Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016 01 Ran by SUN (administrator) on SUN-HP (14-06-2016 01:47:21) Running from G:\After Hacked\ãÄÞÊ\Downloads Loaded Profiles: SUN (Available Profiles: SUN) Platform: Windows 7 Home Basic Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\itisaluna\itisaluna.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe () C:\Users\SUN\Downloads\RogueKillerX64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.) HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2016-05-27] (Bitdefender) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-31] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-12] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-20] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-2088086660-1261043681-1886644693-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2016-05-27] (Bitdefender) HKU\S-1-5-21-2088086660-1261043681-1886644693-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2016-05-27] (Bitdefender) HKU\S-1-5-21-2088086660-1261043681-1886644693-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2016-05-27] (Bitdefender) HKU\S-1-5-21-2088086660-1261043681-1886644693-1000\...\MountPoints2: H - H:\AutoRun.exe HKU\S-1-5-21-2088086660-1261043681-1886644693-1000\...\MountPoints2: {acaff717-2261-11e6-8097-ec9a745184b4} - G:\AutoRun.exe HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2016-05-27] (Bitdefender) HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2016-05-27] (Bitdefender) HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2016-05-27] (Bitdefender) Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-10-23] (EasyBits Software Corp.) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-05-24] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{012EE486-BB42-463E-9450-055F95A75F76}: [DhcpNameServer] 192.168.169.1 8.8.8.8 Tcpip\..\Interfaces\{D1E5FA7A-F49E-41CB-B00B-91E9D0117130}: [NameServer] 8.8.8.8 109.237.192.11 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2088086660-1261043681-1886644693-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {F623842B-86AF-45DA-ABE5-A2019D1536F5} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {F623842B-86AF-45DA-ABE5-A2019D1536F5} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKU\S-1-5-21-2088086660-1261043681-1886644693-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2088086660-1261043681-1886644693-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2088086660-1261043681-1886644693-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKU\S-1-5-21-2088086660-1261043681-1886644693-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\S-1-5-21-2088086660-1261043681-1886644693-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2088086660-1261043681-1886644693-1000 -> {F623842B-86AF-45DA-ABE5-A2019D1536F5} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2016-05-27] (Bitdefender) BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-19] (HP) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2016-05-27] (Bitdefender) BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-19] (HP) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: No Name -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> No File Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} - No File FireFox: ======== FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-24] [not signed] FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2016-05-27] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [bfmogjcijkfeahcajecmmegieipfbdcc] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-18] CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2016-05-27] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2016-05-27] (Bitdefender) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S2 itisaluna. RunOuc; C:\Program Files (x86)\itisaluna\UpdateDog\ouc.exe [655712 2016-05-25] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2016-05-27] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2016-05-27] (Bitdefender) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2016-05-27] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2016-05-27] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2016-05-27] (BitDefender) S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2016-05-27] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.) S3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [77624 2016-01-06] (eagleGet) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-06-14] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2016-05-27] (BitDefender S.R.L.