04-24 08:11 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-20 19:36 - 2014-04-24 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-20 19:36 - 2014-04-20 19:37 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-20 19:36 - 2014-04-20 19:36 - 00000000 ___HD () C:\$AVG
2014-04-20 19:36 - 2014-04-20 19:36 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\TuneUp Software
2014-04-20 19:34 - 2014-05-10 16:23 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-20 19:31 - 2014-05-12 15:14 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-20 19:31 - 2014-04-20 20:52 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\Avg2014
2014-04-20 19:31 - 2014-04-20 19:31 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\MFAData
2014-04-20 13:34 - 2014-03-20 00:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-20 13:34 - 2014-03-19 23:48 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-20 13:34 - 2014-03-19 23:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-20 13:34 - 2014-03-19 23:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-20 13:34 - 2014-03-19 23:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-20 13:34 - 2014-03-19 21:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-20 13:34 - 2014-03-19 21:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-04-20 13:34 - 2014-03-19 20:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-20 13:34 - 2014-03-19 20:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-20 13:34 - 2014-03-19 19:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-20 13:34 - 2014-03-19 19:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-20 13:34 - 2014-03-19 19:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-20 13:34 - 2014-03-19 03:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-20 13:34 - 2014-03-19 01:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-20 13:34 - 2014-03-19 01:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-20 13:34 - 2014-03-19 01:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-20 13:34 - 2014-03-19 01:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-20 13:34 - 2014-03-19 01:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-20 13:34 - 2014-03-19 00:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-20 13:34 - 2014-03-19 00:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-20 13:34 - 2014-03-13 08:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-20 13:34 - 2014-03-12 09:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-20 13:34 - 2014-03-11 11:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-20 13:34 - 2014-03-11 11:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-20 13:34 - 2014-03-11 11:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-20 13:34 - 2014-03-11 10:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-20 13:34 - 2014-03-11 10:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-20 13:34 - 2014-03-11 10:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-20 13:34 - 2014-03-11 10:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-20 13:34 - 2014-03-11 10:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-20 13:34 - 2014-03-11 09:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-20 13:34 - 2014-03-11 09:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-20 13:34 - 2014-03-11 08:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-20 13:34 - 2014-03-11 08:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-20 13:34 - 2014-03-08 16:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-20 13:34 - 2014-03-08 16:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-20 13:34 - 2014-03-08 16:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-20 13:34 - 2014-03-08 16:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-20 13:34 - 2014-03-08 16:35 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-20 13:34 - 2014-03-08 16:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-20 13:34 - 2014-03-08 11:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-20 13:34 - 2014-03-08 11:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-20 13:34 - 2014-03-08 07:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-20 13:34 - 2014-03-08 05:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-20 13:34 - 2014-03-08 05:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-20 13:34 - 2014-03-08 04:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-20 13:34 - 2014-03-08 04:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-20 13:34 - 2014-03-08 04:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-20 13:34 - 2014-03-08 04:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-20 13:34 - 2014-03-08 03:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-20 13:34 - 2014-03-08 03:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-20 13:34 - 2014-03-08 03:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-20 13:34 - 2014-03-08 03:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-20 13:34 - 2014-03-08 03:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-20 13:34 - 2014-03-08 03:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-20 13:34 - 2014-03-08 03:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-20 13:34 - 2014-03-08 03:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-20 13:34 - 2014-03-08 02:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-20 13:34 - 2014-03-08 02:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-20 13:34 - 2014-03-08 02:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-20 13:34 - 2014-03-08 02:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-20 13:34 - 2014-03-08 02:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-20 13:34 - 2014-03-08 02:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-20 13:34 - 2014-03-08 02:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-20 13:34 - 2014-03-08 02:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-20 13:34 - 2014-03-08 02:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-20 13:34 - 2014-03-08 02:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-20 13:34 - 2014-03-08 02:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-20 13:34 - 2014-03-08 02:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-20 13:34 - 2014-03-08 01:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-20 13:34 - 2014-03-08 01:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-20 13:34 - 2014-03-08 01:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-20 13:34 - 2014-03-06 10:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-20 13:34 - 2014-03-06 10:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-20 13:34 - 2014-03-06 10:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-20 13:34 - 2014-03-06 08:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-20 13:34 - 2014-03-06 08:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-20 13:34 - 2014-03-06 08:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-20 13:34 - 2014-03-06 08:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-20 13:34 - 2014-03-06 08:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-20 13:34 - 2014-03-06 08:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-20 13:34 - 2014-03-06 08:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-20 13:34 - 2014-03-06 08:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-20 13:34 - 2014-03-06 08:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-20 13:34 - 2014-03-06 08:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-20 13:34 - 2014-03-06 08:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-20 13:34 - 2014-03-06 08:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-20 13:34 - 2014-03-06 07:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-20 13:34 - 2014-03-06 07:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-20 13:34 - 2014-03-06 07:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-20 13:34 - 2014-03-06 07:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-20 13:34 - 2014-03-06 07:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-20 13:34 - 2014-03-06 06:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-20 13:34 - 2014-03-06 06:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-20 13:34 - 2014-03-06 06:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-20 13:34 - 2014-03-06 06:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-20 13:34 - 2014-03-06 06:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-20 13:34 - 2014-03-06 05:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-20 13:34 - 2014-03-06 05:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-20 13:34 - 2014-03-06 05:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-20 13:34 - 2014-03-06 05:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-20 13:34 - 2014-03-06 05:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-20 13:34 - 2014-03-06 05:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-20 13:34 - 2014-03-06 05:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-20 13:34 - 2014-03-06 05:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-20 13:34 - 2014-03-06 05:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-20 13:34 - 2014-03-06 05:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-20 13:34 - 2014-03-06 05:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-20 13:34 - 2014-03-06 05:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-20 13:34 - 2014-03-06 05:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-20 13:34 - 2014-03-06 05:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-20 13:34 - 2014-03-06 05:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-20 13:34 - 2014-03-06 05:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-20 13:34 - 2014-03-06 05:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-20 13:34 - 2014-03-06 04:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-20 13:34 - 2014-03-06 04:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-20 13:34 - 2014-03-06 04:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-20 13:34 - 2014-03-06 04:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-20 13:34 - 2014-03-06 04:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-20 13:34 - 2014-03-06 04:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-20 13:34 - 2014-03-06 04:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-20 13:34 - 2014-03-06 04:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-20 13:34 - 2014-03-06 03:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-20 13:34 - 2014-03-06 03:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-20 13:34 - 2014-03-06 03:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-20 13:34 - 2014-03-06 03:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-20 13:34 - 2014-03-06 03:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-20 13:34 - 2014-03-06 03:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-20 13:34 - 2014-03-06 03:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-20 13:34 - 2014-03-06 02:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-20 13:34 - 2014-03-06 02:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-20 13:34 - 2014-03-06 02:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-20 13:34 - 2014-03-06 02:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-20 13:34 - 2014-03-06 02:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-20 13:34 - 2014-03-06 02:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-20 13:34 - 2014-03-06 02:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-20 13:34 - 2014-03-06 02:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-20 13:34 - 2014-03-06 02:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-04-20 13:34 - 2014-03-06 02:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-20 13:34 - 2014-03-06 02:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-20 13:34 - 2014-03-06 02:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-20 13:34 - 2014-03-06 02:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-20 13:34 - 2014-03-06 02:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-20 13:34 - 2014-03-06 02:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-20 13:34 - 2014-03-06 02:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-20 13:34 - 2014-03-06 02:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-20 13:34 - 2014-03-06 02:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-20 13:34 - 2014-03-06 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-20 13:34 - 2014-03-06 02:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-20 13:34 - 2014-03-06 02:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-20 13:34 - 2014-03-06 02:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-20 13:34 - 2014-03-06 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-20 13:34 - 2014-03-06 02:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-20 13:34 - 2014-03-06 02:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-20 13:34 - 2014-03-06 02:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-20 13:34 - 2014-03-06 02:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-20 13:34 - 2014-03-06 01:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-20 13:34 - 2014-03-06 01:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-20 13:34 - 2014-03-06 01:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-20 13:34 - 2014-03-06 01:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-20 13:34 - 2014-03-06 01:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-20 13:34 - 2014-03-06 01:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-20 13:34 - 2014-03-06 01:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-20 13:34 - 2014-03-06 01:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-20 13:34 - 2014-03-06 01:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-04-20 13:34 - 2014-03-06 01:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-20 13:34 - 2014-03-06 01:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-20 13:34 - 2014-03-06 01:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-20 13:34 - 2014-03-06 01:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-20 13:34 - 2014-03-04 08:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-20 13:34 - 2014-03-04 08:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-20 13:34 - 2014-03-04 08:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-20 13:34 - 2014-03-04 08:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-20 13:34 - 2014-03-04 07:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-20 13:34 - 2014-03-04 07:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-20 13:34 - 2014-03-04 03:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-20 13:34 - 2014-03-04 03:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-20 13:34 - 2014-03-04 03:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-20 13:34 - 2014-03-04 03:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-20 13:34 - 2014-03-04 02:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-20 13:34 - 2014-03-04 02:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-20 13:34 - 2014-03-04 02:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-20 13:34 - 2014-03-04 02:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-20 13:34 - 2014-03-04 02:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-20 13:34 - 2014-03-04 02:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-20 13:34 - 2014-03-04 02:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-20 13:34 - 2014-03-04 02:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-20 13:34 - 2014-03-04 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-20 13:34 - 2014-03-04 01:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-20 13:34 - 2014-03-04 01:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-20 13:34 - 2014-02-06 18:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-20 13:34 - 2014-02-06 17:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-20 13:34 - 2013-12-23 19:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-20 13:34 - 2013-12-23 19:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-20 13:32 - 2014-04-09 08:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-20 13:32 - 2014-04-08 23:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-20 13:32 - 2014-04-08 23:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-20 13:32 - 2014-04-08 23:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-20 13:32 - 2014-04-08 23:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-20 13:32 - 2014-02-26 02:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-20 13:31 - 2014-02-22 08:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-20 13:31 - 2014-02-22 07:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-20 13:31 - 2014-02-22 07:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-20 13:31 - 2014-02-22 06:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-20 13:31 - 2014-02-22 06:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-20 13:31 - 2014-02-22 06:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-20 13:31 - 2014-02-22 05:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-20 13:31 - 2014-02-22 05:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-20 13:31 - 2014-02-22 05:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-20 13:31 - 2014-02-22 05:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-20 13:31 - 2014-02-22 04:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-20 13:31 - 2014-02-22 04:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-20 13:31 - 2014-02-22 04:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-04-20 13:31 - 2014-02-07 21:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-20 13:30 - 2014-02-22 12:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-20 13:30 - 2014-02-22 12:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-20 13:30 - 2014-02-22 12:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-20 13:30 - 2014-02-22 12:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-20 13:30 - 2014-02-22 12:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-20 13:30 - 2014-02-22 12:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-20 13:30 - 2014-02-22 12:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-20 13:30 - 2014-02-22 12:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-20 13:30 - 2014-02-22 12:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-20 13:30 - 2014-02-22 12:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-20 13:30 - 2014-02-22 11:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-20 13:30 - 2014-02-22 11:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-20 13:30 - 2014-02-22 11:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-20 13:30 - 2014-02-22 11:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-20 13:30 - 2014-02-22 11:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-20 13:30 - 2014-02-22 11:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-20 13:30 - 2014-02-22 11:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-20 13:30 - 2014-02-22 11:50 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-04-20 13:30 - 2014-02-22 11:49 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-20 13:30 - 2014-02-22 11:49 - 00280920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-20 13:30 - 2014-02-22 11:49 - 00148824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-20 13:30 - 2014-02-22 11:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-20 13:30 - 2014-02-22 11:48 - 01791752 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-20 13:30 - 2014-02-22 11:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-20 13:30 - 2014-02-22 11:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-20 13:30 - 2014-02-22 11:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-20 13:30 - 2014-02-22 11:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-20 13:30 - 2014-02-22 11:44 - 00539992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-20 13:30 - 2014-02-22 11:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-20 13:30 - 2014-02-22 11:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-20 13:30 - 2014-02-22 11:44 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-20 13:30 - 2014-02-22 11:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-20 13:30 - 2014-02-22 11:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-20 13:30 - 2014-02-22 11:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-20 13:30 - 2014-02-22 11:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-20 13:30 - 2014-02-22 11:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-20 13:30 - 2014-02-22 11:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-20 13:30 - 2014-02-22 11:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-20 13:30 - 2014-02-22 11:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-20 13:30 - 2014-02-22 10:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-20 13:30 - 2014-02-22 10:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-20 13:30 - 2014-02-22 10:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-20 13:30 - 2014-02-22 10:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-20 13:30 - 2014-02-22 10:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-04-20 13:30 - 2014-02-22 10:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-04-20 13:30 - 2014-02-22 10:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-04-20 13:30 - 2014-02-22 10:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-20 13:30 - 2014-02-22 10:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-20 13:30 - 2014-02-22 10:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-20 13:30 - 2014-02-22 10:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-20 13:30 - 2014-02-22 10:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-04-20 13:30 - 2014-02-22 10:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-20 13:30 - 2014-02-22 10:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-20 13:30 - 2014-02-22 10:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-20 13:30 - 2014-02-22 08:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-20 13:30 - 2014-02-22 08:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-20 13:30 - 2014-02-22 08:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-20 13:30 - 2014-02-22 08:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-20 13:30 - 2014-02-22 08:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-20 13:30 - 2014-02-22 08:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-20 13:30 - 2014-02-22 08:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-20 13:30 - 2014-02-22 08:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-20 13:30 - 2014-02-22 07:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-20 13:30 - 2014-02-22 07:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-20 13:30 - 2014-02-22 07:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-20 13:30 - 2014-02-22 07:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-20 13:30 - 2014-02-22 07:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-20 13:30 - 2014-02-22 07:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-20 13:30 - 2014-02-22 07:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-20 