WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93125 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Major crashes, anti-virus won't work, black screens, help! [So

Started by CoolCat , May 29 2013 04:31 AM

This topic is locked

169 replies to this topic

#136 OCD

SuperHelper

Malware Team
5,574 posts

Posted 14 July 2013 - 08:59 AM

Hi CoolCat,

Neither of those worked. First, they downloaded somewhere else other than my desktop so I had to locate them and drag them onto the desktop. As soon as I started running SecurityCheck, Comodo kept zapping it and I kept telling it to allow, but then it would zap it again and again and finally it said access denied. I shut off Comodo but then SecurityCheck wouldn't even open after several tries with that.

This is normal. You will have to re-teach the firewall what programs to allow access.

I went ahead and started OTL but both logs were blank and I got an error which I can't remember, what was said. I hunted down the logs on the C drive and those were blank.

This also is normal. The default setting for where to save downloads is not generally the desktop, but the downloads folder.

I was going to come here to download them again with Comodo off but got this instead apnmcp.exe and I finally wound up blocking it, at least temporarily because Comodo wouldn't let me open a Google search to try to look it up. Some sites say OK, others like Bleeping Computer told someone to remove it so I am just not going to let it download until I hear back from you.

Continue to block tha apnmcp.exe that is related to the Ask Toolbar which we do not want to have installed.

When you download any software read carefully during the download and install process for unwanted 3rd party add-ons and do not install them

Please delete the copies of Security Check and OTL you just downloaded, reboot and download a fresh copy and re-try the Security Check and OTL steps and post the logs generated.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

Advertisements

Register to Remove

#137 CoolCat

Silver Member

Authentic Member
498 posts

Posted 14 July 2013 - 04:24 PM

apnmcp.exe may have gotten in last night as I was shutting down the computer. It was that or qtzgacer.exe and probably the latter. I was unable to shut down without oking it, or denying it. I forget which but I was just getting so fed up with it all, I can't remember which I clicked.

#138 CoolCat

Silver Member

Authentic Member
498 posts

Posted 15 July 2013 - 12:59 AM

Good grief - lol. I could not stop comodo from zapping those programs, not even shutting it off multiple times. It just kept zapping it and I wound up having to delete it in order to run these.

Here's the checkup test.

Results of screen317's Security Check version 0.99.69
Windows Vista Service Pack 1 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 10 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

#139 CoolCat

Silver Member

Authentic Member
498 posts

Posted 15 July 2013 - 01:00 AM

OTL Scan

OTL logfile created on: 7/15/2013 1:51:18 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\arwen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 56.63% Memory free
8.05 Gb Paging File | 6.17 Gb Available in Paging File | 76.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 143.04 Gb Total Space | 93.59 Gb Free Space | 65.43% Space Free | Partition Type: NTFS
Drive D: | 139.50 Gb Total Space | 101.17 Gb Free Space | 72.52% Space Free | Partition Type: NTFS

Computer Name: ARWEN-PC | User Name: arwen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\arwen\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\AOL\1373719338\ee\aolsoftware.exe (AOL Inc.)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\PLFSetI.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Windows\PLFSetI.exe ()

========== Services (SafeList) ==========

SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Partner Service) -- C:\ProgramData\Partner\partner.exe (Google Inc.)
SRV - (APNMCP) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
SRV - (GeekBuddyRSP) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
SRV - (CLPSLauncher) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CLHNService) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL LLC)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\DRIVERS\avkmgr.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys ()
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys ()
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys ()
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys ()
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys ()
DRV:64bit: - (L1E) -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys ()
DRV:64bit: - (NETw5v64) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys ()
DRV:64bit: - (TcUsb) -- C:\Windows\SysNative\Drivers\tcusb.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys ()
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS ()
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys ()
DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys ()
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys ()
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys ()
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys ()
DRV:64bit: - (HSFHWAZL) -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS ()
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys ()
DRV:64bit: - (winbondcir) -- C:\Windows\SysNative\DRIVERS\winbondcir.sys ()
DRV:64bit: - (wanatw) -- C:\Windows\SysNative\DRIVERS\wanatw64.sys ()
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys ()
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...p;m=aspire_6930
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...p;m=aspire_6930
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...p;m=aspire_6930
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...p;m=aspire_6930
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...amp;rlz=1I7ACAW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...p;m=aspire_6930
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...1I7ACAW_enUS544
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

[2013/07/13 02:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\arwen\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions
[2013/07/02 15:42:09 | 000,713,719 | ---- | M] () (No name found) -- C:\Users\arwen\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{g
oogle:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:ins
tantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyPar
ameter},
CHR - homepage: http://www.google.com/
CHR - plugin: First user (Disabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Avira SearchFree Toolbar plus Web Protection = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\19.52819_0\
CHR - Extension: myAstro = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiddkniohkgjhalkefknbhpepiolmkbf\1.1_0\
CHR - Extension: Google Docs = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\
CHR - Extension: Google Search = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Gmail = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Yann Arthus-Bertrand = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0\