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-14 01:45 - 2016-06-14 01:47 - 00000000 ____D C:\FRST 2016-06-14 01:17 - 2016-06-14 01:17 - 02385920 _____ (Farbar) C:\Users\SUN\Downloads\FRST64 (2).exe 2016-06-14 01:11 - 2016-06-14 01:11 - 02385920 _____ (Farbar) C:\Users\SUN\Downloads\FRST64.exe 2016-06-14 01:11 - 2016-06-14 01:11 - 02385920 _____ (Farbar) C:\Users\SUN\Downloads\FRST64 (1).exe 2016-06-14 00:48 - 2016-06-14 01:30 - 00000000 ____D C:\Users\SUN\Documents\RFolder 2016-06-13 00:43 - 2016-06-13 01:28 - 24172616 _____ C:\Users\SUN\Downloads\RogueKillerX64.exe 2016-06-12 02:17 - 2016-06-12 02:17 - 00001159 _____ C:\Users\SUN\Desktop\FRST64.exe - Shortcut.lnk 2016-06-11 01:15 - 2016-06-11 01:17 - 00002318 _____ C:\Users\SUN\Desktop\rk_7926.txt 2016-06-11 01:11 - 2016-06-11 01:13 - 00002282 _____ C:\Users\SUN\Desktop\rk_42AB.txt 2016-06-11 00:55 - 2016-06-14 00:31 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys 2016-06-11 00:50 - 2016-06-11 01:17 - 00000000 ____D C:\ProgramData\RogueKiller 2016-06-10 02:18 - 2016-06-10 02:48 - 19906632 _____ C:\Users\SUN\Downloads\RogueKiller.exe 2016-06-08 20:38 - 2016-06-08 20:38 - 00262144 _____ C:\Windows\Minidump\060816-57205-01.dmp 2016-06-03 19:07 - 2016-06-03 19:07 - 00094937 _____ C:\Users\SUN\Desktop\ZHPDiag.txt 2016-06-03 19:04 - 2016-06-03 19:08 - 00000000 ____D C:\Users\SUN\AppData\Roaming\ZHP 2016-06-03 19:04 - 2016-06-03 19:04 - 00000780 _____ C:\Users\SUN\Desktop\ZHPDiag.lnk 2016-06-03 11:49 - 2013-10-19 05:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2016-06-03 11:49 - 2013-10-19 04:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2016-06-03 11:49 - 2013-10-12 05:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2016-06-03 11:49 - 2013-10-12 05:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2016-06-03 11:49 - 2013-10-12 05:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2016-06-03 11:49 - 2013-10-12 05:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2016-06-03 11:49 - 2013-10-12 04:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2016-06-03 11:49 - 2013-10-12 04:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2016-06-03 11:49 - 2013-10-12 04:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2016-06-03 11:49 - 2013-10-12 04:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2016-06-03 11:49 - 2012-03-01 09:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2016-06-03 11:49 - 2012-03-01 09:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2016-06-03 11:49 - 2012-03-01 08:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2016-06-03 09:34 - 2011-08-27 08:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-06-03 09:34 - 2011-08-27 08:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2016-06-03 09:34 - 2011-08-27 07:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-06-03 09:34 - 2011-08-27 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2016-06-02 06:47 - 2016-06-07 01:32 - 00001696 _____ C:\bdlog.txt 2016-05-31 19:38 - 2016-05-31 19:38 - 00764126 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-05-31 17:02 - 2016-05-31 17:02 - 00002134 _____ C:\Users\SUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-31 17:02 - 2016-05-31 17:02 - 00002104 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-31 17:02 - 2016-05-31 17:02 - 00002104 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-31 17:02 - 2016-05-31 17:02 - 00000000 ___RD C:\Users\SUN\OneDrive 2016-05-31 17:02 - 2016-05-31 17:02 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2016-05-31 17:02 - 2016-05-31 17:02 - 00000000 ____D C:\a0535c7ff878ddfb7b 2016-05-31 17:01 - 2016-05-31 17:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-05-31 16:38 - 2016-05-31 16:38 - 00000000 ____D C:\Users\SUN\AppData\Local\Windows Live 2016-05-31 16:29 - 2016-05-31 16:33 - 01240256 _____ (Microsoft Corporation) C:\Users\SUN\Downloads\wlsetup-web.exe 2016-05-31 16:20 - 2016-05-31 16:26 - 00000000 ____D C:\Users\SUN\AppData\Local\Adobe 2016-05-31 11:11 - 2016-06-08 20:38 - 00000000 ____D C:\Windows\Minidump 2016-05-31 11:11 - 2016-06-08 20:37 - 576655543 _____ C:\Windows\MEMORY.DMP 2016-05-31 11:11 - 2016-05-31 11:11 - 00266288 _____ C:\Windows\Minidump\053116-21153-01.dmp 2016-05-31 08:01 - 2016-05-31 08:01 - 00000000 ____D C:\Users\SUN\AppData\Local\CrashRpt 2016-05-31 07:34 - 2016-05-31 07:58 - 12221760 _____ C:\Users\SUN\Downloads\HSS-5.4.3-install-plain-773-plain.exe 2016-05-29 17:05 - 2016-05-30 21:34 - 00000000 ____D C:\Program Files (x86)\Tools4Free 2016-05-29 17:03 - 2016-05-29 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2016-05-29 17:03 - 2016-05-29 17:03 - 00000000 ____D C:\Program Files (x86)\WinPcap 2016-05-29 16:59 - 2016-05-29 16:59 - 02709440 _____ (Tools4Free) C:\Users\SUN\Downloads\AntiNetCut3-Win7.exe 2016-05-29 16:16 - 2016-05-29 16:16 - 00003112 _____ C:\Windows\System32\Tasks\{123DC23B-D4D6-4D99-A49D-5C4CA5FD7356} 2016-05-29 10:56 - 2016-05-29 10:56 - 00000000 ____D C:\Users\SUN\AppData\Local\ESET 2016-05-29 08:35 - 2016-05-29 08:39 - 01322047 _____ (SUPERAntiSpyware) C:\Users\SUN\Downloads\SUPERAntiSpyware.exe.l2d9iqz.partial 2016-05-28 21:55 - 2016-01-06 22:37 - 00077624 _____ (eagleGet) C:\Windows\system32\Drivers\eagleGet.update 2016-05-28 21:55 - 2016-01-06 22:37 - 00077624 _____ (eagleGet) C:\Windows\system32\Drivers\eagleGet.sys 2016-05-28 12:05 - 2016-05-28 12:05 - 00000000 ____D C:\Users\SUN\AppData\Local\ElevatedDiagnostics 2016-05-28 12:00 - 2016-05-28 12:00 - 00239880 _____ C:\Users\SUN\Downloads\WindowsUpdateDiagnostic.diagcab 2016-05-27 15:18 - 2016-05-30 17:00 - 00000000 ____D C:\Users\SUN\Documents\Bluetooth Exchange Folder 2016-05-27 15:18 - 2016-05-27 15:18 - 00000000 ____D C:\Users\SUN\AppData\Local\Broadcom 2016-05-27 13:13 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2016-05-27 13:09 - 2016-05-27 13:09 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-05-27 13:09 - 2016-05-27 13:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-05-27 13:09 - 2016-05-27 13:09 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-27 13:09 - 2016-05-27 13:09 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-27 13:09 - 2016-05-27 13:09 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2016-05-27 13:09 - 2016-05-27 13:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2016-05-27 13:09 - 2016-05-27 13:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-05-27 13:09 - 2016-05-27 13:09 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-05-27 13:09 - 2016-05-27 13:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2016-05-27 13:09 - 2016-05-27 13:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2016-05-27 13:09 - 2016-05-27 13:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2016-05-27 13:09 - 2016-05-27 13:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2016-05-27 13:09 - 2016-05-27 13:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-05-27 13:02 - 2013-04-26 02:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-05-27 13:02 - 2013-04-01 01:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-05-27 12:58 - 2012-11-23 06:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2016-05-27 12:53 - 2016-05-27 12:53 - 00000000 ____D C:\f91f877c2c5e73dbe8f3 2016-05-27 12:49 - 2012-08-20 21:48 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-05-27 12:49 - 2012-08-20 21:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-05-27 12:49 - 2012-08-20 21:48 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-05-27 12:49 - 2012-08-20 21:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-05-27 12:49 - 2012-08-20 21:48 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-05-27 12:49 - 2012-08-20 21:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-05-27 12:49 - 2012-08-20 21:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-05-27 12:49 - 2012-08-20 21:46 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-05-27 12:49 - 2012-08-20 21:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 21:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-05-27 12:49 - 2012-08-20 20:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-05-27 12:49 - 2012-08-20 20:37 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-05-27 12:49 - 2012-08-20 20:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-05-27 12:49 - 2012-08-20 20:37 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 20:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 18:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-05-27 12:49 - 2012-08-20 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-05-27 12:49 - 2012-08-20 18:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 18:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 18:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-05-27 12:49 - 2012-08-20 18:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-05-27 12:45 - 2016-05-27 12:45 - 