13:30 - 2014-02-22 07:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-20 13:30 - 2014-02-22 07:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-20 13:30 - 2014-02-22 07:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-20 13:30 - 2014-02-22 07:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-20 13:30 - 2014-02-22 07:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-20 13:30 - 2014-02-22 06:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-04-20 13:30 - 2014-02-22 06:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-04-20 13:30 - 2014-02-22 06:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-20 13:30 - 2014-02-22 06:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-20 13:30 - 2014-02-22 06:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-20 13:30 - 2014-02-22 06:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-20 13:30 - 2014-02-22 06:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-20 13:30 - 2014-02-22 06:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-04-20 13:30 - 2014-02-22 06:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-20 13:30 - 2014-02-22 06:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-20 13:30 - 2014-02-22 06:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-20 13:30 - 2014-02-22 06:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-20 13:30 - 2014-02-22 06:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-20 13:30 - 2014-02-22 06:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-20 13:30 - 2014-02-22 06:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-20 13:30 - 2014-02-22 06:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-20 13:30 - 2014-02-22 06:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-04-20 13:30 - 2014-02-22 06:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-20 13:30 - 2014-02-22 06:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-20 13:30 - 2014-02-22 06:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-20 13:30 - 2014-02-22 06:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-20 13:30 - 2014-02-22 06:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-20 13:30 - 2014-02-22 06:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-20 13:30 - 2014-02-22 06:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-20 13:30 - 2014-02-22 06:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-20 13:30 - 2014-02-22 06:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-20 13:30 - 2014-02-22 06:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-20 13:30 - 2014-02-22 05:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-20 13:30 - 2014-02-22 05:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-20 13:30 - 2014-02-22 05:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-20 13:30 - 2014-02-22 05:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-20 13:30 - 2014-02-22 05:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-20 13:30 - 2014-02-22 05:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-20 13:30 - 2014-02-22 05:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-20 13:30 - 2014-02-22 05:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-20 13:30 - 2014-02-22 05:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-20 13:30 - 2014-02-22 05:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-20 13:30 - 2014-02-22 05:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-20 13:30 - 2014-02-22 05:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-20 13:30 - 2014-02-22 05:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-04-20 13:30 - 2014-02-22 05:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-20 13:30 - 2014-02-22 05:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-20 13:30 - 2014-02-22 05:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-20 13:30 - 2014-02-22 05:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-20 13:30 - 2014-02-22 05:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-20 13:30 - 2014-02-22 05:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-20 13:30 - 2014-02-22 05:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-20 13:30 - 2014-02-22 05:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-20 13:30 - 2014-02-22 05:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-20 13:30 - 2014-02-22 05:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-20 13:30 - 2014-02-22 05:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-20 13:30 - 2014-02-22 05:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-20 13:30 - 2014-02-22 05:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-20 13:30 - 2014-02-22 05:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-20 13:30 - 2014-02-22 05:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-20 13:30 - 2014-02-22 05:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-20 13:30 - 2014-02-22 05:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-20 13:30 - 2014-02-22 05:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-20 13:30 - 2014-02-22 05:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-20 13:30 - 2014-02-22 05:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-20 13:30 - 2014-02-22 05:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-20 13:30 - 2014-02-22 05:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-20 13:30 - 2014-02-22 05:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-20 13:30 - 2014-02-22 05:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-20 13:30 - 2014-02-22 05:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-20 13:30 - 2014-02-22 05:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-20 13:30 - 2014-02-22 05:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-20 13:30 - 2014-02-22 05:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-20 13:30 - 2014-02-22 05:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-20 13:30 - 2014-02-22 05:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-04-20 13:30 - 2014-02-22 05:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-20 13:30 - 2014-02-22 05:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-04-20 13:30 - 2014-02-22 05:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-20 13:30 - 2014-02-22 05:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-20 13:30 - 2014-02-22 05:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-20 13:30 - 2014-02-22 04:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-20 13:30 - 2014-02-22 04:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-20 13:30 - 2014-02-22 04:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-20 13:30 - 2014-02-22 04:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-20 13:30 - 2014-02-22 04:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-20 13:30 - 2014-02-22 04:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-20 13:30 - 2014-02-22 04:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-20 13:30 - 2014-02-22 04:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-20 13:30 - 2014-02-22 04:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-20 13:30 - 2014-02-22 04:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-20 13:30 - 2014-02-22 04:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-20 13:30 - 2014-02-22 04:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-20 13:30 - 2014-02-22 04:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-20 13:30 - 2014-02-22 04:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-20 13:30 - 2014-02-22 04:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-04-20 13:30 - 2014-02-22 04:46 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-04-20 13:30 - 2014-02-22 04:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-20 13:30 - 2014-02-22 04:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-04-20 13:30 - 2014-02-22 04:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-20 13:30 - 2014-02-22 04:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-20 13:30 - 2014-02-22 04:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-20 13:30 - 2014-02-22 04:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-20 13:30 - 2014-02-22 04:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-04-20 13:30 - 2014-02-22 04:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-20 13:30 - 2014-02-22 04:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-20 13:30 - 2014-02-22 04:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-20 13:30 - 2014-02-22 04:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-20 13:30 - 2014-02-22 04:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-20 13:30 - 2014-02-22 04:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-20 13:30 - 2014-02-22 04:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-20 13:30 - 2014-02-22 04:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-20 13:30 - 2014-02-22 04:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-20 13:30 - 2014-02-22 04:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-20 13:30 - 2014-02-22 04:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-20 13:30 - 2014-02-22 04:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-20 13:30 - 2014-02-22 04:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-20 13:30 - 2014-02-22 04:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-04-20 13:30 - 2014-02-22 04:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-04-20 13:30 - 2014-02-22 04:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-04-20 13:30 - 2014-02-22 04:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-20 13:30 - 2014-02-22 04:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-20 13:30 - 2014-02-22 04:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-20 13:30 - 2014-02-22 04:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-20 13:30 - 2014-02-22 04:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-20 13:30 - 2014-02-22 04:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-20 13:30 - 2014-02-22 04:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-20 13:30 - 2014-02-22 04:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-20 13:30 - 2014-02-22 00:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-20 13:30 - 2014-02-02 10:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-20 13:30 - 2014-02-02 09:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-20 13:30 - 2014-01-31 04:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-20 13:30 - 2014-01-29 04:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-20 13:30 - 2014-01-29 03:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-20 13:30 - 2014-01-28 20:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-20 13:30 - 2014-01-27 13:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-20 13:30 - 2014-01-27 11:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-20 13:30 - 2014-01-07 21:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-20 13:30 - 2014-01-07 20:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-04-20 13:30 - 2013-12-10 03:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-20 13:30 - 2013-12-04 11:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-20 13:30 - 2013-11-10 19:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-20 13:29 - 2014-02-22 12:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-20 13:29 - 2014-02-22 12:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-20 13:29 - 2014-02-22 12:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-20 13:29 - 2014-02-22 12:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-20 13:29 - 2014-02-22 12:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe


----------



## RonnSull

2014-04-20 13:29 - 2014-02-22 12:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-20 13:29 - 2014-02-22 12:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-20 13:29 - 2014-02-22 12:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-20 13:29 - 2014-02-22 12:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-20 13:29 - 2014-02-22 12:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-20 13:29 - 2014-02-22 12:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-20 13:29 - 2014-02-22 12:00 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-20 13:29 - 2014-02-22 12:00 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-20 13:29 - 2014-02-22 12:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-20 13:29 - 2014-02-22 11:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-20 13:29 - 2014-02-22 11:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-20 13:29 - 2014-02-22 11:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-20 13:29 - 2014-02-22 11:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-20 13:29 - 2014-02-22 11:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-20 13:29 - 2014-02-22 11:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-20 13:29 - 2014-02-22 11:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-20 13:29 - 2014-02-22 11:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-20 13:29 - 2014-02-22 11:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-20 13:29 - 2014-02-22 11:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-20 13:29 - 2014-02-22 11:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-20 13:29 - 2014-02-22 11:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-20 13:29 - 2014-02-22 11:49 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-20 13:29 - 2014-02-22 11:49 - 00189784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-20 13:29 - 2014-02-22 11:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-20 13:29 - 2014-02-22 11:49 - 00079192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-20 13:29 - 2014-02-22 11:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-20 13:29 - 2014-02-22 11:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-20 13:29 - 2014-02-22 11:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-20 13:29 - 2014-02-22 11:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-20 13:29 - 2014-02-22 11:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-20 13:29 - 2014-02-22 10:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-20 13:29 - 2014-02-22 10:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-20 13:29 - 2014-02-22 10:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-20 13:29 - 2014-02-22 10:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-20 13:29 - 2014-02-22 10:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-20 13:29 - 2014-02-22 10:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-20 13:29 - 2014-02-22 10:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-20 13:29 - 2014-02-22 10:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-20 13:29 - 2014-02-22 10:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-20 13:29 - 2014-02-22 10:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-20 13:29 - 2014-02-22 10:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-20 13:29 - 2014-02-22 10:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-20 13:29 - 2014-02-22 10:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-20 13:29 - 2014-02-22 10:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-20 13:29 - 2014-02-22 08:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-20 13:29 - 2014-02-22 08:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-20 13:29 - 2014-02-22 08:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-20 13:29 - 2014-02-22 08:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-20 13:29 - 2014-02-22 08:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-20 13:29 - 2014-02-22 08:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-20 13:29 - 2014-02-22 08:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-20 13:29 - 2014-02-22 08:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-20 13:29 - 2014-02-22 08:14 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-20 13:29 - 2014-02-22 08:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-20 13:29 - 2014-02-22 08:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-20 13:29 - 2014-02-22 08:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-20 13:29 - 2014-02-22 08:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-20 13:29 - 2014-02-22 08:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-20 13:29 - 2014-02-22 08:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-20 13:29 - 2014-02-22 08:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-20 13:29 - 2014-02-22 08:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-20 13:29 - 2014-02-22 08:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-20 13:29 - 2014-02-22 08:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-04-20 13:29 - 2014-02-22 08:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-20 13:29 - 2014-02-22 07:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-20 13:29 - 2014-02-22 07:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-20 13:29 - 2014-02-22 07:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-20 13:29 - 2014-02-22 07:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-20 13:29 - 2014-02-22 07:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-20 13:29 - 2014-02-22 07:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-20 13:29 - 2014-02-22 07:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-20 13:29 - 2014-02-22 07:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-20 13:29 - 2014-02-22 07:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-20 13:29 - 2014-02-22 07:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-20 13:29 - 2014-02-22 07:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-20 13:29 - 2014-02-22 07:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-20 13:29 - 2014-02-22 07:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-20 13:29 - 2014-02-22 07:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-20 13:29 - 2014-02-22 07:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-20 13:29 - 2014-02-22 07:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-20 13:29 - 2014-02-22 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-20 13:29 - 2014-02-22 07:25 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-04-20 13:29 - 2014-02-22 07:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-20 13:29 - 2014-02-22 07:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-20 13:29 - 2014-02-22 07:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-20 13:29 - 2014-02-22 07:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-20 13:29 - 2014-02-22 07:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-20 13:29 - 2014-02-22 07:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-20 13:29 - 2014-02-22 07:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-20 13:29 - 2014-02-22 07:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-20 13:29 - 2014-02-22 07:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-20 13:29 - 2014-02-22 07:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-20 13:29 - 2014-02-22 07:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-20 13:29 - 2014-02-22 07:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-20 13:29 - 2014-02-22 07:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-20 13:29 - 2014-02-22 07:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-20 13:29 - 2014-02-22 07:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-20 13:29 - 2014-02-22 07:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-20 13:29 - 2014-02-22 07:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-04-20 13:29 - 2014-02-22 07:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-20 13:29 - 2014-02-22 07:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-20 13:29 - 2014-02-22 07:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-20 13:29 - 2014-02-22 07:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-20 13:29 - 2014-02-22 07:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-20 13:29 - 2014-02-22 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-20 13:29 - 2014-02-22 07:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-20 13:29 - 2014-02-22 07:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-20 13:29 - 2014-02-22 07:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-20 13:29 - 2014-02-22 07:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-20 13:29 - 2014-02-22 07:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-20 13:29 - 2014-02-22 07:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-20 13:29 - 2014-02-22 07:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-20 13:29 - 2014-02-22 06:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-20 13:29 - 2014-02-22 06:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-20 13:29 - 2014-02-22 06:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-20 13:29 - 2014-02-22 06:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-20 13:29 - 2014-02-22 06:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-20 13:29 - 2014-02-22 06:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-20 13:29 - 2014-02-22 06:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-20 13:29 - 2014-02-22 06:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-20 13:29 - 2014-02-22 06:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-20 13:29 - 2014-02-22 06:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-20 13:29 - 2014-02-22 06:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-20 13:29 - 2014-02-22 06:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-20 13:29 - 2014-02-22 06:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-20 13:29 - 2014-02-22 06:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-20 13:29 - 2014-02-22 06:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-20 13:29 - 2014-02-22 06:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-20 13:29 - 2014-02-22 06:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-20 13:29 - 2014-02-22 06:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-20 13:29 - 2014-02-22 06:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-20 13:29 - 2014-02-22 06:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-20 13:29 - 2014-02-22 06:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-20 13:29 - 2014-02-22 06:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-20 13:29 - 2014-02-22 06:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-04-20 13:29 - 2014-02-22 06:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-20 13:29 - 2014-02-22 06:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-20 13:29 - 2014-02-22 06:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-20 13:29 - 2014-02-22 06:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-20 13:29 - 2014-02-22 06:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-20 13:29 - 2014-02-22 06:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-20 13:29 - 2014-02-22 06:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-20 13:29 - 2014-02-22 06:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-20 13:29 - 2014-02-22 06:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-20 13:29 - 2014-02-22 06:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-20 13:29 - 2014-02-22 06:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-20 13:29 - 2014-02-22 06:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-20 13:29 - 2014-02-22 06:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-20 13:29 - 2014-02-22 06:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-20 13:29 - 2014-02-22 06:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-20 13:29 - 2014-02-22 06:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-20 13:29 - 2014-02-22 06:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-20 13:29 - 2014-02-22 06:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-20 13:29 - 2014-02-22 06:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-20 13:29 - 2014-02-22 06:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-20 13:29 - 2014-02-22 06:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-20 13:29 - 2014-02-22 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-20 13:29 - 2014-02-22 06:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-20 13:29 - 2014-02-22 06:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-20 13:29 - 2014-02-22 06:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-20 13:29 - 2014-02-22 06:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-20 13:29 - 2014-02-22 06:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-20 13:29 - 2014-02-22 06:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-20 13:29 - 2014-02-22 06:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-20 13:29 - 2014-02-22 06:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-20 13:29 - 2014-02-22 06:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-20 13:29 - 2014-02-22 06:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-20 13:29 - 2014-02-22 06:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-20 13:29 - 2014-02-22 06:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-20 13:29 - 2014-02-22 06:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-20 13:29 - 2014-02-22 06:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 13:29 - 2014-02-22 06:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-20 13:29 - 2014-02-22 06:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-20 13:29 - 2014-02-22 06:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-20 13:29 - 2014-02-22 06:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-20 13:29 - 2014-02-22 06:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-20 13:29 - 2014-02-22 06:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-20 13:29 - 2014-02-22 05:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-20 13:29 - 2014-02-22 05:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-04-20 13:29 - 2014-02-22 05:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-20 13:29 - 2014-02-22 05:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-20 13:29 - 2014-02-22 05:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-20 13:29 - 2014-02-22 05:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-20 13:29 - 2014-02-22 05:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-20 13:29 - 2014-02-22 05:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-20 13:29 - 2014-02-22 05:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-20 13:29 - 2014-02-22 05:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-20 13:29 - 2014-02-22 05:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-20 13:29 - 2014-02-22 05:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-20 13:29 - 2014-02-22 05:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-20 13:29 - 2014-02-22 05:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-20 13:29 - 2014-02-22 05:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-20 13:29 - 2014-02-22 05:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-20 13:29 - 2014-02-22 05:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-20 13:29 - 2014-02-22 05:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-20 13:29 - 2014-02-22 05:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-20 13:29 - 2014-02-22 05:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-20 13:29 - 2014-02-22 05:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-20 13:29 - 2014-02-22 05:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-20 13:29 - 2014-02-22 05:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-20 13:29 - 2014-02-22 05:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-20 13:29 - 2014-02-22 05:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-20 13:29 - 2014-02-22 05:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-20 13:29 - 2014-02-22 05:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-20 13:29 - 2014-02-22 05:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-20 13:29 - 2014-02-22 05:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-04-20 13:29 - 2014-02-22 05:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-20 13:29 - 2014-02-22 05:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-20 13:29 - 2014-02-22 05:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-20 13:29 - 2014-02-22 05:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-20 13:29 - 2014-02-22 05:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-20 13:29 - 2014-02-22 05:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-20 13:29 - 2014-02-22 05:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-20 13:29 - 2014-02-22 05:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-20 13:29 - 2014-02-22 05:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-20 13:29 - 2014-02-22 05:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-20 13:29 - 2014-02-22 05:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-20 13:29 - 2014-02-22 05:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-20 13:29 - 2014-02-22 05:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-20 13:29 - 2014-02-22 05:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-20 13:29 - 2014-02-22 05:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-20 13:29 - 2014-02-22 05:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-20 13:29 - 2014-02-22 05:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-20 13:29 - 2014-02-22 05:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-20 13:29 - 2014-02-22 05:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-20 13:29 - 2014-02-22 05:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-20 13:29 - 2014-02-22 05:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-20 13:29 - 2014-02-22 05:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-20 13:29 - 2014-02-22 05:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-20 13:29 - 2014-02-22 05:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-20 13:29 - 2014-02-22 05:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-20 13:29 - 2014-02-22 05:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-20 13:29 - 2014-02-22 05:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-20 13:29 - 2014-02-22 05:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-20 13:29 - 2014-02-22 05:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-20 13:29 - 2014-02-22 05:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-20 13:29 - 2014-02-22 05:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-20 13:29 - 2014-02-22 04:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-20 13:29 - 2014-02-22 04:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-04-20 13:29 - 2014-02-22 04:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-04-20 13:29 - 2014-02-22 04:55 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-20 13:29 - 2014-02-22 04:55 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-04-20 13:29 - 2014-02-22 04:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-20 13:29 - 2014-02-22 04:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-20 13:29 - 2014-02-22 04:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-20 13:29 - 2014-02-22 04:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-20 13:29 - 2014-02-22 04:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-20 13:29 - 2014-02-22 04:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-20 13:29 - 2014-02-22 04:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-20 13:29 - 2014-02-22 04:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-20 13:29 - 2014-02-22 04:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-20 13:29 - 2014-02-22 04:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-20 13:29 - 2014-02-22 04:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-20 13:29 - 2014-02-22 04:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-20 13:29 - 2014-02-22 04:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-20 13:29 - 2014-02-22 04:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-04-20 13:29 - 2014-02-22 04:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-04-20 13:29 - 2014-02-22 04:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-20 13:29 - 2014-02-22 04:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-20 13:29 - 2014-02-22 04:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-20 13:29 - 2014-02-22 04:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-04-20 13:29 - 2014-02-22 04:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-20 13:29 - 2014-02-22 04:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-20 13:29 - 2014-02-22 04:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-20 13:29 - 2014-02-22 04:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-20 13:29 - 2014-02-22 04:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-20 13:29 - 2014-02-22 04:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-20 13:29 - 2014-02-22 04:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-20 13:29 - 2014-02-22 04:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-20 13:29 - 2014-02-22 04:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-20 13:29 - 2014-02-22 04:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-20 13:29 - 2014-02-22 04:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-20 13:29 - 2014-02-22 04:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-20 13:29 - 2014-02-22 04:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-20 13:29 - 2014-02-22 04:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-20 13:29 - 2014-02-22 04:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-20 13:29 - 2014-02-22 04:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-20 13:29 - 2014-02-22 04:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-04-20 13:29 - 2014-02-22 04:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-20 13:29 - 2014-02-22 04:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-20 13:29 - 2014-02-22 04:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-20 13:29 - 2014-02-22 04:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-20 13:29 - 2014-02-22 04:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-20 13:29 - 2014-02-22 04:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-20 13:29 - 2014-02-22 04:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-20 13:29 - 2014-02-22 04:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-20 13:29 - 2014-02-22 04:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-04-20 13:29 - 2014-02-22 04:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-20 13:29 - 2014-02-22 04:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-20 13:29 - 2014-02-22 04:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-20 13:29 - 2014-02-22 04:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-20 13:29 - 2014-02-22 04:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-20 13:29 - 2014-02-22 04:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-20 13:29 - 2014-02-22 04:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-20 13:29 - 2014-02-22 04:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-20 13:29 - 2014-02-22 04:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-20 13:29 - 2014-02-22 04:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-20 13:29 - 2014-02-22 04:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-20 13:29 - 2014-02-22 04:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-20 13:29 - 2014-02-22 04:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-20 13:29 - 2014-02-22 04:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-20 13:29 - 2014-02-22 03:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-20 13:29 - 2014-02-01 02:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-20 13:29 - 2014-02-01 02:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-20 13:29 - 2014-01-31 08:09 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-04-20 13:29 - 2014-01-31 08:08 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-04-20 13:29 - 2014-01-31 07:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-20 13:29 - 2014-01-31 07:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-20 13:29 - 2014-01-31 05:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-20 13:29 - 2014-01-31 05:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-20 13:29 - 2014-01-31 05:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-20 13:29 - 2014-01-31 05:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-20 13:29 - 2014-01-31 05:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-20 13:29 - 2014-01-31 05:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-20 13:29 - 2014-01-31 05:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-20 13:29 - 2014-01-31 04:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-20 13:29 - 2014-01-29 04:52 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-20 13:29 - 2014-01-29 04:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-20 13:29 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-20 13:29 - 2014-01-28 20:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-20 13:29 - 2014-01-27 15:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-20 13:29 - 2014-01-27 15:48 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-04-20 13:29 - 2014-01-22 02:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-20 13:29 - 2014-01-22 01:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-20 13:29 - 2014-01-17 13:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-20 13:29 - 2014-01-17 13:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-20 13:29 - 2013-12-04 14:41 - 00226304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2014-04-20 13:29 - 2013-12-04 11:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-20 13:29 - 2013-12-04 10:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-20 13:29 - 2013-12-04 09:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-20 13:29 - 2013-11-27 05:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-20 13:29 - 2013-11-27 04:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-20 13:29 - 2013-11-08 00:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-20 13:29 - 2013-11-07 23:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-20 13:28 - 2014-02-22 08:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-20 13:28 - 2014-02-22 08:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-20 13:28 - 2014-02-22 08:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-20 13:28 - 2014-02-22 08:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-20 13:28 - 2014-02-22 08:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-20 13:28 - 2014-02-22 08:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-20 13:28 - 2014-02-22 08:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-20 13:28 - 2014-02-22 08:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-20 13:28 - 2014-02-22 08:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-20 13:28 - 2014-02-22 07:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-20 13:28 - 2014-02-22 07:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-20 13:28 - 2014-02-22 07:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-20 13:28 - 2014-02-22 07:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-20 13:28 - 2014-02-22 07:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-20 13:28 - 2014-02-22 07:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-20 13:28 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-20 13:28 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-20 13:28 - 2014-02-22 07:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-20 13:28 - 2014-02-22 07:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-20 13:28 - 2014-02-22 07:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-20 13:28 - 2014-02-22 07:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-20 13:28 - 2014-02-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-20 13:28 - 2014-02-22 06:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-20 13:28 - 2014-02-22 06:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-20 13:28 - 2014-02-22 06:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-04-20 13:28 - 2014-02-22 06:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-20 13:28 - 2014-02-22 06:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-20 13:28 - 2014-02-22 06:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-20 13:28 - 2014-02-22 05:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-20 13:28 - 2014-02-22 05:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-20 13:28 - 2014-02-22 05:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-20 13:28 - 2014-02-22 05:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-20 13:28 - 2014-02-22 05:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-20 13:28 - 2014-02-22 05:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-20 13:28 - 2014-02-22 05:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-20 13:28 - 2014-02-22 04:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-20 13:28 - 2014-02-22 04:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-20 13:28 - 2014-02-22 04:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-20 13:28 - 2014-02-22 04:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-20 13:28 - 2014-02-22 04:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-20 13:28 - 2014-02-22 04:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-20 13:28 - 2014-02-22 00:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-20 13:28 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-20 13:28 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-20 13:28 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-20 13:28 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-20 13:28 - 2014-02-07 21:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-20 13:28 - 2014-02-07 21:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-20 13:28 - 2014-02-01 02:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-20 13:28 - 2014-02-01 02:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-20 13:28 - 2014-02-01 02:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-20 13:28 - 2014-02-01 02:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-20 13:28 - 2014-02-01 02:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-20 13:28 - 2014-02-01 02:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-20 13:28 - 2014-01-27 13:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-20 13:28 - 2014-01-27 07:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-20 13:28 - 2013-11-27 05:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-20 13:28 - 2013-11-27 05:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys

==================== One Month Modified Files and Folders =======

2014-05-12 18:02 - 2014-05-12 18:02 - 00015784 _____ () C:\Users\Ronnie\Downloads\FRST.txt
2014-05-12 18:02 - 2014-05-12 18:02 - 00000000 ____D () C:\FRST
2014-05-12 18:02 - 2014-05-12 18:01 - 02066944 _____ (Farbar) C:\Users\Ronnie\Downloads\FRST64.exe
2014-05-12 18:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-12 17:34 - 2014-05-12 17:34 - 00000000 ___RD () C:\Users\Ronnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-12 17:33 - 2013-12-09 20:26 - 00000000 __RDO () C:\Users\Ronnie\SkyDrive
2014-05-12 17:30 - 2013-03-28 23:00 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-12 17:26 - 2013-09-30 00:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-12 17:24 - 2013-03-04 15:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-12 17:22 - 2013-12-09 19:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-12 17:22 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-12 17:21 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-12 17:20 - 2014-05-12 17:20 - 00001008 _____ () C:\Users\Ronnie\Desktop\RKreport[0]_PR_05122014_172031.txt
2014-05-12 17:20 - 2014-05-12 16:17 - 00000000 ____D () C:\Users\Ronnie\Desktop\RK_Quarantine
2014-05-12 17:19 - 2014-05-12 17:19 - 00061007 _____ () C:\Users\Ronnie\Desktop\RKreport[0]_S_05122014_171928.txt
2014-05-12 17:17 - 2013-03-31 21:39 - 00000318 _____ () C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2014-05-12 16:20 - 2014-05-12 16:20 - 00060974 _____ () C:\Users\Ronnie\Desktop\RKreport[0]_S_05122014_162024.txt
2014-05-12 16:17 - 2014-05-12 16:17 - 04527616 _____ () C:\Users\Ronnie\Desktop\RogueKillerX64.exe
2014-05-12 15:32 - 2013-12-09 19:12 - 01431481 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-12 15:14 - 2014-04-20 19:31 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-12 15:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-12 12:19 - 2014-05-08 21:01 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C0E9A0E7-8FE3-49A3-83E6-DADA1D3CC57A}
2014-05-12 11:14 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-12 09:35 - 2013-03-26 21:18 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\VirtualStore
2014-05-12 05:32 - 2014-05-10 20:31 - 00002980 _____ () C:\WINDOWS\PFRO.log
2014-05-11 09:27 - 2013-03-28 23:37 - 00000000 ____D () C:\Users\Ronnie\.frostwire5
2014-05-11 00:38 - 2014-05-11 00:38 - 00002762 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-11 00:05 - 2013-03-29 00:13 - 00001189 _____ () C:\Users\Ronnie\AppData\Roaming\vso_ts_preview.xml
2014-05-11 00:05 - 2013-03-29 00:13 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\Vso
2014-05-10 23:46 - 2013-11-25 21:28 - 00000000 _____ () C:\ProgramData\CLDShowX.ini
2014-05-10 23:37 - 2013-03-29 20:55 - 00000000 ____D () C:\Users\Ronnie\Documents\ConvertXToDVD
2014-05-10 20:31 - 2014-05-10 20:31 - 00507768 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-10 20:31 - 2014-05-10 16:22 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-10 20:29 - 2014-05-10 20:28 - 00000000 ____D () C:\AdwCleaner
2014-05-10 20:28 - 2014-05-10 20:28 - 01316991 _____ () C:\Users\Ronnie\Desktop\adwcleaner.exe
2014-05-10 20:15 - 2014-05-10 20:15 - 00001794 _____ () C:\Users\Ronnie\Desktop\uninstall_list.txt
2014-05-10 18:54 - 2014-05-10 18:54 - 00380416 _____ () C:\Users\Ronnie\Desktop\b4ee5oyo.exe
2014-05-10 18:52 - 2014-05-10 18:52 - 00688992 _____ (Swearware) C:\Users\Ronnie\Desktop\dds.scr
2014-05-10 18:51 - 2014-05-10 18:51 - 00011060 _____ () C:\Users\Ronnie\Desktop\hijackthis.log
2014-05-10 18:49 - 2014-05-10 18:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ronnie\Desktop\HijackThis.exe
2014-05-10 18:45 - 2014-05-10 18:45 - 00509440 _____ (Tech Support Guy System) C:\Users\Ronnie\Desktop\SysInfo.exe
2014-05-10 17:49 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-10 17:43 - 2014-05-10 17:43 - 00662016 _____ () C:\Users\Ronnie\Downloads\MicrosoftFixit50566.msi
2014-05-10 17:35 - 2013-12-09 22:09 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-10 17:35 - 2013-03-29 11:01 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\CrashDumps
2014-05-10 17:31 - 2014-05-10 17:31 - 00003694 _____ () C:\WINDOWS\System32\Tasks\Adobe online update program
2014-05-10 16:25 - 2014-05-10 16:22 - 00000000 ____D () C:\ProgramData\AVG
2014-05-10 16:24 - 2014-05-10 16:24 - 00002247 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00002233 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00002221 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\AVG
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\AVG
2014-05-10 16:23 - 2014-04-20 19:34 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-10 11:24 - 2013-03-26 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 10:48 - 2014-05-10 10:48 - 00000000 ____D () C:\WINDOWS\pss
2014-05-10 10:32 - 2014-05-10 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 22:54 - 2013-03-26 21:25 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3856921359-2614390849-1675835353-1002
2014-05-08 21:24 - 2013-03-26 21:18 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\Packages
2014-05-08 21:01 - 2014-05-08 21:01 - 00000000 __SHD () C:\Users\Ronnie\AppData\Local\EmieUserList
2014-05-08 21:01 - 2014-05-08 21:01 - 00000000 __SHD () C:\Users\Ronnie\AppData\Local\EmieSiteList
2014-05-08 20:55 - 2014-05-08 20:12 - 00000000 ____D () C:\ProgramData\pastaleads
2014-05-08 20:55 - 2014-05-08 20:02 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\GetNowUpdater
2014-05-08 20:55 - 2014-05-08 20:02 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\CrashRpt
2014-05-08 20:55 - 2014-05-08 20:01 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\Angry_Birds
2014-05-08 20:55 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-08 20:55 - 2013-03-26 23:03 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-08 20:55 - 2013-03-26 21:20 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-08 20:52 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\registration
2014-05-08 20:31 - 2013-12-09 19:17 - 00000000 ____D () C:\Users\Ronnie
2014-05-08 20:17 - 2014-05-08 20:17 - 00000000 ___HD () C:\$AVG-SHREDDER-TMP-010f4a42-4321-433c-8b94-d819e05d2a70
2014-05-08 20:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-08 20:05 - 2014-05-08 20:05 - 00000000 ____D () C:\Users\Ronnie\Documents\CS6-Windows
2014-05-08 20:02 - 2014-05-08 20:02 - 00000000 ____D () C:\Users\Ronnie\.android
2014-05-08 20:01 - 2014-05-08 20:01 - 01745400 _____ (AnyProtect.com) C:\Users\Ronnie\AppData\Local\nsaB17A.tmp
2014-05-08 19:48 - 2013-05-13 16:31 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\Adobe
2014-05-08 18:57 - 2013-04-09 18:54 - 01766400 ___SH () C:\Users\Ronnie\Downloads\Thumbs.db
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\TomTom
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 22:07 - 2014-05-02 22:07 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2014-05-02 04:32 - 2014-05-02 04:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-02 04:32 - 2014-05-02 04:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-01 19:44 - 2014-05-01 19:44 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-29 10:01 - 2014-05-02 04:32 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 08:48 - 2014-05-02 04:32 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-28 13:30 - 2013-03-28 23:00 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-04-24 20:17 - 2013-03-26 21:19 - 00000000 ___RD () C:\Users\Ronnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-24 20:17 - 2013-03-26 21:19 - 00000000 ___RD () C:\Users\Ronnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-24 08:11 - 2014-04-24 08:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-24 08:11 - 2014-04-24 08:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-24 08:11 - 2014-04-20 19:36 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-24 08:11 - 2014-04-20 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-24 04:45 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-23 21:01 - 2013-03-04 15:59 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-23 21:01 - 2013-03-04 15:59 - 00000000 ____D () C:\Program Files\mcafee
2014-04-23 21:01 - 2013-03-04 15:59 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 20:59 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-23 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-23 20:58 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-23 20:58 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-23 20:58 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-23 20:58 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-23 20:58 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-23 16:31 - 2014-04-23 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-04-23 16:31 - 2014-02-15 17:09 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-04-23 16:31 - 2014-02-15 17:09 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-04-23 16:31 - 2014-02-15 17:09 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-04-23 16:31 - 2014-02-15 17:09 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-04-23 16:31 - 2014-02-15 17:09 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-04-23 16:31 - 2013-12-09 19:12 - 00165026 _____ () C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2014-04-23 16:31 - 2013-12-09 19:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-04-23 16:28 - 2014-04-23 16:25 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-22 20:24 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-22 20:24 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 21:37 - 2014-04-20 21:37 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-20 21:37 - 2014-04-20 21:37 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-20 21:35 - 2014-04-20 21:35 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-20 21:35 - 2014-04-20 21:35 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-20 21:35 - 2014-04-20 21:35 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-20 21:35 - 2014-04-20 21:35 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-20 20:52 - 2014-04-20 19:31 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\Avg2014
2014-04-20 19:37 - 2014-04-20 19:37 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\AVG2014
2014-04-20 19:37 - 2014-04-20 19:36 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-20 19:37 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-04-20 19:36 - 2014-04-20 19:36 - 00000000 ___HD () C:\$AVG
2014-04-20 19:36 - 2014-04-20 19:36 - 00000000 ____D () C:\Users\Ronnie\AppData\Roaming\TuneUp Software
2014-04-20 19:34 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-04-20 19:31 - 2014-04-20 19:31 - 00000000 ____D () C:\Users\Ronnie\AppData\Local\MFAData
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-04-15 16:23 - 2014-05-10 16:24 - 00040248 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-04-15 16:23 - 2014-05-10 16:24 - 00029496 _____ (AVG) C:\WINDOWS\system32\authuitu.dll
2014-04-15 16:23 - 2014-05-10 16:24 - 00025400 _____ (AVG) C:\WINDOWS\SysWOW64\authuitu.dll

Some content of TEMP:
====================
C:\Users\Ronnie\AppData\Local\Temp\helper.exe
C:\Users\Ronnie\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Ronnie\AppData\Local\Temp\Quarantine.exe
C:\Users\Ronnie\AppData\Local\Temp\sqlite3.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-12 17:39

==================== End Of Log ============================


----------



## RonnSull

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by Ronnie at 2014-05-12 18:02:52
Running from C:\Users\Ronnie\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.423 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.423 - AVG)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.423 - AVG) Hidden
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
CyberLink PowerDVD 13 (x32 Version: 13.0.3105.58 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.1 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.1 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B3230C5-F069-416B-9169-1B84A216ED6A}) (Version: 2.5.1400.0 - Dell Products, LP)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
FrostWire 5.5.5 (HKLM-x32\...\FrostWire 5) (Version: 5.5.5.0 - FrostWire Team)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{4B3D9AA4-B47A-4349-A64F-04D5A9226D7C}) (Version: 2.2.915.108 - Fitipower)
Multimedia Card Reader (x32 Version: 2.2.915.108 - Fitipower) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
NVIDIA 3D Vision Driver 326.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 326.60 - NVIDIA Corporation)
NVIDIA Control Panel 326.60 (Version: 326.60 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 326.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.60 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2660 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OJOsoft Total Video Converter (HKLM-x32\...\OJOsoft Total Video Converter_is1) (Version: 2.7.5.0412 - OJOsoft)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.200 - Qualcomm Atheros Communications)
RabbitTV (HKCU\...\6c2290d276fa0f0d) (Version: 1.0.0.8 - RabbitTV.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points =========================

29-04-2014 08:11:47 Windows Update
02-05-2014 15:07:10 Windows Update
06-05-2014 09:34:45 Windows Update
09-05-2014 00:30:11 Restore Operation
10-05-2014 20:23:01 Installed AVG PC TuneUp 2014