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1373719338\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Acer Product Registration.lnk = C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.183.164 97.64.209.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E93E5B99-0B10-4A51-92DE-58B98276B5AE}: DhcpNameServer = 97.64.183.164 97.64.209.37
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\Users\arwen\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\arwen\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/15 01:47:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\arwen\Desktop\OTL.exe
[2013/07/15 01:44:33 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\AskPartnerNetwork
[2013/07/15 01:29:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/14 23:57:11 | 000,000,000 | ---D | C] -- C:\Users\arwen\Desktop\7-14
[2013/07/14 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\arwen\Desktop\7-13
[2013/07/14 23:41:31 | 000,000,000 | ---D | C] -- C:\Users\arwen\Desktop\stan iris fiasco
[2013/07/14 18:53:50 | 000,000,000 | ---D | C] -- C:\Users\arwen\Desktop\Pontu viewer v2.1
[2013/07/14 18:28:38 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop\Pontu_Viewer_v2.2_2013
[2013/07/13 05:45:31 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\AOL
[2013/07/13 05:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2013/07/13 05:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
[2013/07/13 05:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2013/07/13 05:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Viewpoint
[2013/07/13 05:44:48 | 000,058,696 | ---- | C] (AOL Inc.) -- C:\Windows\SysWow64\AOLParconLink.exe
[2013/07/13 05:43:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
[2013/07/13 05:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2013/07/13 05:42:29 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\AOL
[2013/07/13 05:42:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL
[2013/07/13 05:42:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2013/07/13 05:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\aolshare
[2013/07/13 05:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL Desktop 9.7
[2013/07/13 05:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
[2013/07/13 05:41:01 | 000,000,000 | ---D | C] -- C:\AOL
[2013/07/13 05:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
[2013/07/13 02:31:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/07/13 02:31:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2013/07/13 02:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013/07/13 02:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2013/07/13 02:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013/07/13 02:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013/07/13 02:08:33 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Avira
[2013/07/13 02:07:58 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Mozilla
[2013/07/13 02:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/07/13 02:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013/07/13 02:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/07/13 02:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/07/13 02:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/07/13 02:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013/07/13 01:56:32 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2013/07/13 01:56:32 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2013/07/13 01:56:32 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2013/07/13 01:56:32 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2013/07/13 01:36:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2013/07/13 01:36:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2013/07/13 00:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/07/13 00:39:10 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2013/07/13 00:39:08 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2013/07/13 00:39:08 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2013/07/13 00:39:08 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2013/07/13 00:39:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2013/07/13 00:39:03 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/07/13 00:33:20 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2013/07/13 00:33:18 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2013/07/13 00:30:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2013/07/13 00:30:07 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2013/07/13 00:25:40 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2013/07/13 00:25:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/07/13 00:25:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/07/13 00:23:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2013/07/13 00:23:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2013/07/13 00:23:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2013/07/13 00:23:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2013/07/13 00:23:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2013/07/13 00:23:45 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2013/07/13 00:23:45 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2013/07/13 00:23:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2013/07/13 00:23:45 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2013/07/13 00:23:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2013/07/13 00:23:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2013/07/13 00:23:42 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2013/07/13 00:23:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2013/07/13 00:23:42 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2013/07/13 00:23:42 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2013/07/13 00:23:42 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2013/07/13 00:11:34 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/07/13 00:11:32 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/07/13 00:11:32 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/07/13 00:11:31 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/07/13 00:11:31 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/07/13 00:11:31 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2013/07/13 00:11:31 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/07/13 00:11:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/07/13 00:11:30 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2013/07/13 00:11:07 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amxread.dll
[2013/07/13 00:11:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apilogen.dll
[2013/07/13 00:11:04 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2013/07/13 00:10:40 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2013/07/13 00:10:40 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2013/07/13 00:10:39 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2013/07/13 00:10:39 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2013/07/13 00:10:39 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2013/07/13 00:10:39 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2013/07/13 00:10:39 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2013/07/13 00:10:39 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2013/07/13 00:10:32 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2013/07/13 00:10:32 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2013/07/13 00:10:22 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2013/07/13 00:10:13 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2013/07/13 00:10:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2013/07/13 00:10:07 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2013/07/13 00:10:06 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2013/07/13 00:10:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2013/07/13 00:10:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2013/07/13 00:10:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2013/07/13 00:10:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2013/07/13 00:10:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2013/07/13 00:10:06 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2013/07/13 00:09:00 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2013/07/13 00:08:25 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2013/07/13 00:08:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2013/07/13 00:08:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2013/07/13 00:08:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2013/07/13 00:08:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2013/07/13 00:08:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2013/07/13 00:08:12 | 010,624,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/07/13 00:08:10 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/07/13 00:07:51 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/07/13 00:07:51 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/07/13 00:07:46 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2013/07/13 00:07:46 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2013/07/13 00:07:40 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2013/07/13 00:07:33 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2013/07/13 00:07:33 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2013/07/13 00:07:07 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2013/07/13 00:06:58 | 003,080,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/07/13 00:06:58 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/07/13 00:06:53 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/07/13 00:06:52 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/07/13 00:06:44 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/07/13 00:06:39 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/07/13 00:06:38 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/07/13 00:06:38 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/07/13 00:06:38 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbeio.dll
[2013/07/13 00:06:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2013/07/13 00:06:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2013/07/13 00:06:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2013/07/13 00:06:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2013/07/13 00:06:25 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2013/07/13 00:06:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2013/07/13 00:06:25 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2013/07/13 00:06:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avicap32.dll
[2013/07/13 00:06:22 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2013/07/13 00:06:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2013/07/13 00:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/07/13 00:06:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2013/07/13 00:05:43 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2013/07/13 00:05:39 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/07/13 00:05:38 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/13 00:05:30 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2013/07/13 00:05:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/07/13 00:05:21 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2013/07/13 00:05:20 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2013/07/13 00:05:12 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/07/13 00:05:07 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2013/07/13 00:04:59 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2013/07/13 00:04:59 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2013/07/13 00:04:58 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2013/07/13 00:04:55 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/07/13 00:04:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/07/13 00:04:54 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2013/07/13 00:04:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/07/13 00:04:52 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2013/07/13 00:04:52 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2013/07/13 00:04:51 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2013/07/13 00:02:44 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Deployment
[2013/07/13 00:02:44 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Apps
[2013/07/12 23:50:29 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop\Antivirus
[2013/07/12 23:47:02 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Malwarebytes
[2013/07/12 23:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/12 23:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/12 23:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/07/12 23:42:27 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\SysWow64\igxpun.exe
[2013/07/12 23:42:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2013/07/12 23:42:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2013/07/12 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/07/12 23:41:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/07/12 23:37:52 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Adobe
[2013/07/12 23:37:39 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Google
[2013/07/12 23:37:39 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Google
[2013/07/12 23:21:16 | 014,033,923 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\acer.exe
[2013/07/12 23:21:16 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Macromedia
[2013/07/12 23:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Incorporated
[2013/07/12 23:21:11 | 000,000,000 | ---D | C] -- C:\Windows\ACER
[2013/07/12 23:19:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013/07/12 23:18:45 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\PowerCinema
[2013/07/12 23:18:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2013/07/12 23:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2013/07/12 23:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/07/12 23:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/07/12 23:14:38 | 000,000,000 | ---D | C] -- C:\CLSetup
[2013/07/12 23:07:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista
[2013/07/12 23:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Inc
[2013/07/12 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
[2013/07/12 23:05:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2013/07/12 23:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2013/07/12 23:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/07/12 23:00:32 | 000,262,144 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2013/07/12 23:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye
[2013/07/12 23:00:22 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\InstallShield
[2013/07/12 22:59:10 | 000,409,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTKVAA64.EXE
[2013/07/12 22:58:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/07/12 22:57:03 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013/07/12 22:57:01 | 006,495,264 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe
[2013/07/12 22:57:01 | 001,393,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd64.exe
[2013/07/12 22:57:00 | 000,497,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\CTAPO32.dll
[2013/07/12 22:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/07/12 22:56:59 | 000,528,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/07/12 22:56:59 | 000,319,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2013/07/12 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Leadertech
[2013/07/12 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Acer
[2013/07/12 22:56:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/12 22:55:43 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/07/12 22:55:43 | 000,000,000 | R--D | C] -- C:\Users\arwen\Searches
[2013/07/12 22:55:43 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/07/12 22:55:34 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Identities
[2013/07/12 22:55:31 | 000,000,000 | R--D | C] -- C:\Users\arwen\Contacts
[2013/07/12 22:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Partner
[2013/07/12 22:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/07/12 22:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/07/12 22:53:39 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\VirtualStore
[2013/07/12 22:53:19 | 000,000,000 | --SD | C] -- C:\Users\arwen\AppData\Roaming\Microsoft
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Videos
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Saved Games
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Pictures
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Music
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Links
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Favorites
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Downloads
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Documents
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\AppData\Local\Temporary Internet Files
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Templates
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Start Menu
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\SendTo
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Recent
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\PrintHood
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\NetHood
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Documents\My Videos
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Documents\My Pictures
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Documents\My Music
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\My Documents
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Local Settings
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\AppData\Local\History
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Cookies
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Application Data
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\AppData\Local\Application Data
[2013/07/12 22:53:19 | 000,000,000 | -H-D | C] -- C:\Users\arwen\AppData
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Temp
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Microsoft
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Media Center Programs
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Acer GameZone Console

========== Files - Modified Within 30 Days ==========

[2013/07/15 01:48:08 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/15 01:48:08 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/15 01:48:08 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/15 01:47:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\arwen\Desktop\OTL.exe
[2013/07/15 01:46:54 | 000,891,022 | ---- | M] () -- C:\Users\arwen\Desktop\SecurityCheck.exe
[2013/07/15 01:42:19 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/15 01:41:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013/07/15 01:40:39 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 01:40:39 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 01:40:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/15 01:40:27 | 4220,379,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/15 01:08:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/14 20:45:11 | 000,002,303 | ---- | M] () -- C:\Users\arwen\Desktop\whistle.gif
[2013/07/14 02:44:45 | 000,052,045 | ---- | M] () -- C:\Users\arwen\Desktop\new diamond 5.JPG
[2013/07/13 21:02:38 | 000,042,953 | ---- | M] () -- C:\Users\arwen\Desktop\kr osprey fight.JPG
[2013/07/13 18:13:53 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/13 05:45:14 | 000,000,960 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2013/07/13 05:45:13 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2013/07/13 05:32:47 | 000,058,696 | ---- | M] (AOL Inc.) -- C:\Windows\SysWow64\AOLParconLink.exe
[2013/07/13 05:31:56 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2013/07/13 02:13:34 | 000,001,954 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013/07/13 02:03:22 | 000,130,016 | ---- | M] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/07/13 02:03:22 | 000,100,712 | ---- | M] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/07/13 02:03:22 | 000,028,600 | ---- | M] () -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/07/13 01:48:52 | 000,000,375 | ---- | M] () -- C:\Users\arwen\Desktop\Everything - Shortcut.lnk
[2013/07/13 01:46:00 | 000,000,369 | ---- | M] () -- C:\Users\arwen\Desktop\HELLGATE - Shortcut.lnk
[2013/07/13 01:45:37 | 000,000,390 | ---- | M] () -- C:\Users\arwen\Desktop\MADIS & ESTONIA - Shortcut.lnk
[2013/07/13 01:43:28 | 000,002,053 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/13 01:41:11 | 000,306,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/13 00:14:22 | 000,055,074 | ---- | M] () -- C:\Users\arwen\Desktop\Paypal GE Capitol payment 07-13-2013.JPG
[2013/07/13 00:13:34 | 000,001,680 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2013/07/12 23:47:35 | 000,047,092 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/07/12 23:36:30 | 000,001,092 | ---- | M] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Acer Product Registration.lnk
[2013/07/12 23:33:15 | 000,006,903 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2013/07/12 23:14:38 | 000,000,020 | ---- | M] () -- C:\Medion.ini
[2013/07/12 23:07:06 | 000,000,098 | ---- | M] () -- C:\Windows\GridV.UNI
[2013/07/12 23:05:39 | 000,000,089 | ---- | M] () -- C:\Windows\QtZgAcer.UNI
[2013/07/12 23:02:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/07/12 22:57:04 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013/07/12 22:56:59 | 000,319,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2013/07/12 22:55:59 | 000,000,977 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/12 22:53:46 | 000,016,080 | ---- | M] () -- C:\Windows\SysNative\results.xml