00000000 ____D C:\0bfc73dc088e8a77c39a4693 2016-05-27 12:37 - 2016-05-27 12:37 - 00000000 ____D C:\272d2cbf8788dff28821d4848e7f0047 2016-05-27 12:29 - 2013-01-14 00:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2016-05-27 12:29 - 2013-01-14 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-05-27 12:29 - 2013-01-13 23:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2016-05-27 12:29 - 2013-01-13 23:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-05-27 12:29 - 2013-01-13 23:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-05-27 12:29 - 2013-01-13 23:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2016-05-27 12:29 - 2013-01-13 23:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2016-05-27 12:29 - 2013-01-13 22:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-05-27 12:29 - 2013-01-13 22:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-05-27 12:29 - 2013-01-13 22:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-27 12:29 - 2013-01-13 22:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2016-05-27 12:29 - 2013-01-13 22:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2016-05-27 12:29 - 2013-01-13 22:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-05-27 12:29 - 2013-01-13 22:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-05-27 12:29 - 2013-01-13 22:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2016-05-27 12:29 - 2013-01-13 22:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2016-05-27 12:29 - 2013-01-13 22:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-27 12:29 - 2013-01-13 22:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2016-05-27 12:29 - 2013-01-13 22:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2016-05-27 12:29 - 2013-01-13 22:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-05-27 12:29 - 2013-01-13 22:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2016-05-27 12:29 - 2013-01-13 22:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-27 12:29 - 2013-01-13 22:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-05-27 12:29 - 2013-01-13 22:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2016-05-27 12:29 - 2013-01-13 22:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2016-05-27 12:29 - 2013-01-13 22:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-27 12:29 - 2013-01-13 22:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-05-27 12:29 - 2013-01-13 22:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2016-05-27 12:29 - 2013-01-13 21:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2016-05-27 12:29 - 2013-01-13 21:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-05-27 12:29 - 2013-01-13 21:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2016-05-27 12:29 - 2013-01-13 20:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2016-05-27 12:29 - 2013-01-13 20:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2016-05-27 12:29 - 2013-01-04 09:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-05-27 12:29 - 2013-01-04 09:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-05-27 12:21 - 2016-05-27 12:21 - 00000000 ____D C:\4325362730463e2b81f18345 2016-05-27 12:20 - 2015-05-09 06:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-05-27 12:20 - 2015-05-09 06:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-05-27 12:20 - 2015-05-09 06:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-05-27 12:20 - 2015-05-09 06:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-05-27 12:20 - 2015-05-09 06:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-05-27 12:20 - 2015-05-09 06:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-05-27 12:20 - 2015-05-09 06:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-05-27 12:20 - 2015-05-09 06:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-05-27 12:20 - 2015-05-09 06:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-05-27 12:20 - 2015-05-09 06:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-05-27 12:20 - 2015-05-09 06:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-05-27 12:20 - 2015-05-09 06:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-05-27 12:20 - 2015-05-09 06:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-05-27 12:20 - 2015-05-09 06:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-05-27 12:20 - 2015-05-09 06:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-05-27 12:20 - 2015-05-09 06:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-05-27 12:11 - 2016-06-03 15:51 - 00000000 ____D C:\Users\SUN\AppData\Local\CrashDumps 2016-05-27 11:34 - 2016-05-27 11:34 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2016-05-27 11:32 - 2016-05-27 11:32 - 00003498 _____ C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 2016-05-27 11:32 - 2016-05-27 11:32 - 00000000 ____D C:\Program Files\Common Files\AV 2016-05-27 11:31 - 2016-05-27 11:31 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2016-05-27 11:30 - 2016-05-27 11:30 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2016-05-27 11:29 - 2016-05-27 11:29 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2016-05-27 08:53 - 2016-05-27 11:32 - 00000414 _____ C:\Windows\system32\checkdnsid.xml 2016-05-27 08:38 - 2016-05-27 08:38 - 02362877 _____ C:\ProgramData\1464327204.bdinstall.bin 2016-05-27 08:38 - 2016-05-27 08:38 - 00000385 _____ C:\Windows\system32\user_gensett.xml 2016-05-27 08:38 - 2016-05-27 08:38 - 00000385 _____ C:\Users\SUN\AppData\Roaminguser_gensett.xml 2016-05-27 08:37 - 2016-05-27 11:30 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll 2016-05-27 08:37 - 2016-05-27 11:27 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2016-05-27 08:37 - 2016-05-27 08:38 - 00000000 ____D C:\ProgramData\BDLogging 2016-05-27 08:37 - 2016-05-27 08:37 - 00002190 _____ C:\Users\Public\Desktop\Bitdefender Safepay.lnk 2016-05-27 08:37 - 2016-05-27 08:37 - 00002071 _____ C:\Users\Public\Desktop\Bitdefender Total Security.lnk 2016-05-27 08:37 - 2016-05-27 08:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2016-05-27 08:37 - 2016-05-27 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016-05-27 08:37 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys 2016-05-27 08:37 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys 2016-05-27 08:37 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys 2016-05-27 08:37 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2016-05-27 08:36 - 2016-05-27 08:38 - 00000000 ____D C:\Users\SUN\AppData\Roaming\Bitdefender 2016-05-27 08:33 - 2016-05-27 11:32 - 00000000 ____D C:\ProgramData\Bitdefender 2016-05-27 08:33 - 2016-05-27 11:28 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2016-05-27 08:33 - 2016-05-27 11:28 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll 2016-05-27 08:33 - 2016-05-27 11:25 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll 2016-05-27 08:33 - 2016-05-27 08:36 - 00000000 ____D C:\Program Files\Bitdefender 2016-05-27 08:33 - 2016-05-27 08:33 - 00000000 ____D C:\Users\SUN\AppData\Roaming\QuickScan 2016-05-27 08:33 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2016-05-27 08:32 - 2016-05-27 08:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2016-05-27 08:31 - 2016-05-27 08:31 - 00000000 ____D C:\ProgramData\Easybits Magic Desktop for HP 2016-05-27 08:30 - 2016-05-27 08:30 - 00000000 ____D C:\Users\SUN\AppData\Roaming\Macromedia 2016-05-27 08:30 - 2016-05-27 08:30 - 00000000 ____D C:\Users\SUN\AppData\Roaming\Adobe 2016-05-25 17:54 - 2016-05-25 17:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-05-25 17:49 - 2016-05-25 17:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-05-25 17:49 - 2016-05-25 17:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2016-05-25 17:49 - 2016-05-25 17:49 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00417280 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00218624 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00098304 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00087040 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00072192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2016-05-25 17:49 - 2016-05-25 17:49 - 00001023 _____ C:\Users\Public\Desktop\itisaluna.lnk 2016-05-25 17:49 - 2016-05-25 17:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2016-05-25 17:49 - 2016-05-25 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\itisaluna 2016-05-25 17:49 - 2016-05-25 17:49 - 00000000 ____D C:\ProgramData\itisaluna 2016-05-25 17:49 - 2016-05-25 17:49 - 00000000 ____D C:\Program Files (x86)\itisaluna 2016-05-25 17:48 - 2016-05-25 17:49 - 00000000 ____D C:\ProgramData\DatacardService 2016-05-24 19:24 - 2016-05-24 19:24 - 00057560 _____ C:\Users\SUN\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-24 19:23 - 2016-05-24 19:23 - 00000000 ____D C:\Users\SUN\AppData\Roaming\ATI 2016-05-24 19:23 - 2016-05-24 19:23 - 00000000 ____D C:\Users\SUN\AppData\Local\ATI 2016-05-24 10:45 - 2016-05-24 10:45 - 00000000 ____D C:\ProgramData\ATI 2016-05-24 10:44 - 2016-05-24 