Jump to content

Change Mode

Weird Services and Hidden Devices accumulating


Neonknight77
 Share

Recommended Posts

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 12:56:10 AM, on 10/1/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.18571)

 

FIREFOX: 32.0.3 (x86 en-US)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\ClamWin\bin\ClamTray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe

C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe

C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.56\deploy\League of Legends.exe

C:\Users\OPERATOR\Downloads\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [ClamWin] "C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-21-2062969748-2399301820-3542092180-1000\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe

O15 - Trusted Zone: http://*.OPERATOR-PC

O15 - ESC Trusted Zone: http://*.OPERATOR-PC

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

 

--

End of file - 5074 bytes

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-09-2014

Ran by OPERATOR (administrator) on OPERATOR-PC on 01-10-2014 00:15:05

Running from C:\Users\OPERATOR\Downloads

Loaded Profile: OPERATOR (Available profiles: OPERATOR)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 8

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

() C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.56\deploy\League of Legends.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)

HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2014-08-07] (alch)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)

HKU\S-1-5-21-2062969748-2399301820-3542092180-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7763736 2014-09-09] (SUPERAntiSpyware)

ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [sharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [sharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x771E25CD55CCCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab

Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\OPERATOR\AppData\Roaming\Mozilla\Firefox\Profiles\f3nybbca.default

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: LanSweeper Shellexec plugin - C:\Users\OPERATOR\AppData\Roaming\Mozilla\Firefox\Profiles\f3nybbca.default\Extensions\lansweeperplugin@lansweeper.com [2014-09-11]

FF Extension: Adblock Plus - C:\Users\OPERATOR\AppData\Roaming\Mozilla\Firefox\Profiles\f3nybbca.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-21]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-09-09]

 

Chrome:

=======

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)

R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-02-21] (Kaspersky Lab ZAO)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2014-09-11] (Emsisoft GmbH)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]

S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-09-11] (Emsisoft GmbH)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)

U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)

R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)

S3 MEMSWEEP2; C:\Windows\system32\4C5D.tmp [6144 2011-05-12] (Sophos Plc) [File not signed]

S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)

S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [29752 2010-08-23] (Resplendence Software Projects Sp.)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SAVRKBootTasks; C:\Windows\SysWOW64\SAVRKBootTasks.sys [18816 2011-05-12] (Sophos Group) [File not signed]

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]

S3 MFE_RR; \??\C:\Users\OPERATOR\AppData\Local\Temp\mfe_rr.sys [X]

S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-10-01 00:15 - 2014-10-01 00:15 - 00008736 _____ () C:\Users\OPERATOR\Downloads\FRST.txt

2014-10-01 00:14 - 2014-10-01 00:15 - 00000000 ____D () C:\FRST

2014-10-01 00:14 - 2014-10-01 00:14 - 02108928 _____ (Farbar) C:\Users\OPERATOR\Downloads\FRST64.exe

2014-09-30 16:39 - 2014-09-30 16:39 - 00000012 _____ () C:\Users\OPERATOR\Desktop\nme.txt

2014-09-30 14:24 - 2014-09-30 15:10 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\pangu

2014-09-30 14:23 - 2014-09-30 14:24 - 35796928 _____ () C:\Users\OPERATOR\Downloads\Pangu_v1.2.1.exe

2014-09-29 16:08 - 2014-09-30 14:16 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Apple Computer

2014-09-29 16:08 - 2014-09-29 16:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-09-29 16:08 - 2014-09-29 16:08 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Apple Computer

2014-09-29 16:08 - 2014-09-29 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Windows\System32\Tasks\Apple

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Apple

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Program Files\iTunes

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Program Files\iPod

2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-09-29 16:07 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2014-09-29 16:06 - 2014-09-29 16:06 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\ProgramData\Apple

2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files\Bonjour

2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

2014-09-29 16:04 - 2014-09-29 16:05 - 112794960 _____ (Apple Inc.) C:\Users\OPERATOR\Downloads\iTunes64Setup.exe

2014-09-29 15:55 - 2014-09-29 15:55 - 41951144 _____ (Curse) C:\Users\OPERATOR\Downloads\CurseClientSetup_c4MB.exe

2014-09-29 15:55 - 2014-09-29 15:55 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Curse

2014-09-28 15:43 - 2011-05-12 16:05 - 00018816 ____N (Sophos Group) C:\Windows\SysWOW64\SAVRKBootTasks.sys

2014-09-28 15:22 - 2011-05-12 16:03 - 00006144 ____N (Sophos Plc) C:\Windows\system32\4C5D.tmp

2014-09-28 15:20 - 2011-05-12 16:03 - 00006144 ____N (Sophos Plc) C:\Windows\system32\531F.tmp

2014-09-28 13:42 - 2014-09-28 13:42 - 01112064 _____ () C:\Users\OPERATOR\Downloads\MicrosoftFixit50409.msi

2014-09-19 15:52 - 2014-09-30 23:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-19 15:52 - 2014-09-19 15:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-09-16 15:47 - 2014-09-16 15:47 - 00001330 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk

2014-09-16 15:47 - 2014-09-16 15:47 - 00000000 ____D () C:\Windows\ShellNew

2014-09-16 15:46 - 2014-09-16 15:46 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC

