Quantcast
Channel: Tech Support Forum - Virus/Trojan/Spyware Help
Viewing all articles
Browse latest Browse all 2798

cmd.exe on the fritz still even after minimized img system restore

$
0
0
cmd.exe will not stay open when I try to run programs, this is with elevated privileges and without either way no luck. I suspect a backdoor is on the computer because this is a newly installed os. anyone???? The command prompt flashes on the screen then closes whenever i try to run an application. If I open a cmd.exe window it will stay open but doesnt recognize the commands I type in. ????????:banghead:

dds.txt is below



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840
Run by at 0:26:36 on 2015-09-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7659.4611 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\prevhost.exe
C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
C:\Windows\system32\SearchFilterHost.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
uRun: [GoogleChromeAutoLaunch_8444C81AF347914E6C73A77AA14C32B9] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
StartupFolder: C:\Users\Brooke\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0A114AE5-11F7-43F1-9E6A-A5FFC53AD917} : DHCPNameServer = 192.168.2.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-3-4 78976]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-3-4 38528]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2015-9-24 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-2 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-9-24 2774104]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-1-26 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2015-9-24 2375168]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2015-3-4 124568]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-18 87168]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2015-9-24 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-18 188544]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2015-9-24 266240]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2015-9-24 337512]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-9-24 428136]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2015-9-24 1142376]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2015-9-24 47232]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-9-25 114688]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-9-25 1255736]
.
=============== Created Last 30 ================
.
2015-09-26 04:24:00 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3CD29F4-423B-41C2-9E02-AA92B9CAF33F}\offreg.964.dll
2015-09-26 04:18:35 -------- d-----w- C:\Windows\System32\MRT
2015-09-26 00:48:34 -------- d-----w- C:\Windows\Migration
2015-09-26 00:48:33 -------- d-s---w- C:\Windows\System32\CompatTel
2015-09-26 00:48:33 -------- d-----w- C:\Windows\System32\appraiser
2015-09-26 00:47:51 -------- d-----w- C:\Windows\SysWow64\Wat
2015-09-26 00:47:51 -------- d-----w- C:\Windows\System32\Wat
2015-09-25 23:30:11 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-09-25 23:30:11 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-09-25 22:56:12 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-25 21:22:04 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2015-09-25 19:43:26 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2015-09-25 19:43:26 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2015-09-25 19:43:25 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2015-09-25 19:43:25 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2015-09-25 19:43:24 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2015-09-25 19:43:23 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2015-09-25 19:43:23 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2015-09-25 19:08:15 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2015-09-25 19:08:14 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2015-09-25 19:08:14 5120 ----a-w- C:\Windows\System32\wmi.dll
2015-09-25 18:44:03 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2015-09-25 18:44:03 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2015-09-25 18:44:02 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2015-09-25 18:44:02 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2015-09-25 18:44:00 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2015-09-25 18:44:00 8856 ----a-w- C:\Windows\System32\icardres.dll
2015-09-25 18:43:26 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2015-09-25 18:43:26 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2015-09-25 03:03:22 -------- d-----w- C:\Users\Brooke\AppData\Roaming\ControlCenter4
2015-09-25 02:58:44 -------- d-----r- C:\Users\Brooke\ODBA
2015-09-24 22:42:06 -------- d-----w- C:\Brother
2015-09-24 22:39:04 -------- d-----w- C:\ProgramData\Brother
2015-09-24 22:26:19 -------- d-----w- C:\Users\Brooke\AppData\Local\ElevatedDiagnostics