10:44 - 00000000 ____D C:\ProgramData\Synaptics 2016-05-24 10:44 - 2016-05-24 10:44 - 00000000 ____D C:\ProgramData\Intel 2016-05-24 10:38 - 2016-05-24 10:38 - 00000000 ____D C:\Users\Public\Symantec 2016-05-24 10:38 - 2016-05-24 10:38 - 00000000 ____D C:\Program Files (x86)\SymSilent 2016-05-24 10:38 - 2016-05-24 04:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos 2016-05-24 10:37 - 2016-05-24 10:37 - 00000000 ____D C:\ProgramData\CyberLink 2016-05-24 10:36 - 2016-05-24 10:36 - 00505128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2016-05-24 10:36 - 2016-05-24 10:36 - 00353576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2016-05-24 10:36 - 2016-05-24 10:36 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2016-05-24 10:33 - 2016-05-24 10:33 - 00000000 ____D C:\ProgramData\Downloaded Installations 2016-05-24 10:33 - 2016-05-24 10:33 - 00000000 ____D C:\Program Files\Common Files\AuthenTec 2016-05-24 10:33 - 2016-05-24 10:33 - 00000000 ____D C:\Program Files (x86)\HP SimplePass 2011 2016-05-24 10:32 - 2016-05-25 17:53 - 00000000 ____D C:\ProgramData\Norton 2016-05-24 10:32 - 2016-05-24 10:32 - 00003148 _____ C:\Windows\System32\Tasks\MirageAgent 2016-05-24 10:32 - 2016-05-24 10:32 - 00000000 ____D C:\Users\Public\Documents\YouCam 2016-05-24 10:32 - 2016-05-24 10:32 - 00000000 ____D C:\ProgramData\NortonInstaller 2016-05-24 10:31 - 2016-05-24 10:36 - 00000000 ____D C:\Program Files (x86)\CyberLink 2016-05-24 10:30 - 2016-05-24 10:36 - 00000000 ____D C:\ProgramData\Temp 2016-05-24 10:29 - 2016-05-24 10:29 - 00000593 _____ C:\Windows\system32\ndCPrepLog 2016-05-24 10:29 - 2016-05-24 10:29 - 00000000 _____ C:\Windows\ativpsrm.bin 2016-05-24 10:27 - 2016-05-24 10:33 - 00000000 ____D C:\Program Files\Symantec 2016-05-24 10:26 - 2016-05-24 10:26 - 00000000 ____D C:\Windows\Hewlett-Packard 2016-05-24 10:26 - 2011-09-21 04:36 - 00620584 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys 2016-05-24 10:25 - 2011-09-21 04:36 - 00178728 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys 2016-05-24 10:25 - 2011-09-21 04:36 - 00167976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys 2016-05-24 10:25 - 2011-09-21 04:36 - 00133672 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys 2016-05-24 10:25 - 2011-09-21 04:36 - 00089640 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwdpan.sys 2016-05-24 10:25 - 2011-09-21 04:36 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys 2016-05-24 10:25 - 2011-09-21 04:36 - 00039566 _____ C:\Windows\system32\Drivers\BCM20702A1_001.002.014.0136.0168.hex 2016-05-24 10:25 - 2011-09-21 04:36 - 00022056 _____ (Broadcom Corporation.) C:\Windows\system32\btwcoins.dll 2016-05-24 10:25 - 2011-09-21 04:36 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys 2016-05-24 10:24 - 2016-05-24 10:24 - 00000000 ____D C:\Program Files\WIDCOMM 2016-05-24 10:23 - 2016-05-24 10:26 - 00000000 ____D C:\Program Files\Broadcom 2016-05-24 10:23 - 2016-05-24 10:23 - 04729408 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS 2016-05-24 10:23 - 2016-05-24 10:23 - 03952128 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll 2016-05-24 10:23 - 2016-05-24 10:23 - 03617280 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll 2016-05-24 10:23 - 2016-05-24 10:23 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2016-05-24 10:23 - 2016-05-24 10:23 - 00006656 _____ C:\Windows\system32\bcmwlrc.dll 2016-05-24 10:22 - 2016-05-24 10:22 - 00000000 ____D C:\Windows\SysWOW64\sda 2016-05-24 10:22 - 2016-05-24 10:22 - 00000000 ____D C:\Windows\system32\SRSLabs 2016-05-24 10:22 - 2016-05-24 10:22 - 00000000 ____D C:\Program Files\IDT 2016-05-24 10:22 - 2016-05-24 10:22 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-05-24 10:22 - 2011-09-08 16:42 - 06012416 _____ (IDT, Inc.) C:\Windows\system32\IDTNGUI.exe 2016-05-24 10:22 - 2011-09-08 16:42 - 05077504 _____ (IDT, Inc.) C:\Windows\system32\IDTNHP.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 04113408 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 01966080 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 01819136 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl 2016-05-24 10:22 - 2011-09-08 16:42 - 01424896 _____ (IDT, Inc.) C:\Windows\sttray64.exe 2016-05-24 10:22 - 2011-09-08 16:42 - 01041920 _____ (IDT, Inc.) C:\Windows\system32\IDTNX.