2014-09-16 15:46 - 2014-09-16 15:46 - 00000000 ____D () C:\Program Files\Windows Journal

2014-09-16 15:46 - 2014-09-16 15:46 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar

2014-09-16 15:42 - 2014-09-16 15:42 - 02372738 _____ () C:\Users\OPERATOR\Downloads\3fcn22ww_64.exe

2014-09-16 15:42 - 2014-09-16 15:42 - 00000000 ____D () C:\bios

2014-09-15 23:27 - 2014-09-15 23:27 - 00167112 _____ (ESET) C:\Users\OPERATOR\Downloads\ESETDorkbotCleaner.exe

2014-09-15 23:27 - 2014-09-15 23:27 - 00004862 _____ () C:\Users\OPERATOR\Downloads\ESETDorkbotCleaner.exe_20140915.212736.2236.log

2014-09-15 23:27 - 2014-09-15 23:27 - 00003902 _____ () C:\Users\OPERATOR\Downloads\ESETSpyEyeCleaner.exe_20140915.212703.1948.log

2014-09-15 23:26 - 2014-09-15 23:26 - 02991832 _____ (ESET) C:\Users\OPERATOR\Downloads\ERARemover_x64(1).exe

2014-09-15 23:26 - 2014-09-15 23:26 - 00164344 _____ (ESET) C:\Users\OPERATOR\Downloads\ESETSpyEyeCleaner.exe

2014-09-15 23:25 - 2014-09-15 23:25 - 00078832 _____ (ESET spol. s r.o.) C:\Users\OPERATOR\Downloads\ESETIRCBotANRCleaner.exe

2014-09-15 23:25 - 2014-09-15 23:25 - 00004952 _____ () C:\Users\OPERATOR\Downloads\ESETSirefefCleaner.exe_20140915.212510.2640.log

2014-09-15 23:25 - 2014-09-15 23:25 - 00004952 _____ () C:\Users\OPERATOR\Downloads\ESETSirefefCleaner.exe_20140915.212500.2964.log

2014-09-15 23:24 - 2014-09-15 23:24 - 00368992 _____ (ESET) C:\Users\OPERATOR\Downloads\ESETSirefefCleaner.exe

2014-09-15 23:19 - 2014-09-30 23:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2014-09-15 23:19 - 2014-09-15 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2014-09-15 23:18 - 2014-09-15 23:18 - 19279408 _____ (SUPERAntiSpyware) C:\Users\OPERATOR\Downloads\SUPERAntiSpyware(1).exe

2014-09-15 21:54 - 2014-09-15 21:54 - 00013247 _____ () C:\Users\OPERATOR\Desktop\Untitled 1.odt

2014-09-15 01:12 - 2014-09-15 01:12 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\OpenOffice

2014-09-15 00:56 - 2014-09-15 00:56 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk

2014-09-15 00:56 - 2014-09-15 00:56 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1

2014-09-15 00:55 - 2014-09-15 00:55 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4

2014-09-15 00:53 - 2014-09-15 00:53 - 00000000 ____D () C:\Users\OPERATOR\Desktop\OpenOffice 4.1.1 (en-US) Installation Files

2014-09-15 00:52 - 2014-09-15 00:53 - 140852175 _____ () C:\Users\OPERATOR\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe

2014-09-11 05:34 - 2014-09-15 23:19 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2014-09-11 04:40 - 2014-09-11 04:40 - 00095480 _____ (Lansweeper) C:\Users\OPERATOR\Downloads\TestConnection.exe

2014-09-11 04:39 - 2014-09-11 04:39 - 00001439 _____ () C:\Users\OPERATOR\Downloads\lansweeper.vbs

2014-09-11 04:26 - 2014-09-30 23:06 - 00002042 _____ () C:\Windows\setupact.log

2014-09-11 04:26 - 2014-09-16 15:45 - 00009086 _____ () C:\Windows\PFRO.log

2014-09-11 04:26 - 2014-09-11 04:26 - 00000000 _____ () C:\Windows\setuperr.log

2014-09-11 03:10 - 2014-09-11 03:10 - 00003936 _____ () C:\Users\OPERATOR\Downloads\wmiexp.xml

2014-09-11 03:10 - 2014-09-11 03:10 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

2014-09-11 03:10 - 2014-09-11 03:10 - 00000000 ____D () C:\Program Files (x86)\IIS Express

2014-09-11 03:09 - 2014-09-11 05:27 - 00000000 ____D () C:\Program Files (x86)\Lansweeper

2014-09-11 03:09 - 2014-09-11 03:09 - 00098304 _____ (Coopware) C:\Users\OPERATOR\Downloads\wmiexp.exe

2014-09-11 03:08 - 2014-09-11 03:09 - 83414472 _____ (Lansweeper.com ) C:\Users\OPERATOR\Downloads\LansweeperSetup.exe

2014-09-11 03:07 - 2014-09-11 03:07 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\OPERATOR\Downloads\hijackhunter_setup.exe

2014-09-11 03:07 - 2014-09-11 03:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Hen_IT

2014-09-11 03:07 - 2014-09-11 03:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Hen IT