2015-09-24 17:33:55 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-09-24 17:33:55 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-09-24 17:33:55 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-09-24 17:33:54 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-09-24 17:26:39 328704 ----a-w- C:\Windows\System32\services.exe
2015-09-24 17:25:50 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2015-09-24 17:24:21 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-09-24 17:24:21 364544 ----a-w- C:\Windows\SysWow64\tracerpt.exe
2015-09-24 17:24:21 113664 ----a-w- C:\Windows\System32\sechost.dll
2015-09-24 17:24:21 104448 ----a-w- C:\Windows\System32\logman.exe
2015-09-24 17:24:20 92160 ----a-w- C:\Windows\SysWow64\sechost.dll
2015-09-24 17:24:20 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2015-09-24 17:24:20 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-09-24 17:24:19 43008 ----a-w- C:\Windows\System32\relog.exe
2015-09-24 17:24:19 40448 ----a-w- C:\Windows\SysWow64\typeperf.exe
2015-09-24 17:24:19 37888 ----a-w- C:\Windows\SysWow64\relog.exe
2015-09-24 17:24:18 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-09-24 17:24:18 17408 ----a-w- C:\Windows\SysWow64\diskperf.exe
2015-09-24 17:22:57 1743360 ----a-w- C:\Windows\System32\sysmain.dll
2015-09-24 17:22:56 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2015-09-24 17:22:53 2560 ----a-w- C:\Windows\System32\drivers\en-US\mountmgr.sys.mui
2015-09-24 17:22:53 11264 ----a-w- C:\Windows\System32\msmmsp.dll
2015-09-24 17:20:24 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2015-09-24 17:20:23 395776 ----a-w- C:\Windows\System32\webio.dll
2015-09-24 17:20:19 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2015-09-24 17:20:18 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2015-09-24 17:20:12 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2015-09-24 17:20:11 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2015-09-24 17:19:53 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2015-09-24 17:19:53 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2015-09-24 17:19:53 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2015-09-24 17:19:49 185344 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2015-09-24 17:19:48 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2015-09-24 17:19:46 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-24 17:18:17 241152 ----a-w- C:\Windows\System32\pku2u.dll
2015-09-24 17:18:17 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2015-09-24 17:16:59 265216 ----a-w- C:\Windows\SysWow64\msnetobj.dll
2015-09-24 17:15:13 683520 ----a-w- C:\Windows\System32\termsrv.dll
2015-09-24 17:14:39 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-09-24 17:12:38 478208 ----a-w- C:\Windows\System32\dpnet.dll
2015-09-24 17:12:38 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2015-09-24 17:12:35 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2015-09-24 17:12:35 156312 ----a-w- C:\Windows\System32\mscorier.dll
2015-09-24 17:12:34 1943696 ----a-w- C:\Windows\System32\dfshim.dll
2015-09-24 17:12:34 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2015-09-24 17:12:33 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2015-09-24 17:12:33 73880 ----a-w- C:\Windows\System32\mscories.dll
2015-09-24 17:12:16 142336 ----a-w- C:\Windows\System32\poqexec.exe
2015-09-24 17:12:16 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2015-09-24 17:12:01 404992 ----a-w- C:\Windows\System32\gdi32.dll
2015-09-24 17:12:01 312320 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-09-24 17:11:16 52736 ----a-w- C:\Windows\System32\basesrv.dll
2015-09-24 17:10:27 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2015-09-24 17:10:27 2048 ----a-w- C:\Windows\System32\tzres.dll
2015-09-24 17:08:42 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2015-09-24 17:06:20 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2015-09-24 17:06:20 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2015-09-24 17:06:18 828928 ----a-w- C:\Windows\SysWow64\msctf.dll
2015-09-24 17:06:18 1067520 ----a-w- C:\Windows\System32\msctf.dll
2015-09-24 17:06:07 515584 ----a-w- C:\Windows\System32\timedate.cpl
2015-09-24 17:06:06 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2015-09-24 17:06:03 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2015-09-24 17:06:03 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2015-09-24 17:06:03 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2015-09-24 17:04:45 3242496 ----a-w- C:\Windows\System32\msi.dll
2015-09-24 17:03:53 70656 ----a-w- C:\Windows\System32\appinfo.dll
2015-09-24 17:02:53 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2015-09-24 17:01:33 722944 ----a-w- C:\Windows\System32\objsel.dll