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 00655872 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 00564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe 2016-05-24 10:22 - 2011-09-08 16:42 - 00535040 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2016-05-24 10:22 - 2011-09-08 16:42 - 00446464 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 00251392 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll 2016-05-24 10:22 - 2011-09-08 16:42 - 00233472 _____ (IDT, Inc.) C:\Windows\system32\IDTNJ.exe 2016-05-24 10:22 - 2011-09-02 22:46 - 09887848 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll 2016-05-24 10:22 - 2011-09-02 22:46 - 00339048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys 2016-05-24 10:22 - 2011-08-24 08:57 - 00565352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2016-05-24 10:22 - 2011-08-24 08:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2016-05-24 10:22 - 2011-08-24 08:57 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll 2016-05-24 10:22 - 2011-02-02 00:24 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll 2016-05-24 10:21 - 2016-05-24 10:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-05-24 10:21 - 2016-05-24 10:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2016-05-24 10:21 - 2016-05-24 10:21 - 00000000 ____D C:\Program Files\Synaptics 2016-05-24 10:21 - 2016-05-24 10:21 - 00000000 ____D C:\Program Files\Common Files\Intel 2016-05-24 10:21 - 2011-04-26 21:07 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys 2016-05-24 10:20 - 2016-05-24 10:20 - 00000000 ____D C:\Program Files (x86)\AMD APP 2016-05-24 10:20 - 2011-03-17 23:51 - 00003929 _____ C:\Windows\SysWOW64\atipblup.dat 2016-05-24 10:20 - 2011-03-17 23:51 - 00003929 _____ C:\Windows\system32\atipblup.dat 2016-05-24 10:19 - 2016-05-24 10:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2016-05-24 10:19 - 2016-05-24 10:19 - 00000000 ____D C:\Program Files\ATI 2016-05-24 10:18 - 2016-05-24 10:27 - 00000000 ____D C:\Program Files (x86)\Intel 2016-05-24 10:18 - 2016-05-24 10:18 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cNB_Pavilion g6 Notebook PC_Y5335KV_0U_Q5CD1504JQ2_E666941-171_4A_I1670_SHP_V09.47_BF.41_T111011_W72-1_L409_M4044_J500_7Intel_86A7_92.50_#160524_N_(A8W91EA#ABV)_XMOBILE_CN10_Z_20691130000204610000610100.MRK 2016-05-24 10:18 - 2016-05-24 10:18 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cNB_Pavilion g6 Notebook PC_Y5335KV_0U_Q5CD1504JQ2_E666941-171_4A_I1670_SHP_V09.47_BF.41_T111011_W72-1_L409_M4044_J500_7Intel_86A7_92.50_#160524_N_(A8W91EA#ABV)_XMOBILE_CN10_Z_20691130000204610000610100.MRK 2016-05-24 10:18 - 2016-05-24 10:18 - 00000000 ____D C:\Intel 2016-05-24 10:18 - 2010-10-07 20:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2016-05-24 10:16 - 2016-05-24 10:16 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat 2016-05-24 04:23 - 2016-06-14 01:05 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{51AC6F9F-726C-4338-A269-F06F4BCF54D1} 2016-05-24 04:23 - 2016-05-27 13:16 - 00001417 _____ C:\Users\SUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-05-24 04:23 - 2016-05-24 04:23 - 00000000 ____D C:\Users\SUN\AppData\Roaming\Synaptics 2016-05-24 04:22 - 2016-05-24 04:23 - 00000000 ____D C:\Users\SUN\AppData\Roaming\hpqlog 2016-05-24 04:22 - 2016-05-24 04:22 - 00000000 ____D C:\Users\SUN\AppData\Roaming\Hewlett-Packard 2016-05-24 04:22 - 2016-05-24 04:22 - 00000000 ____D C:\Users\SUN\AppData\Local\Hewlett-Packard 2016-05-24 04:21 - 2016-05-24 04:21 - 00000000 ____D C:\Users\SUN\AppData\Local\RemEngine 2016-05-24 04:21 - 2016-05-24 04:21 - 00000000 ____D C:\Users\SUN\AppData\Local\Hewlett-Packard_Company 2016-05-24 04:20 - 2016-06-14 00:30 - 00000000 ____D C:\Users\SUN\AppData\LocalLow\AuthenTec 2016-05-24 04:20 - 2016-05-31 17:02 - 00000000 ____D C:\Users\SUN 2016-05-24 04:20 - 2016-05-24 04:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2016-05-24 04:20 - 2016-05-24 04:20 - 00000020 ___SH C:\Users\SUN\ntuser.ini 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 _SHDL C:\Users\SUN\My Documents 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 _SHDL C:\Users\SUN\Documents\My Videos 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 _SHDL C:\Users\SUN\Documents\My Pictures 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 _SHDL C:\Users\SUN\Documents\My Music 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 ____D C:\Users\SUN\AppData\Roaming\Symantec 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 ____D C:\Users\SUN\AppData\Local\VirtualStore 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 ____D C:\ProgramData\Adobe 