2014-09-11 03:07 - 2014-09-11 03:07 - 00000000 ____D () C:\Program Files (x86)\Hen IT

2014-09-11 03:06 - 2014-09-11 03:06 - 04759552 _____ () C:\Users\OPERATOR\Downloads\QuickMon3.23.msi

2014-09-11 02:44 - 2014-09-11 05:30 - 00000000 ____D () C:\ProgramData\Foolish IT

2014-09-11 02:44 - 2014-09-11 02:44 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll

2014-09-11 02:42 - 2014-09-11 02:42 - 00959032 _____ (Foolish IT LLC ) C:\Users\OPERATOR\Downloads\CryptoPreventSetup.exe

2014-09-11 02:35 - 2014-09-11 02:35 - 04454112 _____ () C:\Users\OPERATOR\Downloads\crystal_aep_installer_1_0.exe

2014-09-11 02:18 - 2014-09-11 02:18 - 00372800 _____ (Kaspersky Lab.) C:\Users\OPERATOR\Downloads\klwk.exe

2014-09-11 02:18 - 2014-09-11 02:18 - 00171344 _____ (Kaspersky Lab) C:\Users\OPERATOR\Downloads\kidokiller(1).exe

2014-09-11 02:15 - 2014-09-11 02:15 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\WindowsUpdate

2014-09-11 02:03 - 2014-09-11 02:03 - 01288568 _____ (Microsoft Corporation) C:\Users\OPERATOR\Downloads\WindowsServer2003.WindowsXP-KB958644-x64-ENU.exe

2014-09-11 02:03 - 2014-09-11 02:03 - 00171344 _____ (Kaspersky Lab) C:\Users\OPERATOR\Downloads\kidokiller.exe

2014-09-11 02:01 - 2014-09-11 02:01 - 00702840 _____ (Microsoft Corporation) C:\Users\OPERATOR\Downloads\WindowsServer2003-KB958644-x86-ENU.exe

2014-09-11 01:48 - 2014-09-11 01:49 - 00000227 _____ () C:\Users\OPERATOR\Downloads\mbr.log

2014-09-11 01:44 - 2014-09-11 01:44 - 00089088 _____ () C:\Users\OPERATOR\Downloads\mbr.exe

2014-09-11 01:44 - 2014-09-11 01:44 - 00000000 ____D () C:\Program Files\Reason

2014-09-11 01:33 - 2014-09-11 01:33 - 02454896 _____ (Reason Company Software Inc.) C:\Users\OPERATOR\Downloads\herdProtectScan_Setup.exe

2014-09-11 01:26 - 2014-09-11 02:09 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\WinMHR

2014-09-11 01:26 - 2014-09-11 01:26 - 08756232 _____ (Team Cymru, Inc. ) C:\Users\OPERATOR\Downloads\WinMHR Beta Setup.exe

2014-09-11 01:26 - 2014-09-11 01:26 - 00000923 _____ () C:\Users\OPERATOR\Desktop\WinMHR.lnk

2014-09-11 01:26 - 2014-09-11 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMHR

2014-09-11 01:26 - 2014-09-11 01:26 - 00000000 ____D () C:\Program Files (x86)\WinMHR

2014-09-11 01:18 - 2014-09-28 14:16 - 00000000 ____D () C:\EEK

2014-09-11 01:18 - 2014-09-11 01:18 - 00000743 _____ () C:\Users\OPERATOR\Desktop\Start Emsisoft Emergency Kit.lnk

2014-09-11 01:16 - 2014-09-11 01:17 - 156195952 _____ () C:\Users\OPERATOR\Downloads\EmsisoftEmergencyKit.exe

2014-09-11 01:06 - 2014-09-11 01:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\.clamwin

2014-09-11 01:06 - 2014-09-11 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus

2014-09-11 01:06 - 2014-09-11 01:06 - 00000000 ____D () C:\ProgramData\.clamwin

2014-09-11 01:06 - 2014-09-11 01:06 - 00000000 ____D () C:\Program Files (x86)\ClamWin

2014-09-11 01:04 - 2014-09-11 01:05 - 101262137 _____ (alch ) C:\Users\OPERATOR\Downloads\clamwin-0.98.4.1-setup.exe

2014-09-11 01:04 - 2014-09-11 01:04 - 00737886 _____ (Andrea Russo - Italy ) C:\Users\OPERATOR\Downloads\ClamSentinel1.22.exe

2014-09-11 00:55 - 2014-09-28 15:20 - 00000000 ____D () C:\Program Files (x86)\Belarc

2014-09-11 00:52 - 2014-09-11 00:52 - 03297424 _____ () C:\Users\OPERATOR\Downloads\advisorinstaller.exe

2014-09-11 00:48 - 2014-09-11 00:48 - 00565352 _____ (Nsasoft LLC. ) C:\Users\OPERATOR\Downloads\RegAuditor.exe

2014-09-11 00:41 - 2014-09-11 00:41 - 00000000 ____D () C:\Windows\Minidump\Cezurity

2014-09-11 00:40 - 2014-09-11 00:40 - 01396968 _____ (Cezurity) C:\Users\OPERATOR\Downloads\Cezurity_Antivirus.exe