2015-09-24 17:00:52 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2015-09-24 16:59:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-09-24 16:59:40 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2015-09-24 16:59:38 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2015-09-24 16:59:33 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2015-09-24 16:59:33 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2015-09-24 16:59:33 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2015-09-24 16:59:33 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2015-09-24 16:59:33 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2015-09-24 16:59:10 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2015-09-24 16:59:10 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2015-09-24 16:59:10 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2015-09-24 16:58:32 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2015-09-24 16:58:32 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2015-09-24 16:58:31 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2015-09-24 16:58:30 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2015-09-24 16:58:30 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2015-09-24 16:58:29 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2015-09-24 16:58:29 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2015-09-24 16:58:22 20352 ----a-w- C:\Windows\System32\kdusb.dll
2015-09-24 16:58:22 19328 ----a-w- C:\Windows\System32\kd1394.dll
2015-09-24 16:58:22 17792 ----a-w- C:\Windows\System32\kdcom.dll
2015-09-24 16:58:00 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2015-09-24 16:58:00 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2015-09-24 16:57:24 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2015-09-24 16:57:24 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2015-09-24 16:57:24 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2015-09-24 16:57:24 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2015-09-24 16:57:24 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2015-09-24 16:56:17 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-09-24 16:56:17 342016 ----a-w- C:\Windows\System32\apphelp.dll
2015-09-24 16:56:17 295936 ----a-w- C:\Windows\SysWow64\apphelp.dll
2015-09-24 16:56:16 6656 ----a-w- C:\Windows\System32\shimeng.dll
2015-09-24 16:56:16 5120 ----a-w- C:\Windows\SysWow64\shimeng.dll
2015-09-24 16:56:16 23552 ----a-w- C:\Windows\System32\sdbinst.exe
2015-09-24 16:56:16 20992 ----a-w- C:\Windows\SysWow64\sdbinst.exe
2015-09-24 16:56:03 77824 ----a-w- C:\Windows\System32\packager.dll
2015-09-24 16:56:03 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2015-09-24 16:54:11 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2015-09-24 16:54:11 31232 ----a-w- C:\Windows\System32\prevhost.exe
2015-09-24 16:54:10 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2015-09-24 16:54:07 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2015-09-24 16:54:05 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2015-09-24 16:54:05 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2015-09-24 16:54:04 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2015-09-24 16:54:04 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2015-09-24 16:54:02 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2015-09-24 16:54:01 406528 ----a-w- C:\Windows\System32\scesrv.dll
2015-09-24 16:54:00 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2015-09-24 16:53:56 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2015-09-24 16:53:56 1192448 ----a-w- C:\Windows\System32\certutil.exe
2015-09-24 16:53:55 52224 ----a-w- C:\Windows\System32\certenc.dll
2015-09-24 16:53:54 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2015-09-24 16:53:33 202752 ----a-w- C:\Windows\System32\scrrun.dll
2015-09-24 16:53:33 168960 ----a-w- C:\Windows\System32\wscript.exe
2015-09-24 16:53:33 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2015-09-24 16:53:33 156160 ----a-w- C:\Windows\System32\cscript.exe
2015-09-24 16:53:33 150016 ----a-w- C:\Windows\System32\wshom.ocx
2015-09-24 16:53:33 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2015-09-24 16:53:33 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2015-09-24 16:53:33 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2015-09-24 16:52:48 956928 ----a-w- C:\Windows\System32\localspl.dll
2015-09-24 16:52:43 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2015-09-24 16:52:40 331776 ----a-w- C:\Windows\System32\oleacc.dll
2015-09-24 16:52:40 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2015-09-24 16:52:35 723456 ----a-w- C:\Windows\System32\EncDec.dll
2015-09-24 16:52:35 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2015-09-24 16:52:34 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2015-09-24 16:52:34 367552 ----a-w- C:\Windows\System32\clfs.sys
2015-09-24 16:52:33 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
2015-09-24 16:47:02 3209216 ----a-w- C:\Windows\System32\win32k.sys
2015-09-24 16:47:01 372736 ----a-w- C:\Windows\System32\atmfd.dll