==================== Hosts content: ==========================

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01149A88-B6E2-4EA5-89BD-049F2BBCB8A2} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0EDA0FD0-5974-45F5-89D8-27556E06BAA7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {14D6CFC7-9367-44B8-9DC7-674F2B944286} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1C0ED091-5928-4032-AFD1-51D7B341FA5E} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {24F8CDE2-4280-4679-95CE-2D5922EEF6EB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E0A3AC4-F97B-43E9-8133-45F4D43FFEA5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3860A27A-EAB2-4B48-95A4-EBC0D2BD463C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {67C689B6-0C2F-48DC-A0E1-753E369C799F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {758C4AD3-69B0-440D-A131-97C8C6D85C63} - System32\Tasks\Spybot - Search & Destroy - Scheduled Task => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F8DF61E-C854-47DE-8D7D-68E18B54009B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AACB3D18-52BA-4192-B848-3D40E47884C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {AC6F71B0-F9B0-4769-985F-C7AFA77A385C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C4A64DE7-3D99-449B-B15F-93A6BFE68E67} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CB5CCDBD-8D2B-4A8C-85D9-F0AAB56FBD49} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCAC2DA6-CF77-4954-BD94-A847EBC9BDC5} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E543EBDB-FEAA-4653-A3DA-8130AA2BD87E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-10] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F492BF42-D323-4094-A70C-C793899A14DD} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-04-15] (AVG)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

==================== Loaded Modules (whitelisted) =============

2013-03-04 15:55 - 2012-04-24 22:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-15 16:23 - 2014-04-15 16:23 - 00675640 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2012-07-02 23:28 - 2012-07-02 23:28 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2012-06-28 19:39 - 2012-06-28 19:39 - 00262144 _____ () C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
2014-04-23 21:20 - 2014-04-23 21:20 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\f95a84be655dce46534e2570f3b8bef6\PSIClient.ni.dll
2013-03-04 15:49 - 2012-06-26 05:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-10 10:32 - 2014-05-10 10:32 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-17 06:59 - 2014-03-17 06:59 - 00026488 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2014-03-17 06:58 - 2014-03-17 06:58 - 00082808 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2014-03-17 06:58 - 2014-03-17 06:58 - 00357752 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-03-04 15:54 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 15:34 - 2012-06-08 15:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL
AlternateDataStreams: C:\Users\Ronnie\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 05:39:17 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/12/2014 05:17:01 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: The program SpybotSD.exe version 1.6.2.46 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c74

Start Time: 01cf6e252334ae6e

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

Report Id: bff757f7-da1a-11e3-beaf-9c2a7048404e

Faulting package full name:

Faulting package-relative application ID:

Error: (05/12/2014 05:48:31 AM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/12/2014 05:46:32 AM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/11/2014 03:17:12 AM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/10/2014 08:57:14 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/10/2014 08:55:19 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/10/2014 06:56:40 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: puppy.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: puppy.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x1c1c
Faulting application start time: 0xpuppy.exe0
Faulting application path: puppy.exe1
Faulting module path: puppy.exe2
Report Id: puppy.exe3
Faulting package full name: puppy.exe4
Faulting package-relative application ID: puppy.exe5

Error: (05/10/2014 06:56:19 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: nzpqm4pg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: nzpqm4pg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x1dd0
Faulting application start time: 0xnzpqm4pg.exe0
Faulting application path: nzpqm4pg.exe1
Faulting module path: nzpqm4pg.exe2
Report Id: nzpqm4pg.exe3
Faulting package full name: nzpqm4pg.exe4
Faulting package-relative application ID: nzpqm4pg.exe5

Error: (05/10/2014 06:55:35 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: nzpqm4pg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: nzpqm4pg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x1b5c
Faulting application start time: 0xnzpqm4pg.exe0
Faulting application path: nzpqm4pg.exe1
Faulting module path: nzpqm4pg.exe2
Report Id: nzpqm4pg.exe3
Faulting package full name: nzpqm4pg.exe4
Faulting package-relative application ID: nzpqm4pg.exe5

System errors:
=============
Error: (05/12/2014 05:24:53 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069

Error: (05/12/2014 05:24:53 PM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/12/2014 05:34:37 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069

Error: (05/12/2014 05:34:37 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/10/2014 08:33:46 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069

Error: (05/10/2014 08:33:46 PM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/10/2014 04:27:34 PM) (Source: Service Control Manager) (User: ) (EventID: 7023)
Description: The Remote Access Connection Manager service terminated with the following error: 
%%20

Error: (05/10/2014 04:27:34 PM) (Source: RasMan) (User: ) (EventID: 20063)
Description: Remote Access Connection Manager failed to start because the Protocol engine [C:\WINDOWS\system32\vpnike.dll] failed to initialize. The system cannot find the device specified.

Error: (05/10/2014 11:31:58 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069

Error: (05/10/2014 11:31:58 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Microsoft Office Sessions:
=========================
Error: (05/12/2014 05:39:17 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (05/12/2014 05:17:01 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: SpybotSD.exe1.6.2.46c7401cf6e252334ae6e4294967295C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exebff757f7-da1a-11e3-beaf-9c2a7048404e

Error: (05/12/2014 05:48:31 AM) (Source: SideBySide) (User: ) (EventID: 63)
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (05/12/2014 05:46:32 AM) (Source: SideBySide) (User: ) (EventID: 63)
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (05/11/2014 03:17:12 AM) (Source: SideBySide) (User: ) (EventID: 63)
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (05/10/2014 08:57:14 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (05/10/2014 08:55:19 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (05/10/2014 06:56:40 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: puppy.exe2.1.19357.052e7ea83puppy.exe2.1.19357.052e7ea83c0000005000011aa1c1c01cf6ca319186cedC:\Users\Ronnie\Downloads\puppy.exeC:\Users\Ronnie\Downloads\puppy.exe58de99af-d896-11e3-bead-9c2a7048404e

Error: (05/10/2014 06:56:19 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: nzpqm4pg.exe2.1.19357.052e7ea83nzpqm4pg.exe2.1.19357.052e7ea83c0000005000011aa1dd001cf6ca30c91ac00C:\Users\Ronnie\Downloads\nzpqm4pg.exeC:\Users\Ronnie\Downloads\nzpqm4pg.exe4bff632b-d896-11e3-bead-9c2a7048404e

Error: (05/10/2014 06:55:35 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: nzpqm4pg.exe2.1.19357.052e7ea83nzpqm4pg.exe2.1.19357.052e7ea83c0000005000011aa1b5c01cf6ca2f05c28f3C:\Users\Ronnie\Downloads\nzpqm4pg.exeC:\Users\Ronnie\Downloads\nzpqm4pg.exe320c0a0e-d896-11e3-bead-9c2a7048404e

CodeIntegrity Errors:
===================================
Date: 2013-10-20 19:20:26.590
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_1.0.0.4_x64__n49tcsmxt2t2c\McMetroShim.winmd that did not meet the Store signing level requirements.

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 12249 MB
Available physical RAM: 10302.3 MB
Total Pagefile: 14105 MB
Available Pagefile: 11873.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.08 GB) (Free:762.41 GB) NTFS
Drive k: (RabbitTV_USB_Mac) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 8CB1F8C9)

Partition: GPT Partition Type.

==================== End Of Log ============================


----------



## RonnSull

sorry bout that. noticed it posted the first part twice


----------



## Mark1956

The logs are only showing a Proxy setting for Firefox.

Please run this tool and post the log:

Please download MiniToolBox and save it to your desktop.
Double click on the MiniToolBox icon









The window will open as shown below.

Click on each of the boxes as indicated in the list below, then click on the *GO* button.

Copy & Paste the contents of the report that appears into your next post, you can also find a copy of the report on your desktop (Result.txt).

*Please only put a check mark next to the following items:*


Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration


----------



## RonnSull

MiniToolBox by Farbar Version: 23-01-2014
Ran by Ronnie (administrator) on 13-05-2014 at 05:33:43
Running from "C:\Users\Ronnie\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

========================= IP Configuration: ================================

Dell Wireless 1703 802.11b|g|n (2.4GHz) = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : desktop
Primary Dns Suffix . . . . . . . : 
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kyn.rr.com

Wireless LAN adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
Physical Address. . . . . . . . . : 5E-2A-70-48-40-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1E-2A-70-48-40-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 9C-2A-70-48-40-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : kyn.rr.com
Description . . . . . . . . . . . : Dell Wireless 1703 802.11b|g|n (2.4GHz)
Physical Address. . . . . . . . . : 9C-2A-70-48-40-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2605:a000:6100:3c00:b0da:59db:b55e:37d0(Preferred) 
Temporary IPv6 Address. . . . . . : 2605:a000:6100:3c00:911b:ad6f:d47d:7118(Preferred) 
Link-local IPv6 Address . . . . . : fe80::b0da:59db:b55e:37d0%4(Preferred) 
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred) 
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, May 12, 2014 5:22:44 PM
Lease Expires . . . . . . . . . . : Tuesday, May 13, 2014 6:22:46 AM
Default Gateway . . . . . . . . . : fe80::21d:d0ff:fee1:4511%4
192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 261892720
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-C6-AE-5B-9C-2A-70-48-40-4D
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 90-B1-1C-9E-A8-F5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.kyn.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : kyn.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3ca3:39e9:3f57:fffd(Preferred) 
Link-local IPv6 Address . . . . . : fe80::3ca3:39e9:3f57:fffd%8(Preferred) 
Default Gateway . . . . . . . . . : 
DHCPv6 IAID . . . . . . . . . . . : 167772160
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-C6-AE-5B-9C-2A-70-48-40-4D
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4009:806::1009
74.125.225.134
74.125.225.135
74.125.225.136
74.125.225.137
74.125.225.142
74.125.225.128
74.125.225.129
74.125.225.130
74.125.225.131
74.125.225.132
74.125.225.133