2014-09-11 00:38 - 2014-09-11 00:38 - 00000000 ____D () C:\ProgramData\Quietzone

2014-09-11 00:36 - 2014-09-11 00:36 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Quietzone

2014-09-11 00:35 - 2014-09-11 00:36 - 00522016 _____ (Returnil and its licensors) C:\Users\OPERATOR\Downloads\RQZ_NI_SETUP.exe

2014-09-11 00:17 - 2014-09-11 00:17 - 00000000 ____D () C:\Users\OPERATOR\SecurityScans

2014-09-11 00:15 - 2014-09-11 00:15 - 01810432 _____ () C:\Users\OPERATOR\Downloads\MBSASetup-x64-EN.msi

2014-09-11 00:10 - 2014-09-11 00:10 - 04493312 _____ () C:\Users\OPERATOR\Downloads\inSSIDer_WiFiHelper_Installer.msi

2014-09-11 00:09 - 2014-09-11 00:09 - 00000000 __SHD () C:\Users\OPERATOR\AppData\Local\icsxml

2014-09-11 00:08 - 2014-09-11 00:08 - 00000037 ___SH () C:\Users\OPERATOR\AppData\Local\69ff07055291669bb2b218.72821112

2014-09-11 00:08 - 2014-09-11 00:08 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\MetaGeek,_LLC

2014-09-11 00:06 - 2014-09-11 00:39 - 00000000 ____D () C:\Program Files (x86)\nProbe-Win32

2014-09-11 00:06 - 2014-09-11 00:07 - 04509696 _____ () C:\Users\OPERATOR\Downloads\inSSIDer4-installer.msi

2014-09-11 00:00 - 2014-09-11 01:29 - 00000000 ____D () C:\Program Files (x86)\SystemTools

2014-09-11 00:00 - 2003-03-19 03:12 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll

2014-09-11 00:00 - 2003-03-19 01:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll

2014-09-10 23:25 - 2014-09-10 23:25 - 01324940 _____ () C:\Users\OPERATOR\Downloads\NetStumblerInstaller_0_4_0.exe

2014-09-10 22:19 - 2014-09-11 04:02 - 00000000 ____D () C:\Users\OPERATOR\Desktop\mbar

2014-09-10 22:13 - 2014-09-11 04:15 - 00002214 _____ () C:\Users\OPERATOR\Desktop\Rkill.txt

2014-09-10 22:10 - 2014-09-10 22:11 - 00000310 _____ () C:\Users\OPERATOR\Downloads\RootkitRemover_20140910_201059.log

2014-09-10 22:02 - 2014-09-10 22:02 - 00004284 _____ () C:\Users\OPERATOR\Downloads\Audiosrv(1).reg

2014-09-10 19:15 - 2014-09-10 19:46 - 00093930 _____ () C:\Windows\system32\config\rules.rdb

2014-09-10 19:14 - 2014-09-10 19:47 - 37300224 _____ () C:\Windows\system32\config\sscan.xas

2014-09-10 19:14 - 2014-09-10 19:30 - 01118208 _____ () C:\Windows\system32\config\sscan.0

2014-09-10 19:12 - 2014-09-10 19:12 - 00000148 _____ () C:\Windows\system32\machine.ini

2014-09-10 19:09 - 2014-09-10 19:11 - 207788256 _____ (Agnitum, Ltd. ) C:\Users\OPERATOR\Downloads\OutpostSecuritySuiteProInstall_x64.exe

2014-09-10 18:41 - 2014-09-10 21:12 - 00000000 ____D () C:\Program Files (x86)\Nagios

2014-09-10 18:41 - 2014-09-10 18:41 - 09934771 _____ () C:\Users\OPERATOR\Downloads\ncpa-1.7.2.exe

2014-09-10 18:18 - 2014-09-10 18:18 - 02723908 _____ () C:\Users\OPERATOR\Downloads\ipscan-3.3.1-setup.exe

2014-09-10 18:18 - 2014-09-10 18:18 - 01990013 _____ () C:\Users\OPERATOR\Downloads\ipscan-win64-3.3.1.exe

2014-09-10 18:18 - 2014-09-10 18:18 - 00000000 ____D () C:\Users\OPERATOR\.swt

2014-09-10 18:15 - 2014-09-10 18:15 - 00005632 _____ () C:\Users\OPERATOR\Downloads\noshare.exe

2014-09-10 18:14 - 2014-09-10 18:14 - 00117312 _____ (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\securable.exe

2014-09-10 18:13 - 2014-09-10 18:13 - 00013824 _____ () C:\Users\OPERATOR\Downloads\id.exe

2014-09-10 18:09 - 2014-09-10 18:09 - 00029696 _____ (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\DCOMbob.exe

2014-09-10 18:08 - 2014-09-10 18:08 - 00025600 ____R (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\leaktest.exe

2014-09-10 18:07 - 2014-09-10 18:07 - 00022528 _____ (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\unpnp.exe

2014-09-10 17:58 - 2014-09-10 18:03 - 00000000 ____D () C:\Users\OPERATOR\.zenmap

2014-09-10 17:57 - 2014-09-10 21:12 - 00000000 ____D () C:\Program Files (x86)\Nmap