========== Files Created - No Company Name ==========

[2013/07/15 01:46:54 | 000,891,022 | ---- | C] () -- C:\Users\arwen\Desktop\SecurityCheck.exe
[2013/07/14 20:45:10 | 000,002,303 | ---- | C] () -- C:\Users\arwen\Desktop\whistle.gif
[2013/07/14 02:44:42 | 000,052,045 | ---- | C] () -- C:\Users\arwen\Desktop\new diamond 5.JPG
[2013/07/13 21:02:38 | 000,042,953 | ---- | C] () -- C:\Users\arwen\Desktop\kr osprey fight.JPG
[2013/07/13 05:45:14 | 000,000,960 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2013/07/13 05:45:13 | 000,000,872 | ---- | C] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2013/07/13 05:42:55 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\drivers\wanatw64.sys
[2013/07/13 05:31:56 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2013/07/13 02:31:51 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2013/07/13 02:31:49 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll
[2013/07/13 02:31:49 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll
[2013/07/13 02:31:48 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2013/07/13 02:13:34 | 000,001,954 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013/07/13 02:06:20 | 000,130,016 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/07/13 02:06:20 | 000,100,712 | ---- | C] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/07/13 02:06:20 | 000,028,600 | ---- | C] () -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/07/13 01:56:32 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2013/07/13 01:56:32 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2013/07/13 01:56:32 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2013/07/13 01:56:32 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2013/07/13 01:56:31 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2013/07/13 01:48:52 | 000,000,375 | ---- | C] () -- C:\Users\arwen\Desktop\Everything - Shortcut.lnk
[2013/07/13 01:46:00 | 000,000,369 | ---- | C] () -- C:\Users\arwen\Desktop\HELLGATE - Shortcut.lnk
[2013/07/13 01:45:37 | 000,000,390 | ---- | C] () -- C:\Users\arwen\Desktop\MADIS & ESTONIA - Shortcut.lnk
[2013/07/13 01:27:50 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll
[2013/07/13 01:00:58 | 000,278,800 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2013/07/13 00:39:10 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2013/07/13 00:39:08 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2013/07/13 00:39:08 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2013/07/13 00:39:08 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2013/07/13 00:39:07 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2013/07/13 00:39:03 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/07/13 00:33:20 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2013/07/13 00:33:19 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2013/07/13 00:30:09 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2013/07/13 00:30:08 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2013/07/13 00:30:08 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2013/07/13 00:25:40 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax
[2013/07/13 00:25:38 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll
[2013/07/13 00:25:38 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax
[2013/07/13 00:23:57 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\winrsmgr.dll
[2013/07/13 00:23:56 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\wsmplpxy.dll
[2013/07/13 00:23:56 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\winrssrv.dll
[2013/07/13 00:23:47 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\pwrshplugin.dll
[2013/07/13 00:23:47 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\winrs.exe
[2013/07/13 00:23:47 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\winrshost.exe
[2013/07/13 00:23:47 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\wsmprovhost.exe
[2013/07/13 00:23:45 | 000,232,960 | ---- | C] () -- C:\Windows\SysNative\wecsvc.dll
[2013/07/13 00:23:45 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wevtfwd.dll
[2013/07/13 00:23:45 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wecutil.exe
[2013/07/13 00:23:45 | 000,084,992 | ---- | C] () -- C:\Windows\SysNative\wecapi.dll
[2013/07/13 00:23:45 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\WsmRes.dll
[2013/07/13 00:23:43 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2013/07/13 00:23:43 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2013/07/13 00:23:43 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2013/07/13 00:23:43 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2013/07/13 00:23:43 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2013/07/13 00:23:43 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2013/07/13 00:23:42 | 002,050,048 | ---- | C] () -- C:\Windows\SysNative\WsmSvc.dll
[2013/07/13 00:23:42 | 000,370,688 | ---- | C] () -- C:\Windows\SysNative\winrscmd.dll
[2013/07/13 00:23:42 | 000,352,768 | ---- | C] () -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2013/07/13 00:23:42 | 000,348,672 | ---- | C] () -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2013/07/13 00:23:42 | 000,310,272 | ---- | C] () -- C:\Windows\SysNative\WsmWmiPl.dll
[2013/07/13 00:23:42 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\WsmAuto.dll
[2013/07/13 00:14:18 | 000,055,074 | ---- | C] () -- C:\Users\arwen\Desktop\Paypal GE Capitol payment 07-13-2013.JPG
[2013/07/13 00:13:34 | 000,001,680 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2013/07/13 00:11:37 | 005,702,144 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2013/07/13 00:11:35 | 007,016,960 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2013/07/13 00:11:34 | 002,452,872 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2013/07/13 00:11:34 | 001,427,968 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2013/07/13 00:11:33 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2013/07/13 00:11:33 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2013/07/13 00:11:32 | 000,759,808 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2013/07/13 00:11:32 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2013/07/13 00:11:32 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2013/07/13 00:11:32 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2013/07/13 00:11:32 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2013/07/13 00:11:32 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2013/07/13 00:11:31 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2013/07/13 00:11:31 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2013/07/13 00:11:31 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2013/07/13 00:11:31 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2013/07/13 00:11:30 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2013/07/13 00:11:30 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2013/07/13 00:11:30 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2013/07/13 00:11:07 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll
[2013/07/13 00:11:07 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll
[2013/07/13 00:11:06 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2013/07/13 00:11:04 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll
[2013/07/13 00:10:40 | 000,594,944 | ---- | C] () -- C:\Windows\SysNative\RMActivate_isv.exe
[2013/07/13 00:10:40 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\RMActivate.exe
[2013/07/13 00:10:40 | 000,413,696 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2013/07/13 00:10:39 | 000,535,040 | ---- | C] () -- C:\Windows\SysNative\secproc.dll
[2013/07/13 00:10:39 | 000,534,016 | ---- | C] () -- C:\Windows\SysNative\secproc_isv.dll
[2013/07/13 00:10:39 | 000,457,216 | ---- | C] () -- C:\Windows\SysNative\msdrm.dll
[2013/07/13 00:10:39 | 000,409,600 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp.exe
[2013/07/13 00:10:39 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2013/07/13 00:10:39 | 000,158,720 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp.dll
[2013/07/13 00:10:37 | 004,692,368 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2013/07/13 00:10:36 | 001,560,960 | ---- | C] () -- C:\Windows\SysNative\ntdll.dll
[2013/07/13 00:10:32 | 001,245,184 | ---- | C] () -- C:\Windows\SysNative\WMNetMgr.dll
[2013/07/13 00:10:32 | 000,112,640 | ---- | C] () -- C:\Windows\SysNative\logagent.exe
[2013/07/13 00:10:29 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll
[2013/07/13 00:10:29 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys
[2013/07/13 00:10:24 | 001,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2013/07/13 00:10:23 | 000,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll
[2013/07/13 00:10:22 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll
[2013/07/13 00:10:22 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll
[2013/07/13 00:10:22 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll
[2013/07/13 00:10:22 | 000,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll
[2013/07/13 00:10:22 | 000,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2013/07/13 00:10:21 | 000,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe
[2013/07/13 00:10:19 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2013/07/13 00:10:13 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2013/07/13 00:10:13 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2013/07/13 00:10:07 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll
[2013/07/13 00:10:06 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE
[2013/07/13 00:10:06 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE
[2013/07/13 00:10:06 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE
[2013/07/13 00:10:06 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE
[2013/07/13 00:10:06 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe
[2013/07/13 00:10:06 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE
[2013/07/13 00:10:06 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE
[2013/07/13 00:09:40 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2013/07/13 00:09:38 | 000,454,144 | ---- | C] () -- C:\Windows\SysNative\shlwapi.dll
[2013/07/13 00:09:25 | 000,301,568 | ---- | C] () -- C:\Windows\SysNative\shsvcs.dll
[2013/07/13 00:09:00 | 000,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe
[2013/07/13 00:08:36 | 001,794,560 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll
[2013/07/13 00:08:25 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2013/07/13 00:08:24 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2013/07/13 00:08:23 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2013/07/13 00:08:23 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2013/07/13 00:08:22 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2013/07/13 00:08:22 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2013/07/13 00:08:16 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2013/07/13 00:08:10 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2013/07/13 00:07:51 | 002,424,320 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2013/07/13 00:07:51 | 000,730,624 | ---- | C] () -- C:\Windows\SysNative\mstsc.exe
[2013/07/13 00:07:49 | 000,450,048 | ---- | C] () -- C:\Windows\SysNative\winsrv.dll
[2013/07/13 00:07:49 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\csrsrv.dll
[2013/07/13 00:07:47 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2013/07/13 00:07:44 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/07/13 00:07:41 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll
[2013/07/13 00:07:41 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL
[2013/07/13 00:07:37 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2013/07/13 00:07:37 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2013/07/13 00:07:37 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2013/07/13 00:07:37 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2013/07/13 00:07:37 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2013/07/13 00:07:37 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2013/07/13 00:07:34 | 000,854,528 | ---- | C] () -- C:\Windows\SysNative\schedsvc.dll
[2013/07/13 00:07:34 | 000,655,872 | ---- | C] () -- C:\Windows\SysNative\taskschd.dll
[2013/07/13 00:07:33 | 000,499,712 | ---- | C] () -- C:\Windows\SysNative\wmicmiplugin.dll
[2013/07/13 00:07:33 | 000,410,112 | ---- | C] () -- C:\Windows\SysNative\taskcomp.dll
[2013/07/13 00:07:33 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\taskeng.exe