Pinging google.com [2607:f8b0:4009:805::1009] with 32 bytes of data:
Reply from 2607:f8b0:4009:805::1009: time=50ms 
Reply from 2607:f8b0:4009:805::1009: time=50ms

Ping statistics for 2607:f8b0:4009:805::1009:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 50ms, Average = 50ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=62ms TTL=50
Reply from 98.138.253.109: bytes=32 time=62ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 62ms, Average = 62ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
10...5e 2a 70 48 40 4d ......Microsoft Hosted Network Virtual Adapter
9...1e 2a 70 48 40 4d ......Microsoft Wi-Fi Direct Virtual Adapter
6...9c 2a 70 48 40 4e ......Bluetooth Device (Personal Area Network)
4...9c 2a 70 48 40 4d ......Dell Wireless 1703 802.11b|g|n (2.4GHz)
3...90 b1 1c 9e a8 f5 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
8...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
4 281 ::/0 fe80::21d:d0ff:fee1:4511
1 306 ::1/128 On-link
8 306 2001::/32 On-link
8 306 2001:0:9d38:90d7:3ca3:39e9:3f57:fffd/128
On-link
4 281 2605:a000:6100:3c00::/64 On-link
4 281 2605:a000:6100:3c00:911b:ad6f:d47d:7118/128
On-link
4 281 2605:a000:6100:3c00:b0da:59db:b55e:37d0/128
On-link
4 281 fe80::/64 On-link
8 306 fe80::/64 On-link
8 306 fe80::3ca3:39e9:3f57:fffd/128
On-link
4 281 fe80::b0da:59db:b55e:37d0/128
On-link
1 306 ff00::/8 On-link
4 281 ff00::/8 On-link
8 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

**** End of log ****


----------



## Mark1956

That successfully reset the Proxy on Firefox, how is it now?


----------



## RonnSull

Firefox has been working but IE11 still isn't


----------



## RonnSull

The proxy server isn't responding


Check your proxy settings *127.0.0.1:8877*.
Go to Tools > Internet Options > Connections. If you are on a LAN, click "LAN settings".
Make sure your firewall settings aren't blocking your web access.
Ask your system administrator for help.
This is what IE keeps saying

I have went to tools/internet options/connections/lan settings and i keep unchecking the proxy server box but it keeps on rechecking it every time.


----------



## RonnSull

when i click on advance tab http and secure is always *127.0.0.1* and port is *8877 *and exceptions says loopback


----------



## RonnSull

Also when I click on fix connection it says in troubleshooting 

Problems Found
The remote device or resource won't accept the connection


----------



## Mark1956

I must admit I am out of ideas after what we have done. I have sent a message to another helper on this site that has a lot more knowledge with the internet side of things to see if he can offer further guidance. I am fairly certain that your PC is not infected.

I'll be back as soon as I get a response.


----------



## RonnSull

Ok cool thanks. Let me know. I've tried everything I too can think of but I'm at a loss on this.


----------



## Mark1956

Hopefully I shall get a reply to my message within the next day or two.


----------



## TerryNet

Am I correct that Firefox is now working, but IE is still running into the proxy problem?

When you go to LAN Settings do you make sure none of the three choices are selected? And then "OK" a couple times to get out of LAN Settings and Internet Options? If you then go right back into Internet Options - Connections - LAN Settings what is the situation? If it is still OK does the proxy show up as soon as you enter IE?

The following will not hurt, and could be a magic fix ...

*TCP/IP stack repair options for use with Vista and 7 and 8. *

Start - All Programs - Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt. [For Windows 8: <Windows Logo> + x - Command Prompt(Admin)]

Reset WINSOCK entries to installation defaults: *netsh winsock reset catalog*

Reset IPv4 TCP/IP stack to installation defaults. *netsh int ipv4 reset reset.log*

Reset IPv6 TCP/IP stack to installation defaults. *netsh int ipv6 reset reset.log*

Reboot the machine.


----------



## RonnSull

Yes Firefox is working. IE is still doing the proxy message. I have done Internet Options - Connections - LAN Settings and unchecked the proxy box. Then try IE again and still get the message. Check LAN settings and Proxy is selected again. I just tried the command prompts and restarted the machine and I am still getting the proxy message.


----------



## Mark1956

Lets try a reset on IE.

These instructions are for Windows 7 so there might be some minor differences.

Before you do this, as a precaution, save your favorites.
Open Internet Explorer and click on File > Import Export.
Select Export to file, then Next.
Select Favorites and then Next and Next again.
Select the location to save the file using the Browse button (I would suggest the Desktop).
Click on the Export button then Finish.


Exit all programs, including Internet Explorer (if it is running).
Click on the Start button







and type the following command in the Search box, *inetcpl.cpl* and then press* Enter*
The *Internet Options* dialog box appears.
Click the *Advanced* tab.
Under *Reset Internet Explorer settings*, click *Reset*. Then click *Reset* again.
Click to select the *Delete personal settings *check box to remove browsing history, search providers, Accelerators, home pages, Tracking Protection, and ActiveX Filtering data.
When Internet Explorer finishes resetting the settings, click *Close* in the *Reset Internet Explorer Settings* dialog box. 
Start Internet Explorer again.


----------



## RonnSull

Still not correcting it.


----------



## Mark1956

What I think may have happened here is that you had an infection that added the Proxy server and it also made changes to the registry to block any attempt to change it back, so we will try this Repair tool below and see if that helps. As the settings made in Firefox have stayed put the infection must have been removed which is why we are not seeing anything suspicious in the logs.

It would be of interest to see what infections your Anti Virus and Malwarebytes actually removed, if you could find the logs and post them here that would be appreciated for future reference.

Download this and save it to the desktop: Windows Repair Use the coloured button next to *Direct Download* just below *Installer (5.32MB)* to start the download. NOTE: DO NOT use the green buttons at the top of the page as this is dubious software that could infect your system with Adware.

Close your browser and any running programs, double click on the Tweaking icon on your desktop to run the tool. When the program opens click on the *Step 5* tab. Under System Restore click on *Create* and wait for the confirmation to appear just below the button.

When complete click on the tab *Start Repairs*, click on the *Start* button. Then click on *Unselect All* and tick the boxes next to the the items in the list below.

When done click on the *Start* button and leave it undisturbed until complete.


Reset Registry Permissions
Reset File Permissions
Reset Service Permissions
Register System Files
Repair WMI
Repair Internet Explorer
Repair MDAC/MS Jet
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Set Windows Services To Default Startup
Restore Important Windows Services


----------



## RonnSull

That solved it. You are awesome. I greatly appreciate your time on helping me get this straightened out.


----------



## Phantom010

Glad Mark1956 nailed it! :up:


----------



## RonnSull

Thanks for your help too Phantom and Terrynet


----------



## Mark1956

That is good news Ronnie, is there any chance you would have the time to find the Malwarebytes and AVG logs so we can see what may have caused this problem. There are quite a few folks posting here with similar problems so it would help us to better understand what could have caused this.


----------



## RonnSull

Well I would but looks like I have a new problem now AVG won't work. I'm going to try to figure this out and I'll let you all know whats up


----------



## RonnSull

Okay got that took care of, the machine just needed to be restarted


----------



## RonnSull




----------



## RonnSull

For some reason I can't find my Malwarebytes Report. Dunno I deleted them by mistake or what.


----------



## Mark1956

Thanks for that. Can you also do the Malwarebytes log, I have instructions for that one.


Open Malwarebytes and click on the *Logs* tab.
Scroll down the list to find the relative scan dates.
Click on the entry and then click on *Open.*
Copy and paste the log into your next post.


----------



## Mark1956

Looks like our posts crossed. Not to worry and thanks for the log you did find.

You can delete all the tools used by right clicking on the program and selecting Delete. You can do the same with all the saved logs.

I would recommend you keep Adwcleaner to run regular scans for Adware.


----------



## RonnSull

ok thanks again. i'll probably hold all programs. never know i might need them again


----------



## Mark1956

You're welcome.


----------