2014-09-10 17:57 - 2014-09-10 17:57 - 27111830 _____ (Insecure.org) C:\Users\OPERATOR\Downloads\nmap-6.47-setup.exe

2014-09-10 17:51 - 2014-09-10 17:51 - 08734520 _____ (Microsoft Corporation) C:\Users\OPERATOR\Downloads\NM34_ia64.exe

2014-09-10 17:10 - 2014-09-10 17:10 - 00000000 ____D () C:\Users\OPERATOR\Documents\SweetScape

2014-09-10 17:10 - 2014-09-10 17:10 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\SweetScape

2014-09-10 17:09 - 2014-09-10 17:09 - 13446424 _____ (SweetScape Software ) C:\Users\OPERATOR\Downloads\010EditorWin32Installer502.exe

2014-09-10 16:38 - 2014-09-10 16:38 - 00000017 _____ () C:\Users\OPERATOR\AppData\Local\resmon.resmoncfg

2014-09-10 15:06 - 2014-09-28 22:03 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1

2014-09-10 15:06 - 2014-09-10 15:06 - 02082630 _____ (J.C. Kessels ) C:\Users\OPERATOR\Downloads\MyDefrag-v4.3.1.exe

2014-09-10 15:06 - 2014-09-10 15:06 - 00000863 _____ () C:\Users\Public\Desktop\MyDefrag.lnk

2014-09-10 15:06 - 2014-09-10 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1

2014-09-10 15:04 - 2014-09-10 15:05 - 13213240 _____ (IObit ) C:\Users\OPERATOR\Downloads\smart-defrag-setup.exe.part

2014-09-10 14:35 - 2014-09-10 14:35 - 00000000 ____D () C:\ProgramData\Western Digital

2014-09-10 13:35 - 2014-09-26 16:30 - 00063568 _____ () C:\Users\OPERATOR\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-10 13:31 - 2014-09-10 13:31 - 04901352 _____ (Piriform Ltd) C:\Users\OPERATOR\Downloads\ccsetup417.exe

2014-09-10 13:31 - 2014-09-10 13:31 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2014-09-10 13:31 - 2014-09-10 13:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-09-10 13:31 - 2014-09-10 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-09-10 13:31 - 2014-09-10 13:31 - 00000000 ____D () C:\Program Files\CCleaner

2014-09-10 12:54 - 2014-09-10 12:55 - 00000000 ____D () C:\HiJack This

2014-09-10 12:52 - 2014-09-10 12:52 - 00019091 _____ () C:\Users\OPERATOR\Desktop\dds.txt

2014-09-10 12:52 - 2014-09-10 12:52 - 00002749 _____ () C:\Users\OPERATOR\Desktop\attach.txt

2014-09-10 12:51 - 2014-09-10 12:51 - 00688992 ____R (Swearware) C:\Users\OPERATOR\Downloads\dds.com

2014-09-10 12:48 - 2014-09-10 12:48 - 00001841 _____ () C:\Users\OPERATOR\Downloads\sg_backup_2014-09-10-1048.spg

2014-09-10 12:48 - 2014-09-10 12:48 - 00001841 _____ () C:\Users\OPERATOR\Downloads\FirstBackup.spg

2014-09-10 12:46 - 2014-09-10 12:46 - 00659456 _____ (Speed Guide Inc.) C:\Users\OPERATOR\Downloads\TCPOptimizer.exe

2014-09-10 12:18 - 2014-09-10 12:18 - 00854417 _____ () C:\Users\OPERATOR\Downloads\SecurityCheck.exe

2014-09-10 12:17 - 2014-09-10 12:17 - 00400632 _____ (Bleeping Computer, LLC) C:\Users\OPERATOR\Downloads\ListCWall(1).exe

2014-09-10 12:13 - 2014-09-10 12:13 - 11424456 _____ (Bitdefender LLC) C:\Users\OPERATOR\Downloads\BootkitRemoval_x64.exe

2014-09-10 12:12 - 2014-09-10 12:12 - 00783120 _____ (McAfee, Inc.) C:\Users\OPERATOR\Downloads\rootkitremover.exe

2014-09-10 12:12 - 2014-09-10 12:12 - 00000310 _____ () C:\Users\OPERATOR\Downloads\RootkitRemover_20140910_101228.log

2014-09-10 12:04 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-09-10 12:04 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-09-10 12:04 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-09-10 12:04 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-09-10 12:04 - 2011-04-27 22:55 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

2014-09-10 12:04 - 2011-04-27 22:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS

2014-09-10 11:53 - 2014-09-10 11:53 - 00000000 ____D () C:\ProgramData\Intel

2014-09-10 03:37 - 2014-09-10 03:37 - 09950232 _____ (Trend Micro Inc.) C:\Users\OPERATOR\Downloads\RootkitBusterV5.0-1129.exe

2014-09-10 03:04 - 2014-09-10 03:04 - 00945272 _____ (Prevx) C:\Users\OPERATOR\Downloads\prevxcsifree.exe

2014-09-10 02:57 - 2014-09-10 02:57 - 00064912 _____ (ESET spol. s r.o.) C:\Users\OPERATOR\Downloads\ESETDaonolCleaner.exe