2015-09-24 16:47:00 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-09-24 16:47:00 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-09-24 16:47:00 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-09-24 16:47:00 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-09-24 16:47:00 299520 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-09-24 16:47:00 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-09-24 16:47:00 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-09-24 16:47:00 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-09-24 16:47:00 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-09-24 16:40:47 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2015-09-24 16:40:47 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2015-09-24 16:40:47 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2015-09-24 16:40:46 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2015-09-24 16:40:46 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2015-09-24 16:40:30 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2015-09-24 05:57:18 -------- d-----w- C:\Windows\ehome
2015-09-24 05:24:15 -------- d-----w- C:\Program Files (x86)\Common Files\Telespree
2015-09-24 05:23:56 -------- d-----w- C:\Program Files (x86)\HP SimplePass 2011
2015-09-24 05:23:50 -------- d-----w- C:\ProgramData\Downloaded Installations
2015-09-24 05:23:50 -------- d-----w- C:\Program Files\Common Files\AuthenTec
2015-09-24 05:23:50 -------- d-----w- C:\Program Files (x86)\Common Files\AuthenTec
2015-09-24 05:19:43 -------- d-----w- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2015-09-24 05:19:30 -------- d-----w- C:\Program Files (x86)\AMD
2015-09-24 05:18:37 0 ----a-w- C:\Windows\ativpsrm.bin
2015-09-24 05:17:55 -------- d-----w- C:\Windows\Hewlett-Packard
2015-09-24 05:17:10 -------- d-----w- C:\Program Files (x86)\Cisco
2015-09-24 05:16:45 1142376 ----a-w- C:\Windows\System32\drivers\rtl8192ce.sys
2015-09-24 05:16:44 451072 ----a-w- C:\Windows\SysWow64\ISSRemoveSP.exe
2015-09-24 05:16:24 -------- d-----w- C:\Windows\Driver Cache
2015-09-24 05:16:23 -------- d-----w- C:\Program Files (x86)\HP
2015-09-24 05:15:39 -------- d-----w- C:\Program Files\Validity Sensors
2015-09-24 05:15:31 -------- d-----w- C:\Windows\SysWow64\sda
2015-09-24 05:15:24 9888360 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll
2015-09-24 05:15:24 337512 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys
2015-09-24 05:14:36 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2015-09-24 05:14:36 428136 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2015-09-24 05:14:36 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2015-09-24 05:14:33 -------- d-----w- C:\Program Files (x86)\Realtek
2015-09-24 05:14:22 -------- d-----w- C:\Program Files\Synaptics
2015-09-24 05:09:50 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CEFBEE4A-420D-48A3-B768-6CC6FC7888C7}\gapaengine.dll
2015-09-24 05:09:41 11062400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3CD29F4-423B-41C2-9E02-AA92B9CAF33F}\mpengine.dll
2015-09-24 05:06:44 -------- d-----w- C:\Program Files (x86)\AMD APP
2015-09-24 05:06:42 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2015-09-24 05:06:42 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2015-09-24 05:06:00 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2015-09-24 05:06:00 -------- d-----w- C:\ProgramData\AMD
2015-09-24 05:05:59 -------- d-----w- C:\Program Files\ATI Technologies
2015-09-24 05:05:53 47232 ----a-w- C:\Windows\System32\drivers\usbfilter.sys
2015-09-24 05:05:26 -------- d-----w- C:\Program Files\ATI
2015-09-24 05:05:24 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2015-09-24 05:05:19 -------- d-sh--w- C:\Windows\Installer
2015-09-24 04:33:46 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2015-09-24 04:33:44 -------- d-----w- C:\Program Files\Microsoft Security Client
2015-09-24 03:59:06 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2015-09-24 03:59:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2015-09-24 03:59:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2015-09-24 03:09:02 -------- d-----w- C:\Users\Brooke\AppData\Local\Google
2015-09-24 03:08:47 -------- d-----w- C:\Users\Brooke\AppData\Local\Apps
2015-09-24 03:08:46 -------- d-----w- C:\Users\Brooke\AppData\Local\Deployment
2015-09-24 02:38:51 -------- d-----w- C:\Users\Brooke\AppData\Local\AMD
2015-09-24 02:38:43 -------- d-----w- C:\Users\Brooke\AppData\Local\ATI
2015-09-24 02:37:43 -------- d-----w- C:\Users\Brooke\AppData\Roaming\Synaptics
2015-09-24 02:37:43 -------- d-----w- C:\Users\Brooke\AppData\Roaming\hpqLog
2015-09-11 22:48:46 94208 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll
2015-09-11 21:44:26 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2015-09-11 21:44:26 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
.
==================== Find3M ====================
.