[2013/07/13 00:07:30 | 000,847,872 | ---- | C] () -- C:\Windows\SysNative\oleaut32.dll
[2013/07/13 00:07:16 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2013/07/13 00:07:07 | 000,462,848 | ---- | C] () -- C:\Windows\SysNative\odbc32.dll
[2013/07/13 00:07:01 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2013/07/13 00:06:54 | 000,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2013/07/13 00:06:54 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2013/07/13 00:06:54 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2013/07/13 00:06:53 | 001,398,784 | ---- | C] () -- C:\Windows\SysNative\mfc42.dll
[2013/07/13 00:06:53 | 001,360,384 | ---- | C] () -- C:\Windows\SysNative\mfc42u.dll
[2013/07/13 00:06:44 | 000,660,480 | ---- | C] () -- C:\Windows\SysNative\win32spl.dll
[2013/07/13 00:06:41 | 000,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll
[2013/07/13 00:06:39 | 000,560,128 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll
[2013/07/13 00:06:39 | 000,416,768 | ---- | C] () -- C:\Windows\SysNative\sbe.dll
[2013/07/13 00:06:38 | 000,226,816 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax
[2013/07/13 00:06:37 | 000,210,944 | ---- | C] () -- C:\Windows\SysNative\sbeio.dll
[2013/07/13 00:06:33 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2013/07/13 00:06:33 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll
[2013/07/13 00:06:32 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll
[2013/07/13 00:06:32 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll
[2013/07/13 00:06:32 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll
[2013/07/13 00:06:32 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll
[2013/07/13 00:06:32 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll
[2013/07/13 00:06:28 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2013/07/13 00:06:25 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2013/07/13 00:06:25 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2013/07/13 00:06:25 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2013/07/13 00:06:25 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll
[2013/07/13 00:06:25 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll
[2013/07/13 00:06:25 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll
[2013/07/13 00:06:25 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll
[2013/07/13 00:06:25 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll
[2013/07/13 00:06:24 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll
[2013/07/13 00:06:23 | 000,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll
[2013/07/13 00:06:22 | 000,399,872 | ---- | C] () -- C:\Windows\SysNative\emdmgmt.dll
[2013/07/13 00:06:22 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll
[2013/07/13 00:06:22 | 000,002,053 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/13 00:06:22 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/13 00:06:21 | 000,883,200 | ---- | C] () -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2013/07/13 00:06:21 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\drivers\nwifi.sys
[2013/07/13 00:06:21 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\dataclen.dll
[2013/07/13 00:06:21 | 000,047,104 | ---- | C] () -- C:\Windows\SysNative\cdd.dll
[2013/07/13 00:06:17 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\drivers\dfsc.sys
[2013/07/13 00:06:14 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll
[2013/07/13 00:06:10 | 001,075,600 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2013/07/13 00:06:10 | 001,062,800 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2013/07/13 00:06:10 | 000,990,096 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2013/07/13 00:06:10 | 000,979,344 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2013/07/13 00:06:10 | 000,020,880 | ---- | C] () -- C:\Windows\SysNative\kdusb.dll
[2013/07/13 00:06:10 | 000,018,832 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2013/07/13 00:06:10 | 000,018,320 | ---- | C] () -- C:\Windows\SysNative\kdcom.dll
[2013/07/13 00:06:05 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll
[2013/07/13 00:06:02 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2013/07/13 00:05:45 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll
[2013/07/13 00:05:44 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe
[2013/07/13 00:05:43 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2013/07/13 00:05:41 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2013/07/13 00:05:40 | 000,880,640 | ---- | C] () -- C:\Windows\SysNative\timedate.cpl
[2013/07/13 00:05:38 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2013/07/13 00:05:38 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2013/07/13 00:05:36 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2013/07/13 00:05:35 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2013/07/13 00:05:34 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2013/07/13 00:05:32 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2013/07/13 00:05:30 | 000,841,216 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/07/13 00:05:30 | 000,470,016 | ---- | C] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2013/07/13 00:05:30 | 000,386,560 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/07/13 00:05:29 | 000,221,184 | ---- | C] () -- C:\Windows\SysNative\dnsapi.dll
[2013/07/13 00:05:28 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\dnsrslvr.dll
[2013/07/13 00:05:28 | 000,028,672 | ---- | C] () -- C:\Windows\SysNative\dnscacheugc.exe
[2013/07/13 00:05:27 | 001,251,840 | ---- | C] () -- C:\Windows\SysNative\sdclt.exe
[2013/07/13 00:05:26 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\bowser.sys
[2013/07/13 00:05:24 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2013/07/13 00:05:23 | 000,407,552 | ---- | C] () -- C:\Windows\SysNative\drivers\afd.sys
[2013/07/13 00:05:22 | 000,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll
[2013/07/13 00:05:21 | 000,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll
[2013/07/13 00:05:20 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\consent.exe
[2013/07/13 00:05:19 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL
[2013/07/13 00:05:16 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2013/07/13 00:05:15 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2013/07/13 00:05:12 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2013/07/13 00:05:11 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2013/07/13 00:05:09 | 000,461,312 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2013/07/13 00:05:08 | 002,762,240 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2013/07/13 00:05:07 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL
[2013/07/13 00:05:06 | 000,388,608 | ---- | C] () -- C:\Windows\SysNative\gdi32.dll
[2013/07/13 00:04:59 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2013/07/13 00:04:58 | 001,691,648 | ---- | C] () -- C:\Windows\SysNative\connect.dll
[2013/07/13 00:04:55 | 000,367,616 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2013/07/13 00:04:55 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2013/07/13 00:04:54 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2013/07/13 00:04:54 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2013/07/13 00:04:53 | 000,344,576 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2013/07/13 00:04:52 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll
[2013/07/13 00:04:52 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll
[2013/07/13 00:04:51 | 000,557,056 | ---- | C] () -- C:\Windows\SysNative\wmpeffects.dll
[2013/07/13 00:03:06 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/13 00:03:05 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/12 23:52:58 | 000,648,704 | ---- | C] () -- C:\Windows\SysNative\netapi32.dll
[2013/07/12 23:46:56 | 000,025,928 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2013/07/12 23:36:30 | 000,001,092 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Acer Product Registration.lnk
[2013/07/12 23:21:21 | 036,909,056 | ---- | C] () -- C:\Windows\SysNative\acer.scr
[2013/07/12 23:21:21 | 014,033,923 | ---- | C] () -- C:\Windows\SysNative\acer.exe
[2013/07/12 23:21:16 | 036,909,056 | ---- | C] () -- C:\Windows\SysWow64\Acer.scr
[2013/07/12 23:14:38 | 000,000,020 | ---- | C] () -- C:\Medion.ini
[2013/07/12 23:07:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013/07/12 23:07:06 | 000,000,098 | ---- | C] () -- C:\Windows\GridV.UNI
[2013/07/12 23:05:38 | 000,000,089 | ---- | C] () -- C:\Windows\QtZgAcer.UNI
[2013/07/12 23:02:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/07/12 23:00:32 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2013/07/12 23:00:32 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2013/07/12 23:00:32 | 000,004,838 | ---- | C] () -- C:\Windows\Suyin.reg
[2013/07/12 23:00:32 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2013/07/12 22:59:11 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2013/07/12 22:57:03 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2013/07/12 22:57:03 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2013/07/12 22:57:03 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2013/07/12 22:57:03 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2013/07/12 22:57:03 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2013/07/12 22:57:02 | 000,883,232 | ---- | C] () -- C:\Windows\SysNative\RtPgEx64.dll
[2013/07/12 22:57:02 | 000,605,216 | ---- | C] () -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/07/12 22:57:02 | 000,513,536 | ---- | C] () -- C:\Windows\SysNative\SRSTSX64.dll
[2013/07/12 22:57:02 | 000,211,376 | ---- | C] () -- C:\Windows\SysNative\SRSTSH64.dll
[2013/07/12 22:57:02 | 000,193,536 | ---- | C] () -- C:\Windows\SysNative\SRSHP64.dll
[2013/07/12 22:57:02 | 000,150,528 | ---- | C] () -- C:\Windows\SysNative\SRSWOW64.dll
[2013/07/12 22:57:01 | 001,497,112 | ---- | C] () -- C:\Windows\SysNative\drivers\RTKVHD64.sys
[2013/07/12 22:57:01 | 001,424,416 | ---- | C] () -- C:\Windows\SysNative\RtkAPO64.dll
[2013/07/12 22:57:01 | 001,146,400 | ---- | C] () -- C:\Windows\SysNative\RTCOM64.dll
[2013/07/12 22:57:01 | 000,368,672 | ---- | C] () -- C:\Windows\SysNative\RtkApi64.dll
[2013/07/12 22:57:01 | 000,245,248 | ---- | C] () -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/07/12 22:57:01 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\ppChain.dll
[2013/07/12 22:57:01 | 000,050,208 | ---- | C] () -- C:\Windows\SysNative\RCoInst64.dll
[2013/07/12 22:57:00 | 000,567,808 | ---- | C] () -- C:\Windows\SysNative\CTAPO64.dll
[2013/07/12 22:57:00 | 000,160,768 | ---- | C] () -- C:\Windows\SysNative\FMAPO64.dll
[2013/07/12 22:57:00 | 000,077,824 | ---- | C] () -- C:\Windows\SysNative\DaisyWrp.dll
[2013/07/12 22:57:00 | 000,057,856 | ---- | C] () -- C:\Windows\SysNative\ctppld.dll
[2013/07/12 22:55:59 | 000,000,953 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/07/12 22:55:44 | 000,000,983 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/07/12 22:55:42 | 000,000,978 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/07/12 22:55:31 | 000,000,919 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2013/07/12 22:54:45 | 000,000,977 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/12 22:54:38 | 000,001,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Registration.lnk
[2013/07/12 22:54:33 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Assist.lnk
[2013/07/12 22:53:49 | 4220,379,136 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/12 22:53:46 | 000,016,080 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2013/07/12 22:53:19 | 000,001,904 | ---- | C] () -- C:\Users\arwen\Desktop\Cyberlink PowerDirector.lnk
[2013/07/12 22:53:19 | 000,000,258 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/07/12 22:53:19 | 000,000,240 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/01/21 08:56:31 | 012,898,304 | ---- | M] ()
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 08:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/03/02 21:53:36 | 000,891,392 | ---- | M] ()
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/02 21:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] ()
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/12 22:56:11 | 000,000,000 | ---D | M] -- C:\Users\arwen\AppData\Roaming\Acer
[2008/12/18 00:09:07 | 000,000,000 | ---D | M] -- C:\Users\arwen\AppData\Roaming\Acer GameZone Console
[2013/07/12 22:56:10 | 000,000,000 | ---D | M] -- C:\Users\arwen\AppData\Roaming\Leadertech