2014-09-10 02:51 - 2014-09-10 02:52 - 02991832 _____ (ESET) C:\Users\OPERATOR\Downloads\ERARemover_x64.exe

2014-09-10 02:41 - 2010-08-23 19:07 - 00029752 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspSanity64.sys

2014-09-10 02:40 - 2014-09-10 02:40 - 00777872 _____ (Resplendence Software Projects Sp. ) C:\Users\OPERATOR\Downloads\hookanlz.exe

2014-09-10 02:22 - 2014-09-10 02:24 - 154949200 _____ () C:\Users\OPERATOR\Downloads\9kvwprn6.exe

2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Notepad++

2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\Program Files (x86)\Notepad++

2014-09-10 01:48 - 2014-09-10 01:49 - 07945210 _____ () C:\Users\OPERATOR\Downloads\npp.6.6.9.Installer.exe

2014-09-10 01:16 - 2014-09-10 01:16 - 00004284 _____ () C:\Users\OPERATOR\Downloads\Audiosrv.reg

2014-09-10 00:28 - 2014-09-10 00:28 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM

2014-09-10 00:28 - 2014-09-10 00:28 - 00000000 ____D () C:\Program Files\Realtek

2014-09-10 00:27 - 2014-04-10 14:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll

2014-09-10 00:27 - 2009-11-24 11:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll

2014-09-10 00:27 - 2009-11-24 11:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll

2014-09-10 00:27 - 2009-11-24 11:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll

2014-09-10 00:27 - 2009-11-24 11:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll

2014-09-10 00:26 - 2014-05-14 20:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2014-09-10 00:26 - 2014-05-14 18:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT

2014-09-10 00:26 - 2014-05-09 13:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll

2014-09-10 00:26 - 2014-04-30 13:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll

2014-09-10 00:26 - 2014-04-28 17:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll

2014-09-10 00:26 - 2014-04-25 15:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2014-09-10 00:26 - 2014-04-25 15:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2014-09-10 00:26 - 2014-03-06 18:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2014-09-10 00:26 - 2014-01-28 13:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2014-09-10 00:26 - 2011-12-20 17:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2014-09-10 00:26 - 2011-11-22 18:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll

2014-09-10 00:26 - 2010-11-08 09:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2014-09-10 00:26 - 2010-11-08 09:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2014-09-10 00:26 - 2010-11-08 09:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2014-09-10 00:26 - 2010-11-08 09:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2014-09-10 00:26 - 2010-11-08 09:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2014-09-10 00:26 - 2010-11-08 09:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2014-09-10 00:26 - 2010-11-03 20:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2014-09-10 00:25 - 2014-04-10 14:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll

2014-09-10 00:25 - 2014-04-10 14:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll

2014-09-10 00:25 - 2010-09-27 11:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll

2014-09-10 00:24 - 2014-02-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2014-09-10 00:24 - 2013-10-16 05:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2014-09-10 00:24 - 2013-10-11 14:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2014-09-10 00:24 - 2012-03-08 13:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2014-09-09 23:43 - 2014-09-09 23:43 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-09-09 23:39 - 2014-09-09 23:40 - 231686082 _____ (Realtek Semiconductor Corp.) C:\Users\OPERATOR\Downloads\Win7_Win8_Win81_R275.exe

2014-09-09 23:35 - 2014-09-10 00:28 - 00000000 ___HD () C:\Program Files (x86)\Temp

2014-09-09 23:35 - 2014-09-09 23:35 - 50331681 _____ () C:\Users\OPERATOR\Downloads\MEI_Win8_8.1.10.1286_PV.exe

2014-09-09 23:35 - 2014-02-26 17:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll

2014-09-09 23:34 - 2014-09-09 23:34 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\OPERATOR\Downloads\64bit_Win7_Win8_Win81_R275(1).exe

2014-09-09 23:30 - 2014-09-10 00:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-09-09 23:30 - 2014-09-09 23:30 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\InstallShield

2014-09-09 23:29 - 2014-09-09 23:29 - 06976080 _____ (Macrovision Corporation) C:\Users\OPERATOR\Downloads\iata_enu.exe

2014-09-09 23:11 - 2014-09-09 23:11 - 08737656 _____ (Smith Micro Software, Inc.) C:\Users\OPERATOR\Downloads\StuffItExpanderx64_1507_2518a.exe

2014-09-09 22:56 - 2014-09-09 23:18 - 00000000 ____D () C:\Users\OPERATOR\.idlerc

2014-09-09 22:43 - 2014-09-09 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7

2014-09-09 22:42 - 2014-09-09 22:43 - 00000000 ____D () C:\Python27

2014-09-09 22:42 - 2014-09-09 22:42 - 16703488 _____ () C:\Users\OPERATOR\Downloads\python-2.7.8.msi

2014-09-09 22:02 - 2014-09-09 22:02 - 00000000 ____D () C:\ProgramData\ATI

2014-09-09 21:59 - 2014-09-09 21:59 - 00062276 _____ () C:\Windows\SysWOW64\CCCInstall_201409091959309517.log