2016-05-24 04:20 - 2016-05-24 04:20 - 00000000 ____D C:\Program Files (x86)\Adobe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-14 01:40 - 2009-07-14 08:13 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-14 01:40 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf 2016-06-14 00:38 - 2009-07-14 07:45 - 00022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-14 00:38 - 2009-07-14 07:45 - 00022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-14 00:29 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-31 17:24 - 2011-10-23 00:05 - 00000000 ____D C:\Program Files (x86)\Windows Live 2016-05-31 17:23 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-05-31 17:01 - 2011-10-23 00:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2016-05-31 17:01 - 2011-10-23 00:04 - 00000000 ____D C:\Program Files\Windows Live 2016-05-29 08:34 - 2009-07-14 08:08 - 00016546 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-05-27 22:27 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\SysWOW64\winrm 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\SysWOW64\WCN 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\SysWOW64\sysprep 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\system32\winrm 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\system32\WCN 2016-05-27 22:22 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\system32\slmgr 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Windows Sidebar 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Windows Defender 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\DVD Maker 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-05-27 22:22 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\Setup 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\oobe 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\MUI 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\com 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\sysprep 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\Setup 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\oobe 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\MUI 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\migwiz 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\Dism 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\IME 2016-05-27 22:22 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\System 2016-05-27 22:21 - 2010-11-21 10:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2016-05-27 22:21 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\com 2016-05-27 15:54 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF 2016-05-27 12:46 - 2009-07-14 07:45 - 00266544 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-24 23:07 - 2009-07-14 08:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-05-24 14:17 - 2007-01-02 04:25 - 00000000 ____D C:\Windows\Panther 2016-05-24 11:12 - 2011-10-22 23:11 - 00000012 _____ C:\Windows\CSUP.txt 2016-05-24 11:09 - 2009-07-14 08:32 - 00032768 _____ C:\Windows\system32\config\BCD-Template 2016-05-24 10:44 - 2011-10-23 00:03 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-05-24 10:38 - 2011-08-31 21:05 - 00000000 ___HD C:\HP 2016-05-24 10:37 - 2011-10-23 00:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-05-24 10:36 - 2011-10-22 23:45 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-05-24 10:23 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\lv-LV 2016-05-24 10:23 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\lt-LT 2016-05-24 10:23 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\et-EE 2016-05-24 04:22 - 2011-02-10 22:23 - 00000000 ____D C:\SWSetup 2016-05-24 04:21 - 2011-10-23 00:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2016-05-24 04:21 - 2011-10-23 00:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2016-05-24 04:21 - 2011-10-22 23:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2016-05-24 04:21 - 2011-10-22 23:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2016-05-24 04:21 - 2011-10-22 23:49 - 00000000 ___RD C:\Program Files (x86)\Online Services 2016-05-24 04:21 - 2011-02-10 22:23 - 00000000 ___HD C:\SYSTEM.SAV ==================== Files in the root of some directories ======= 2016-05-27 08:38 - 2016-05-27 08:38 - 2362877 _____ () C:\ProgramData\1464327204.bdinstall.bin Some files in TEMP: ==================== C:\Users\SUN\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-05-31 11:04 ==================== End of FRST.txt ============================