========== Purity Check ==========

< End of report >

#140 CoolCat

Silver Member

Authentic Member
498 posts

Posted 15 July 2013 - 01:04 AM

I cannot locate an extras.txt :unsure:

#141 OCD

SuperHelper

Malware Team
5,574 posts

Posted 15 July 2013 - 11:58 AM

Hi CoolCat,

I apologize for any delay in my replies. I am away on vacation and my access to the Internet will be limited for the next few days.

=========================

You are missing a Sevice Pack for Windows, make sure windows is set to download updates automatically.

1. Windows Automatic Updates

Open Windows Update by clicking the Start button , clicking All Programs, and then clicking Windows Update.
In the left pane, click Change settings.
Choose the option that you want.
Under Recommended updates, select the Include recommended updates when downloading, installing, or notifying me about updates check box, and then click OK. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

=========================

2. Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

AskPartnerNetwork

=========================

3. Run OTL.exe

Windows Vista and Windows 7 users Right Click and select "Run as Administrator"

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:OTL
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
CHR - Extension: Avira SearchFree Toolbar plus Web Protection = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\19.52819_0\
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
[2013/07/15 01:44:33 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\AskPartnerNetwork
[2013/07/13 02:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/07/13 02:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013/07/13 02:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\APN

:Files
C:\Program Files (x86)\AskPartnerNetwork

:Services
APNMCP

:Commands
[purity]
[createrestorepoint]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done

=========================

4. Reboot

=========================

Special Instructions in the OTL scan to produce the Extras log <<< Read steps carefully please

5. Re-run OTL (it should be located on your desktop).

Windows Vista and Windows 7 & 8 users Right Click and select "Run as Administrator" on the icon to run it.

Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Uncheck the boxes beside LOP Check and Purity Check.
Under Extra Registry, choose Use Safe List <-- Important
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

6. Disk Defragmenter for Vista

Open Disk Defragmenter by clicking the Start button, > All Programs, > Accessories, > System Tools and then clicking Disk Defragmenter..
If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Click Defragment Now.

Disk Defragmenter might take from several minutes to a few hours to finish, depending on the size and degree of fragmentation of your hard disk. You can still use your computer during the defragmentation process.

Tutorial: http://windows.micro...-your-hard-disk

=========================

In your next post please provide the following:
OTL.txt
Extras.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#142 CoolCat

Silver Member

Authentic Member
498 posts

Posted 15 July 2013 - 05:42 PM

OK, will do this tonight. Sorry about you having to come here and work on your vacation.

BTW, the computer is set to do automatic updates and it does keep on updating Windows all the time. Maybe it has not done this one, yet? We'll see. I'll be back!

#143 CoolCat

Silver Member

Authentic Member
498 posts

Posted 16 July 2013 - 05:36 AM

The AskPartnerNetwork could not be found in Control Panel, Programs.

OTL worked this time, no problem and both logs were produced.

OTL logfile created on: 7/16/2013 6:20:30 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\arwen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 58.93% Memory free
8.03 Gb Paging File | 6.16 Gb Available in Paging File | 76.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 143.04 Gb Total Space | 90.10 Gb Free Space | 62.99% Space Free | Partition Type: NTFS
Drive D: | 139.50 Gb Total Space | 101.17 Gb Free Space | 72.52% Space Free | Partition Type: NTFS

Computer Name: ARWEN-PC | User Name: arwen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\arwen\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\AOL\1373719338\ee\aolsoftware.exe (AOL Inc.)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\PLFSetI.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Windows\PLFSetI.exe ()

========== Services (SafeList) ==========

SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Partner Service) -- C:\ProgramData\Partner\partner.exe (Google Inc.)
SRV - (GeekBuddyRSP) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
SRV - (CLPSLauncher) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CLHNService) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL LLC)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\DRIVERS\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (NETw5v64) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (TcUsb) -- C:\Windows\SysNative\Drivers\tcusb.sys (UPEK Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys (Conexant Systems, Inc.)
DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (HSFHWAZL) -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (winbondcir) -- C:\Windows\SysNative\DRIVERS\winbondcir.sys (Winbond Electronics Corporation)
DRV:64bit: - (wanatw) -- C:\Windows\SysNative\DRIVERS\wanatw64.sys (America Online, Inc.)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...p;m=aspire_6930
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...p;m=aspire_6930
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...p;m=aspire_6930
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...p;m=aspire_6930
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...amp;rlz=1I7ACAW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...p;m=aspire_6930
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...1I7ACAW_enUS544
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

[2013/07/13 02:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\arwen\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions
[2013/07/02 15:42:09 | 000,713,719 | ---- | M] () (No name found) -- C:\Users\arwen\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{g
oogle:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:ins
tantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyPar
ameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - Extension: myAstro = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiddkniohkgjhalkefknbhpepiolmkbf\1.1_0\
CHR - Extension: Google Docs = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\
CHR - Extension: Google Search = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Gmail = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Yann Arthus-Bertrand = C:\Users\arwen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0\