2014-09-09 21:59 - 2014-09-09 21:59 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2014-09-09 21:58 - 2014-09-09 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-09-09 21:50 - 2014-09-09 21:50 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2014-09-09 21:48 - 2014-09-09 21:48 - 00000000 ____D () C:\Program Files\ATI

2014-09-09 21:47 - 2014-09-09 21:58 - 00000000 ____D () C:\Program Files\ATI Technologies

2014-09-09 21:46 - 2014-09-09 21:46 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Apps\2.0

2014-09-09 21:38 - 2014-09-09 21:26 - 00291606 _____ () C:\Users\OPERATOR\Desktop\TCPView-1.zip

2014-09-09 21:37 - 2014-09-11 04:33 - 00000000 ____D () C:\Windows\pss

2014-09-09 21:33 - 2014-09-09 21:34 - 320743024 _____ (AMD Inc.) C:\Users\OPERATOR\Downloads\amd-catalyst-14.7-rc3-windows-aug12.exe

2014-09-09 21:33 - 2014-09-09 21:33 - 00055240 _____ () C:\Windows\SysWOW64\CCCInstall_201409091933202786.log

2014-09-09 21:27 - 2014-09-09 21:27 - 00891224 _____ (AMD) C:\Users\OPERATOR\Downloads\amddriverdownloader(2).exe

2014-09-09 20:28 - 2014-09-09 20:28 - 00000000 ____D () C:\ProgramData\Sun

2014-09-09 20:28 - 2014-09-09 20:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-09-09 20:27 - 2014-09-09 20:27 - 00918952 _____ (Oracle Corporation) C:\Users\OPERATOR\Downloads\jxpiinstall.exe

2014-09-09 20:27 - 2014-09-09 20:27 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-09-09 20:27 - 2014-09-09 20:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-09-09 20:27 - 2014-09-09 20:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-09-09 20:27 - 2014-09-09 20:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-09-09 20:27 - 2014-09-09 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-09-09 20:27 - 2014-09-09 20:27 - 00000000 ____D () C:\Program Files (x86)\Java

2014-09-09 20:26 - 2014-09-09 20:26 - 00001124 _____ () C:\Users\Public\Desktop\Aggiorna ESET license.lnk

2014-09-09 20:26 - 2014-09-09 20:26 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-09-09 20:24 - 2014-09-09 20:24 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\ESET

2014-09-09 20:19 - 2014-09-10 02:53 - 00000000 ____D () C:\ProgramData\ESET

2014-09-09 20:19 - 2014-09-09 20:19 - 00000000 ____D () C:\ProgramData\SeriousBit

2014-09-09 20:19 - 2014-09-09 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

2014-09-09 20:19 - 2014-09-09 20:19 - 00000000 ____D () C:\Program Files\ESET

2014-09-09 20:18 - 2014-09-09 20:18 - 05093168 _____ (SeriousBit ) C:\Users\OPERATOR\Downloads\NetBalancerSetup.exe

2014-09-09 20:18 - 2013-11-25 12:28 - 00041392 _____ (SeriousBit) C:\Windows\system32\Drivers\nbdrv.sys

2014-09-09 20:11 - 2014-09-09 20:11 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\WinRAR

2014-09-09 20:11 - 2014-09-09 20:11 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-09-09 20:11 - 2014-09-09 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-09-09 20:10 - 2014-09-09 20:11 - 00000000 ____D () C:\Program Files\WinRAR

2014-09-09 20:10 - 2014-09-09 20:10 - 01922688 _____ () C:\Users\OPERATOR\Downloads\winrar-x64-511.exe

2014-09-09 20:09 - 2014-09-09 20:11 - 95059299 _____ () C:\Users\OPERATOR\Downloads\sHaRewbb_eavnt7317w64n.rar

2014-09-09 19:41 - 2014-09-09 19:41 - 00985600 _____ () C:\Users\OPERATOR\Downloads\MicrosoftFixit50123.msi