2015-09-25 22:56:12 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-11 22:48:44 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2015-09-11 22:48:44 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2015-08-27 18:18:27 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2015-08-27 18:18:27 1887232 ----a-w- C:\Windows\System32\msxml3.dll
2015-08-27 18:13:03 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2015-08-27 18:13:03 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-08-27 17:58:14 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2015-08-27 17:58:14 1241088 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-08-27 17:51:26 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2015-08-27 17:51:26 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-08-26 18:07:11 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-08-26 18:07:11 3165696 ----a-w- C:\Windows\System32\wucltux.dll
2015-08-26 18:07:11 192000 ----a-w- C:\Windows\System32\wuwebv.dll
2015-08-26 18:06:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-08-26 18:06:33 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-08-26 18:06:30 37376 ----a-w- C:\Windows\System32\wuapp.exe
2015-08-26 17:56:25 93184 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-08-26 17:56:25 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-08-26 17:55:37 34816 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-08-05 17:56:14 1110016 ----a-w- C:\Windows\System32\schedsvc.dll
2015-08-05 17:56:06 275456 ----a-w- C:\Windows\System32\InkEd.dll
2015-08-05 17:40:50 216064 ----a-w- C:\Windows\SysWow64\InkEd.dll
2015-08-04 18:03:10 692672 ----a-w- C:\Windows\System32\winload.efi
2015-08-04 18:00:24 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-08-04 17:56:54 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-08-04 17:56:37 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-08-04 17:56:37 32768 ----a-w- C:\Windows\System32\appidsvc.dll
2015-08-04 17:55:57 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2015-08-04 17:55:57 147456 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2015-08-04 17:47:42 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2015-08-04 16:58:09 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2015-07-28 20:09:44 17344 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2015-07-28 20:05:53 774656 ----a-w- C:\Windows\System32\invagent.dll
2015-07-28 20:05:50 743424 ----a-w- C:\Windows\System32\generaltel.dll
2015-07-28 20:05:47 437760 ----a-w- C:\Windows\System32\devinv.dll
2015-07-28 20:05:45 1116672 ----a-w- C:\Windows\System32\appraiser.dll
2015-07-28 20:05:44 69120 ----a-w- C:\Windows\System32\acmigration.dll
2015-07-28 20:05:44 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-07-28 19:55:14 1148416 ----a-w- C:\Windows\System32\aeinv.dll
2015-07-23 00:06:26 5568960 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-07-23 00:06:25 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-07-23 00:06:25 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-07-23 00:03:19 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-07-23 00:03:07 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-07-23 00:03:07 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-07-23 00:03:07 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-07-23 00:03:06 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-07-23 00:01:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-07-23 00:01:39 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-07-23 00:01:32 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-07-22 23:58:17 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-07-22 23:57:53 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-07-22 23:51:59 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-07-22 17:57:49 3989952 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-07-22 17:57:49 3934656 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-07-22 17:54:12 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-07-22 17:52:52 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-07-22 17:52:19 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-07-22 17:52:03 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-07-22 17:52:03 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-07-22 17:52:03 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-07-22 17:52:03 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-07-22 17:47:28 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-07-22 17:46:50 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-07-22 16:48:49 41984 ----a-w- C:\Windows\System32\UtcResources.dll
2015-07-22 16:45:48 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-07-22 16:44:51 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-07-22 16:44:45 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-07-22 16:34:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-07-22 16:34:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-07-22 16:31:52 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-07-22 16:31:52 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-22 16:31:52 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-22 16:31:52 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-07-10 17:51:27 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2015-07-10 17:51:19 3722752 ----a-w- C:\Windows\System32\mstscax.dll
2015-07-10 17:51:10 158720 ----a-w- C:\Windows\System32\aaclient.dll
2015-07-10 17:34:09 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2015-07-10 17:34:02 3221504 ----a-w- C:\Windows\SysWow64\mstscax.dll
2015-07-10 17:33:50 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2015-07-09 17:58:26 82944 ----a-w- C:\Windows\System32\dwmapi.dll
2015-07-09 17:58:26 1632256 ----a-w- C:\Windows\System32\dwmcore.dll
2015-07-09 17:57:57 193536 ----a-w- C:\Windows\System32\notepad.exe
2015-07-09 17:57:57 193536 ----a-w- C:\Windows\notepad.exe
2015-07-09 17:42:54 67584 ----a-w- C:\Windows\SysWow64\dwmapi.dll
2015-07-09 17:42:54 1372160 ----a-w- C:\Windows\SysWow64\dwmcore.dll
2015-07-09 17:42:27 179712 ----a-w- C:\Windows\SysWow64\notepad.exe
2015-07-05 10:08:23 300704 ------w- C:\Windows\System32\MpSigStub.exe
2015-07-04 18:07:11 2087424 ----a-w- C:\Windows\System32\ole32.dll
2015-07-04 17:48:36 1414656 ----a-w- C:\Windows\SysWow64\ole32.dll
2015-07-01 20:49:56 260096 ----a-w- C:\Windows\System32\WebClnt.dll
2015-07-01 20:48:36 102912 ----a-w- C:\Windows\System32\davclnt.dll
2015-07-01 20:30:43 206848 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2015-07-01 20:30:21 82432 ----a-w- C:\Windows\SysWow64\davclnt.dll
.
============= FINISH: 0:27:49.22 ===============

Viewing all articles
Browse latest Browse all 2798

Trending Articles