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" File not found
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1373719338\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - Startup: C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Acer Product Registration.lnk = C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.183.164 97.64.209.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E93E5B99-0B10-4A51-92DE-58B98276B5AE}: DhcpNameServer = 97.64.183.164 97.64.209.37
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\arwen\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\arwen\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/16 06:10:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/16 05:47:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2013/07/16 05:47:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2013/07/16 05:47:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2013/07/16 05:47:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2013/07/16 05:47:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2013/07/16 05:47:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2013/07/16 05:28:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/07/16 05:19:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/15 01:47:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\arwen\Desktop\OTL.exe
[2013/07/15 01:29:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/14 23:57:11 | 000,000,000 | ---D | C] -- C:\Users\arwen\Desktop\7-14
[2013/07/14 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\arwen\Desktop\7-13
[2013/07/14 18:53:50 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop\Pontu viewer v2.1
[2013/07/14 18:28:38 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop\Pontu_Viewer_v2.2_2013
[2013/07/13 23:40:53 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2013/07/13 23:40:52 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2013/07/13 23:40:47 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2013/07/13 23:40:47 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2013/07/13 23:40:47 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2013/07/13 23:40:45 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2013/07/13 23:40:42 | 002,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/07/13 23:40:42 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2013/07/13 23:40:42 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/07/13 23:40:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2013/07/13 23:40:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2013/07/13 23:40:41 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2013/07/13 23:40:38 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/07/13 23:40:36 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2013/07/13 23:40:35 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/07/13 23:40:35 | 001,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2013/07/13 23:40:35 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2013/07/13 23:40:35 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2013/07/13 23:40:35 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2013/07/13 23:40:35 | 000,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2013/07/13 23:40:34 | 001,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2013/07/13 23:40:34 | 001,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2013/07/13 23:40:32 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/07/13 23:40:31 | 003,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/07/13 23:40:30 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2013/07/13 23:40:27 | 000,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2013/07/13 23:40:26 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2013/07/13 23:40:24 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2013/07/13 23:40:22 | 003,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2013/07/13 23:40:21 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2013/07/13 23:40:21 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2013/07/13 23:40:20 | 001,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2013/07/13 23:40:19 | 002,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2013/07/13 23:40:19 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2013/07/13 23:40:19 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2013/07/13 23:40:19 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2013/07/13 23:40:18 | 002,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/07/13 23:40:17 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2013/07/13 23:40:17 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2013/07/13 23:40:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2013/07/13 23:40:14 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2013/07/13 23:40:14 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2013/07/13 23:40:13 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2013/07/13 23:40:13 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2013/07/13 23:40:12 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/07/13 23:40:11 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2013/07/13 23:40:11 | 000,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2013/07/13 23:40:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2013/07/13 23:40:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2013/07/13 23:40:10 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/07/13 23:40:10 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/07/13 23:40:10 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/07/13 23:40:09 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2013/07/13 23:40:08 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2013/07/13 23:40:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2013/07/13 23:40:08 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/07/13 23:40:08 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2013/07/13 23:40:07 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2013/07/13 23:40:07 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2013/07/13 23:40:06 | 003,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2013/07/13 23:40:06 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/07/13 23:40:06 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2013/07/13 23:40:06 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2013/07/13 23:40:05 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2013/07/13 23:40:05 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2013/07/13 23:40:05 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2013/07/13 23:40:05 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2013/07/13 23:40:04 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
[2013/07/13 23:40:04 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2013/07/13 23:40:03 | 001,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2013/07/13 23:40:03 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2013/07/13 23:40:03 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2013/07/13 23:40:03 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2013/07/13 23:40:01 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2013/07/13 23:40:01 | 001,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/07/13 23:40:01 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2013/07/13 23:40:00 | 001,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2013/07/13 23:40:00 | 000,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2013/07/13 23:39:59 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2013/07/13 23:39:59 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/07/13 23:39:59 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2013/07/13 23:39:59 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2013/07/13 23:39:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/07/13 23:39:59 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2013/07/13 23:39:58 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2013/07/13 23:39:58 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2013/07/13 23:39:58 | 000,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2013/07/13 23:39:57 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2013/07/13 23:39:57 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2013/07/13 23:39:57 | 001,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/07/13 23:39:57 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2013/07/13 23:39:57 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2013/07/13 23:39:56 | 003,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/07/13 23:39:56 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2013/07/13 23:39:55 | 001,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2013/07/13 23:39:55 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2013/07/13 23:39:55 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/07/13 23:39:54 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2013/07/13 23:39:54 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2013/07/13 23:39:54 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2013/07/13 23:39:54 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2013/07/13 23:39:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2013/07/13 23:39:53 | 001,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2013/07/13 23:39:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2013/07/13 23:39:52 | 000,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/07/13 23:39:52 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2013/07/13 23:39:51 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2013/07/13 23:39:51 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2013/07/13 23:39:51 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/07/13 23:39:51 | 000,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/07/13 23:39:50 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2013/07/13 23:39:50 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2013/07/13 23:39:49 | 002,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2013/07/13 23:39:49 | 002,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2013/07/13 23:39:49 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2013/07/13 23:39:49 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2013/07/13 23:39:49 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2013/07/13 23:39:48 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2013/07/13 23:39:48 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2013/07/13 23:39:47 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013/07/13 23:39:47 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2013/07/13 23:39:47 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
[2013/07/13 23:39:47 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2013/07/13 23:39:47 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2013/07/13 23:39:47 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2013/07/13 23:39:47 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2013/07/13 23:39:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2013/07/13 23:39:46 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2013/07/13 23:39:46 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2013/07/13 23:39:46 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2013/07/13 23:39:46 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2013/07/13 23:39:46 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2013/07/13 23:39:46 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2013/07/13 23:39:45 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2013/07/13 23:39:45 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2013/07/13 23:39:45 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2013/07/13 23:39:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2013/07/13 23:39:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2013/07/13 23:39:45 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2013/07/13 23:39:44 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2013/07/13 23:39:44 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2013/07/13 23:39:44 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2013/07/13 23:39:44 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/07/13 23:39:44 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/07/13 23:39:44 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2013/07/13 23:39:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2013/07/13 23:39:43 | 001,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2013/07/13 23:39:43 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/07/13 23:39:43 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2013/07/13 23:39:43 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2013/07/13 23:39:43 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2013/07/13 23:39:42 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/07/13 23:39:42 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2013/07/13 23:39:42 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2013/07/13 23:39:42 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2013/07/13 23:39:42 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2013/07/13 23:39:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2013/07/13 23:39:41 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2013/07/13 23:39:41 | 001,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/07/13 23:39:41 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/07/13 23:39:40 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/07/13 23:39:40 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2013/07/13 23:39:40 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2013/07/13 23:39:40 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2013/07/13 23:39:40 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2013/07/13 23:39:40 | 000,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2013/07/13 23:39:40 | 000,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013/07/13 23:39:39 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/07/13 23:39:39 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2013/07/13 23:39:39 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2013/07/13 23:39:39 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/07/13 23:39:38 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/07/13 23:39:38 | 001,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2013/07/13 23:39:38 | 000,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2013/07/13 23:39:37 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2013/07/13 23:39:36 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2013/07/13 23:39:35 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2013/07/13 23:39:35 | 000,841,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/07/13 23:39:35 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/07/13 23:39:35 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2013/07/13 23:39:35 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2013/07/13 23:39:34 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2013/07/13 23:39:34 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013/07/13 23:39:34 | 000,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2013/07/13 23:39:34 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2013/07/13 23:39:34 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2013/07/13 23:39:33 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2013/07/13 23:39:33 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2013/07/13 23:39:32 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
[2013/07/13 23:39:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2013/07/13 23:39:32 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2013/07/13 23:39:31 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
[2013/07/13 23:39:31 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/07/13 23:39:30 | 002,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/07/13 23:39:30 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2013/07/13 23:39:29 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
[2013/07/13 23:39:29 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/07/13 23:39:29 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
[2013/07/13 23:39:28 | 003,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2013/07/13 23:39:28 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
[2013/07/13 23:39:28 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2013/07/13 23:39:28 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2013/07/13 23:39:27 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2013/07/13 23:39:27 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2013/07/13 23:39:27 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2013/07/13 23:39:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2013/07/13 23:39:26 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2013/07/13 23:39:26 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2013/07/13 23:39:26 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2013/07/13 23:39:25 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2013/07/13 23:39:25 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2013/07/13 23:39:25 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2013/07/13 23:39:25 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2013/07/13 23:39:25 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2013/07/13 23:39:25 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2013/07/13 23:39:25 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2013/07/13 23:39:25 | 000,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/07/13 23:39:24 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2013/07/13 23:39:24 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
[2013/07/13 23:39:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2013/07/13 23:39:23 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
[2013/07/13 23:39:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2013/07/13 23:39:22 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2013/07/13 23:39:22 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2013/07/13 23:39:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
[2013/07/13 23:39:22 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2013/07/13 23:39:22 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2013/07/13 23:39:21 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2013/07/13 23:39:21 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2013/07/13 23:39:20 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013/07/13 23:39:19 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2013/07/13 23:39:19 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/07/13 23:39:19 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2013/07/13 23:39:19 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
[2013/07/13 23:39:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2013/07/13 23:39:18 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2013/07/13 23:39:18 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/07/13 23:39:18 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2013/07/13 23:39:18 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2013/07/13 23:39:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2013/07/13 23:39:17 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
[2013/07/13 23:39:17 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2013/07/13 23:39:17 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2013/07/13 23:39:17 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2013/07/13 23:39:17 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2013/07/13 23:39:17 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/07/13 23:39:17 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
[2013/07/13 23:39:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2013/07/13 23:39:16 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2013/07/13 23:39:16 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2013/07/13 23:39:16 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/07/13 23:39:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2013/07/13 23:39:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2013/07/13 23:39:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2013/07/13 23:39:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2013/07/13 23:39:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2013/07/13 23:39:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2013/07/13 23:39:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2013/07/13 23:39:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2013/07/13 23:39:15 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
[2013/07/13 23:39:15 | 001,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2013/07/13 23:39:15 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2013/07/13 23:39:15 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2013/07/13 23:39:15 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2013/07/13 23:39:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2013/07/13 23:39:14 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2013/07/13 23:39:14 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2013/07/13 23:39:14 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
[2013/07/13 23:39:14 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/07/13 23:39:14 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2013/07/13 23:39:14 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2013/07/13 23:39:14 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2013/07/13 23:39:14 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2013/07/13 23:39:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2013/07/13 23:39:14 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2013/07/13 23:39:13 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2013/07/13 23:39:13 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