2014-09-09 18:32 - 2014-09-09 18:33 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-09 18:31 - 2014-08-16 00:56 - 12289024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 09055232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 02466816 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00495616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-09-09 18:31 - 2014-08-16 00:56 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-09-09 18:31 - 2014-08-16 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-09-09 18:31 - 2014-08-16 00:55 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-09-09 18:31 - 2014-08-16 00:55 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-09-09 18:31 - 2014-08-16 00:36 - 06025728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-09-09 18:31 - 2014-08-16 00:36 - 01266176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-09-09 18:31 - 2014-08-16 00:36 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-09-09 18:31 - 2014-08-16 00:36 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-09-09 18:31 - 2014-08-16 00:36 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-09-09 18:31 - 2014-08-16 00:36 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-09-09 18:31 - 2014-08-16 00:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 11019264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 02086400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-09-09 18:31 - 2014-08-16 00:35 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-09-09 18:31 - 2014-08-16 00:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-09-09 18:31 - 2014-08-16 00:35 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-09-09 18:31 - 2014-08-16 00:35 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-09-09 18:31 - 2014-08-16 00:05 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-09-09 18:31 - 2014-08-15 23:48 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-09-09 18:29 - 2013-01-13 16:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 16:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-09-09 18:29 - 2013-01-13 15:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-09-09 18:29 - 2013-01-13 15:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-09-09 18:29 - 2013-01-13 15:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-09-09 18:29 - 2013-01-13 15:08 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-09-09 18:29 - 2013-01-13 15:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-09-09 18:29 - 2013-01-13 14:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-09-09 18:29 - 2013-01-13 14:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-09-09 18:29 - 2013-01-13 14:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-09-09 18:29 - 2013-01-13 14:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-09-09 18:29 - 2013-01-13 14:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-09-09 18:29 - 2013-01-13 14:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-09-09 18:29 - 2013-01-13 14:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-09-09 18:29 - 2013-01-13 14:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-09-09 18:29 - 2013-01-13 14:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-09-09 18:29 - 2013-01-13 14:38 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-09-09 18:29 - 2013-01-13 14:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-09-09 18:29 - 2013-01-13 14:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-09-09 18:29 - 2013-01-13 14:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-09-09 18:29 - 2013-01-13 14:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-09-09 18:29 - 2013-01-13 14:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-09-09 18:29 - 2013-01-13 14:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-09-09 18:29 - 2013-01-13 14:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-09-09 18:29 - 2013-01-13 14:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-09-09 18:29 - 2013-01-13 14:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-09-09 18:29 - 2013-01-13 13:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-09-09 18:29 - 2013-01-13 13:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-09-09 18:29 - 2013-01-13 13:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-09-09 18:29 - 2013-01-13 12:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-09-09 18:29 - 2013-01-13 12:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-09-09 18:29 - 2013-01-04 01:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-09-09 18:29 - 2013-01-04 01:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-09-09 18:29 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2014-09-09 18:29 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2014-09-09 18:29 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2014-09-09 18:21 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-09-09 18:21 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-09-09 18:21 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-09-09 18:21 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-09-09 18:21 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-09-09 18:21 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-09-09 18:20 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-09-09 18:20 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-09-09 18:19 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-09-09 18:19 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-09-09 18:19 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-09-09 18:19 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-09-09 18:19 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-09-09 18:19 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-09-09 18:19 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-09-09 18:19 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-09-09 18:19 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-09-09 18:19 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-09-09 18:19 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-09-09 18:19 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-09-09 18:19 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-09-09 18:19 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-09-09 18:19 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-09-09 18:19 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-09-09 18:19 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-09-09 18:19 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-09-09 18:19 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-09-09 18:19 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-09-09 18:19 - 2013-08-01 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-09-09 18:19 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-09-09 18:19 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-09-09 18:19 - 2013-08-01 20:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-09-09 18:19 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-09-09 18:19 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-09-09 18:18 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-09-09 18:18 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-09-09 18:18 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-09-09 18:18 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-09-09 18:18 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-09-09 18:18 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-09-09 18:18 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-09-09 18:18 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-09-09 18:18 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-09-09 18:18 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-09-09 18:18 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-09-09 18:18 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-09-09 18:18 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-09-09 18:18 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-09-09 18:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C

Edited by Juliet
Link to comment
Share on other sites

Greetings Juliet, it has been too long since we last interacted, I hope all is well.

 

They all found nothing worthwile to note here, leading me to believe my PC is hooked up as Workstation so it is accessable via Remote Connection or proxy ports.

 

Also, I have never downloaded, installed, or signed up for anything nor given consent to install an application called CryptoPrevent. I'm clueless as to what it is as well.

 

How can I proceed further to make my computer run safely and efficiently without having to worry my information is being leaked?

 

Did logs show anything?

 

Thank you for your time,

 

Tom

Link to comment
Share on other sites

Hi Tom

reason I asked about Crypto is
2014-09-11 02:42 - 2014-09-11 02:42 - 00959032 _____ (Foolish IT LLC ) C:\Users\OPERATOR\Downloads\CryptoPreventSetup.exe
CryptoPrevent is a tiny utility to lock down any Windows OS to prevent infection by the Cryptolocker malware or 'ransomware', which encrypts personal files.

Odd that I'm not seeing any services that are associated with it.

 

my PC is hooked up as Workstation so it is accessable via Remote Connection or proxy ports.

 

Disable any remote access.

 

Whats your computer doing?

Link to comment
Share on other sites

Hello Juliet:

 

My laptop has been with me for over 4 years, so I guess wear /// tear plus time have done their jobs... It just seems a bit slow at certain points and using too many resources at random times causing laptop to shut-down [overheating].

 

I wanted to find out if there was any malware hiding which would make it run slower or whatever could be hijacking all my CPU Usage / Memory.

Link to comment
Share on other sites

There were no signs of malware present.

We can run an online scan with Eset?

 

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.

Most reliable and thorough.

The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.

This scanner can take quite a bit of time to run, depending of course how full your computer is.

 

 

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note:

    For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan.
~~~~~~~~~~~~~~~~

Keep startups at a minimum. Only allow programs to update that are really needed.

 

Sometimes programs update, especially antivirus and malware tools eat up a few resources when they run.

If something is bogging you down try to open task manager to see if you can find what it is?

 

I had to buy a cooling tray for my laptop to help with over heating because it's showing age too.

Link to comment
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...