[2013/07/13 23:39:13 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2013/07/13 23:39:13 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2013/07/13 23:39:13 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2013/07/13 23:39:13 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2013/07/13 23:39:13 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
[2013/07/13 23:39:13 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2013/07/13 23:39:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/07/13 23:39:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2013/07/13 23:39:12 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2013/07/13 23:39:12 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2013/07/13 23:39:12 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2013/07/13 23:39:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2013/07/13 23:39:12 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2013/07/13 23:39:12 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2013/07/13 23:39:11 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2013/07/13 23:39:11 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2013/07/13 23:39:11 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/07/13 23:39:11 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2013/07/13 23:39:10 | 001,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2013/07/13 23:39:10 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2013/07/13 23:39:10 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2013/07/13 23:39:10 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2013/07/13 23:39:10 | 000,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2013/07/13 23:39:09 | 000,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
[2013/07/13 23:39:09 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2013/07/13 23:39:09 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2013/07/13 23:39:09 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2013/07/13 23:39:09 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2013/07/13 23:39:08 | 001,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2013/07/13 23:39:08 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
[2013/07/13 23:39:07 | 001,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
[2013/07/13 23:39:07 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2013/07/13 23:39:07 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2013/07/13 23:39:07 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2013/07/13 23:39:07 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2013/07/13 23:39:07 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2013/07/13 23:39:06 | 002,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2013/07/13 23:39:06 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2013/07/13 23:39:06 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2013/07/13 23:39:06 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2013/07/13 23:39:06 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2013/07/13 23:39:06 | 000,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2013/07/13 23:39:05 | 002,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2013/07/13 23:39:05 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2013/07/13 23:39:05 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
[2013/07/13 23:39:05 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/07/13 23:39:05 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2013/07/13 23:39:05 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/07/13 23:39:05 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/07/13 23:39:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2013/07/13 23:39:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
[2013/07/13 23:39:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
[2013/07/13 23:39:04 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2013/07/13 23:39:04 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2013/07/13 23:39:04 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2013/07/13 23:39:04 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
[2013/07/13 23:39:04 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2013/07/13 23:39:04 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2013/07/13 23:39:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2013/07/13 23:39:04 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2013/07/13 23:39:03 | 001,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2013/07/13 23:39:03 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2013/07/13 23:39:03 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2013/07/13 23:39:03 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
[2013/07/13 23:39:03 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2013/07/13 23:39:03 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2013/07/13 23:39:03 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2013/07/13 23:39:03 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2013/07/13 23:39:02 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2013/07/13 23:39:02 | 001,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
[2013/07/13 23:39:02 | 000,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2013/07/13 23:39:01 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2013/07/13 23:39:01 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
[2013/07/13 23:39:01 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2013/07/13 23:39:00 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2013/07/13 23:39:00 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2013/07/13 23:39:00 | 000,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2013/07/13 23:38:59 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2013/07/13 23:38:59 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2013/07/13 23:38:59 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2013/07/13 23:38:59 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2013/07/13 23:38:58 | 001,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2013/07/13 23:38:58 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2013/07/13 23:38:58 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2013/07/13 23:38:58 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2013/07/13 23:38:58 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2013/07/13 23:38:58 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2013/07/13 23:38:58 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2013/07/13 23:38:58 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
[2013/07/13 23:38:57 | 002,079,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/07/13 23:38:57 | 001,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2013/07/13 23:38:57 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2013/07/13 23:38:57 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/07/13 23:38:56 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/13 23:38:56 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2013/07/13 23:38:56 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2013/07/13 23:38:56 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2013/07/13 23:38:56 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/07/13 23:38:56 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2013/07/13 23:38:56 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2013/07/13 23:38:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/07/13 23:38:55 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2013/07/13 23:38:55 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2013/07/13 23:38:55 | 000,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2013/07/13 23:38:55 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2013/07/13 23:38:55 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
[2013/07/13 23:38:55 | 000,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
[2013/07/13 23:38:54 | 003,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2013/07/13 23:38:54 | 001,717,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/07/13 23:38:54 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2013/07/13 23:38:54 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2013/07/13 23:38:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2013/07/13 23:38:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2013/07/13 23:38:54 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2013/07/13 23:38:53 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2013/07/13 23:38:53 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2013/07/13 23:38:53 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
[2013/07/13 23:38:53 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/07/13 23:38:52 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2013/07/13 23:38:52 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2013/07/13 23:38:52 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013/07/13 23:38:52 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2013/07/13 23:38:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2013/07/13 23:38:52 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2013/07/13 23:38:51 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/07/13 23:38:51 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
[2013/07/13 23:38:51 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2013/07/13 23:38:51 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2013/07/13 23:38:51 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2013/07/13 23:38:51 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2013/07/13 23:38:51 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2013/07/13 23:38:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2013/07/13 23:38:50 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2013/07/13 23:38:50 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2013/07/13 23:38:50 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2013/07/13 23:38:50 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/07/13 23:38:50 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2013/07/13 23:38:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2013/07/13 23:38:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
[2013/07/13 23:38:49 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2013/07/13 23:38:49 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2013/07/13 23:38:49 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/07/13 23:38:49 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2013/07/13 23:38:48 | 001,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2013/07/13 23:38:48 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
[2013/07/13 23:38:48 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2013/07/13 23:38:48 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/07/13 23:38:48 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
[2013/07/13 23:38:48 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2013/07/13 23:38:48 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2013/07/13 23:38:48 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
[2013/07/13 23:38:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2013/07/13 23:38:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2013/07/13 23:38:47 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2013/07/13 23:38:47 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2013/07/13 23:38:47 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/07/13 23:38:46 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
[2013/07/13 23:38:46 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2013/07/13 23:38:46 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2013/07/13 23:38:46 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2013/07/13 23:38:46 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2013/07/13 23:38:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2013/07/13 23:38:45 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
[2013/07/13 23:38:44 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2013/07/13 23:38:44 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2013/07/13 23:38:44 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2013/07/13 23:38:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2013/07/13 23:38:43 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2013/07/13 23:38:43 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2013/07/13 23:38:43 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2013/07/13 23:38:43 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/07/13 23:38:43 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2013/07/13 23:38:43 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2013/07/13 23:38:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
[2013/07/13 23:38:43 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2013/07/13 23:38:42 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
[2013/07/13 23:38:42 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2013/07/13 23:38:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2013/07/13 23:38:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
[2013/07/13 23:38:41 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2013/07/13 23:38:41 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2013/07/13 23:38:41 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
[2013/07/13 23:38:41 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2013/07/13 23:38:41 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2013/07/13 23:38:41 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
[2013/07/13 23:38:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2013/07/13 23:38:40 | 002,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2013/07/13 23:38:40 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2013/07/13 23:38:39 | 006,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
[2013/07/13 23:38:39 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2013/07/13 23:38:39 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/07/13 23:38:39 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
[2013/07/13 23:38:38 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2013/07/13 23:38:38 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2013/07/13 23:38:38 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2013/07/13 23:38:38 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2013/07/13 23:38:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2013/07/13 23:38:37 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2013/07/13 23:38:37 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2013/07/13 23:38:37 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2013/07/13 23:38:37 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2013/07/13 23:38:36 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2013/07/13 23:38:36 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2013/07/13 23:38:36 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2013/07/13 23:38:36 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/07/13 23:38:36 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2013/07/13 23:38:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
[2013/07/13 23:38:35 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
[2013/07/13 23:38:35 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/07/13 23:38:35 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2013/07/13 23:38:35 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2013/07/13 23:38:35 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
[2013/07/13 23:38:34 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2013/07/13 23:38:34 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2013/07/13 23:38:34 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2013/07/13 23:38:34 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/13 23:38:34 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2013/07/13 23:38:34 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2013/07/13 23:38:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2013/07/13 23:38:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2013/07/13 23:38:34 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
[2013/07/13 23:38:34 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2013/07/13 23:38:34 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2013/07/13 23:38:33 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2013/07/13 23:38:33 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2013/07/13 23:38:33 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2013/07/13 23:38:33 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2013/07/13 23:38:33 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/07/13 23:38:33 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
[2013/07/13 23:38:33 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2013/07/13 23:38:33 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2013/07/13 23:38:32 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2013/07/13 23:38:32 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2013/07/13 23:38:32 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2013/07/13 23:38:32 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2013/07/13 23:38:32 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2013/07/13 23:38:32 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
[2013/07/13 23:38:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
[2013/07/13 23:38:32 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
[2013/07/13 23:38:31 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2013/07/13 23:38:31 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2013/07/13 23:38:31 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/07/13 23:38:31 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2013/07/13 23:38:31 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2013/07/13 23:38:31 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2013/07/13 23:38:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/07/13 23:38:31 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
[2013/07/13 23:38:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2013/07/13 23:38:30 | 002,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2013/07/13 23:38:30 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2013/07/13 23:38:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2013/07/13 23:38:30 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
[2013/07/13 23:38:30 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2013/07/13 23:38:30 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2013/07/13 23:38:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2013/07/13 23:38:30 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
[2013/07/13 23:38:30 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/07/13 23:38:30 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2013/07/13 23:38:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2013/07/13 23:38:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
[2013/07/13 23:38:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2013/07/13 23:38:29 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2013/07/13 23:38:29 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2013/07/13 23:38:29 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
[2013/07/13 23:38:29 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2013/07/13 23:38:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/07/13 23:38:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
[2013/07/13 23:38:28 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/07/13 23:38:28 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2013/07/13 23:38:28 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2013/07/13 23:38:28 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2013/07/13 23:38:28 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2013/07/13 23:38:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
[2013/07/13 23:38:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2013/07/13 23:38:27 | 001,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
[2013/07/13 23:38:27 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
[2013/07/13 23:38:27 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2013/07/13 23:38:27 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/13 23:38:27 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2013/07/13 23:38:27 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
[2013/07/13 23:38:27 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2013/07/13 23:38:27 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
[2013/07/13 23:38:27 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2013/07/13 23:38:27 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2013/07/13 23:38:27 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
[2013/07/13 23:38:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2013/07/13 23:38:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
[2013/07/13 23:38:26 | 003,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2013/07/13 23:38:26 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
[2013/07/13 23:38:26 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/07/13 23:38:26 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2013/07/13 23:38:26 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2013/07/13 23:38:26 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\extmgr.dll
[2013/07/13 23:38:26 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2013/07/13 23:38:26 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\extmgr.dll
[2013/07/13 23:38:26 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
[2013/07/13 23:38:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2013/07/13 23:38:26 | 000,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2013/07/13 23:38:25 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2013/07/13 23:38:25 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
[2013/07/13 23:38:25 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2013/07/13 23:38:25 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
[2013/07/13 23:38:25 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2013/07/13 23:38:25 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2013/07/13 23:38:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
[2013/07/13 23:38:25 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/07/13 23:38:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2013/07/13 23:38:25 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
[2013/07/13 23:38:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
[2013/07/13 23:38:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
[2013/07/13 23:38:25 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
[2013/07/13 23:38:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
[2013/07/13 23:38:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
[2013/07/13 23:38:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
[2013/07/13 23:38:24 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2013/07/13 23:38:24 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2013/07/13 23:38:24 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
[2013/07/13 23:38:24 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
[2013/07/13 23:38:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2013/07/13 23:38:24 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2013/07/13 23:38:24 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/07/13 23:38:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2013/07/13 23:38:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2013/07/13 23:38:24 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
[2013/07/13 23:38:23 | 002,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
[2013/07/13 23:38:23 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
[2013/07/13 23:38:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
[2013/07/13 23:38:23 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
[2013/07/13 23:38:22 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2013/07/13 23:38:22 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2013/07/13 23:38:21 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2013/07/13 23:38:21 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
[2013/07/13 23:38:21 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2013/07/13 23:38:21 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2013/07/13 23:38:21 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2013/07/13 23:38:21 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
[2013/07/13 23:38:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
[2013/07/13 23:38:21 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
[2013/07/13 23:38:20 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2013/07/13 23:38:20 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/13 23:38:20 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2013/07/13 23:38:20 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2013/07/13 23:38:20 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
[2013/07/13 23:38:20 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
[2013/07/13 23:38:20 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
[2013/07/13 23:38:20 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2013/07/13 23:38:19 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2013/07/13 23:38:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
[2013/07/13 23:38:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2013/07/13 23:38:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2013/07/13 23:38:19 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
[2013/07/13 23:38:19 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
[2013/07/13 23:38:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
[2013/07/13 23:38:19 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/07/13 23:38:19 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2013/07/13 23:38:18 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2013/07/13 23:38:18 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2013/07/13 23:38:18 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2013/07/13 23:38:18 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2013/07/13 23:38:18 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
[2013/07/13 23:38:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2013/07/13 23:38:18 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2013/07/13 23:38:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2013/07/13 23:38:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2013/07/13 23:38:17 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2013/07/13 23:38:17 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2013/07/13 23:38:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2013/07/13 23:38:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2013/07/13 23:38:17 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
[2013/07/13 23:38:17 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2013/07/13 23:38:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
[2013/07/13 23:38:16 | 000,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2013/07/13 23:38:16 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2013/07/13 23:38:16 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2013/07/13 23:38:16 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2013/07/13 23:38:16 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
[2013/07/13 23:38:16 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2013/07/13 23:38:16 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/07/13 23:38:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2013/07/13 23:38:16 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2013/07/13 23:38:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2013/07/13 23:38:16 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
[2013/07/13 23:38:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2013/07/13 23:38:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
[2013/07/13 23:38:16 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2013/07/13 23:38:15 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2013/07/13 23:38:15 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2013/07/13 23:38:15 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2013/07/13 23:38:15 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2013/07/13 23:38:15 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/07/13 23:38:15 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
[2013/07/13 23:38:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
[2013/07/13 23:38:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2013/07/13 23:38:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2013/07/13 23:38:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2013/07/13 23:38:15 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/07/13 23:38:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2013/07/13 23:38:14 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2013/07/13 23:38:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2013/07/13 23:38:14 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
[2013/07/13 23:38:13 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2013/07/13 23:38:13 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2013/07/13 23:38:13 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2013/07/13 23:38:13 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2013/07/13 23:38:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
[2013/07/13 23:38:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2013/07/13 23:38:12 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2013/07/13 23:38:12 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2013/07/13 23:38:12 | 000,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
[2013/07/13 23:38:12 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2013/07/13 23:38:12 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2013/07/13 23:38:12 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
[2013/07/13 23:38:12 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2013/07/13 23:38:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2013/07/13 23:38:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
[2013/07/13 23:38:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2013/07/13 23:38:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
[2013/07/13 23:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2013/07/13 23:38:11 | 002,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2013/07/13 23:38:11 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2013/07/13 23:38:11 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2013/07/13 23:38:11 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
[2013/07/13 23:38:11 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2013/07/13 23:38:11 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2013/07/13 23:38:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
[2013/07/13 23:38:11 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
[2013/07/13 23:38:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2013/07/13 23:38:11 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
[2013/07/13 23:38:11 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2013/07/13 23:38:11 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
[2013/07/13 23:38:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2013/07/13 23:38:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2013/07/13 23:38:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2013/07/13 23:38:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
[2013/07/13 23:38:10 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2013/07/13 23:38:10 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2013/07/13 23:38:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2013/07/13 23:38:10 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
[2013/07/13 23:38:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
[2013/07/13 23:38:10 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2013/07/13 23:38:10 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/07/13 23:38:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2013/07/13 23:38:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2013/07/13 23:38:10 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2013/07/13 23:38:09 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2013/07/13 23:38:09 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
[2013/07/13 23:38:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2013/07/13 23:38:09 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2013/07/13 23:38:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2013/07/13 23:38:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2013/07/13 23:38:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2013/07/13 23:38:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2013/07/13 23:38:09 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
[2013/07/13 23:38:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
[2013/07/13 23:38:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2013/07/13 23:38:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
[2013/07/13 23:38:08 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2013/07/13 23:38:08 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2013/07/13 23:38:08 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2013/07/13 23:38:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2013/07/13 23:38:08 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2013/07/13 23:38:08 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
[2013/07/13 23:38:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
[2013/07/13 23:38:08 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2013/07/13 23:38:08 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2013/07/13 23:38:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2013/07/13 23:38:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
[2013/07/13 23:38:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
[2013/07/13 23:38:07 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2013/07/13 23:38:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2013/07/13 23:38:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
[2013/07/13 23:38:06 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2013/07/13 23:38:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
[2013/07/13 23:38:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
[2013/07/13 23:38:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2013/07/13 23:38:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2013/07/13 23:38:05 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2013/07/13 23:38:05 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2013/07/13 23:38:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2013/07/13 23:38:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
[2013/07/13 23:38:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
[2013/07/13 23:38:04 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2013/07/13 23:38:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/07/13 23:38:04 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/07/13 23:38:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2013/07/13 23:38:02 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2013/07/13 23:38:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/07/13 23:38:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/07/13 23:38:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
[2013/07/13 23:38:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
[2013/07/13 23:38:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2013/07/13 23:38:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2013/07/13 23:37:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2013/07/13 23:37:42 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2013/07/13 23:37:12 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2013/07/13 23:37:09 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
[2013/07/13 23:37:09 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2013/07/13 23:37:06 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2013/07/13 05:45:31 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\AOL
[2013/07/13 05:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2013/07/13 05:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
[2013/07/13 05:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2013/07/13 05:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Viewpoint
[2013/07/13 05:44:48 | 000,058,696 | ---- | C] (AOL Inc.) -- C:\Windows\SysWow64\AOLParconLink.exe
[2013/07/13 05:43:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
[2013/07/13 05:42:55 | 000,024,064 | ---- | C] (America Online, Inc.) -- C:\Windows\SysNative\drivers\wanatw64.sys
[2013/07/13 05:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2013/07/13 05:42:29 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\AOL
[2013/07/13 05:42:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL
[2013/07/13 05:42:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2013/07/13 05:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\aolshare
[2013/07/13 05:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL Desktop 9.7
[2013/07/13 05:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
[2013/07/13 05:41:01 | 000,000,000 | ---D | C] -- C:\AOL
[2013/07/13 05:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
[2013/07/13 02:31:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2013/07/13 02:31:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/07/13 02:31:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/07/13 02:31:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2013/07/13 02:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013/07/13 02:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2013/07/13 02:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013/07/13 02:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013/07/13 02:08:33 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Avira
[2013/07/13 02:07:58 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Mozilla
[2013/07/13 02:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/07/13 02:06:20 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/07/13 02:06:20 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/07/13 02:06:20 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/07/13 02:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/07/13 02:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013/07/13 01:56:32 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2013/07/13 01:56:32 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2013/07/13 01:56:32 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2013/07/13 01:56:32 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2013/07/13 01:56:32 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2013/07/13 01:56:32 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2013/07/13 01:56:32 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2013/07/13 01:56:31 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2013/07/13 01:36:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2013/07/13 01:36:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2013/07/13 00:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/07/13 00:30:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshhttp.dll
[2013/07/13 00:30:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2013/07/13 00:30:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2013/07/13 00:30:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2013/07/13 00:23:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2013/07/13 00:23:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll
[2013/07/13 00:23:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2013/07/13 00:23:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll
[2013/07/13 00:23:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2013/07/13 00:23:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2013/07/13 00:23:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll
[2013/07/13 00:23:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe
[2013/07/13 00:23:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2013/07/13 00:23:47 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe
[2013/07/13 00:23:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe
[2013/07/13 00:23:45 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll
[2013/07/13 00:23:45 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe
[2013/07/13 00:23:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll
[2013/07/13 00:23:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2013/07/13 00:23:45 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2013/07/13 00:23:45 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2013/07/13 00:23:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2013/07/13 00:23:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll
[2013/07/13 00:23:45 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2013/07/13 00:23:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2013/07/13 00:23:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2013/07/13 00:23:42 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll
[2013/07/13 00:23:42 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2013/07/13 00:23:42 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2013/07/13 00:23:42 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2013/07/13 00:23:42 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2013/07/13 00:23:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2013/07/13 00:23:42 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2013/07/13 00:23:42 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2013/07/13 00:23:42 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2013/07/13 00:23:42 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2013/07/13 00:11:34 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/07/13 00:11:34 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/07/13 00:11:32 | 000,759,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/07/13 00:11:32 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/13 00:11:32 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/07/13 00:11:32 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/07/13 00:11:32 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/07/13 00:11:32 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/07/13 00:11:32 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/13 00:11:31 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/07/13 00:11:31 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/07/13 00:11:31 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/07/13 00:11:30 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll
[2013/07/13 00:11:30 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2013/07/13 00:11:04 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013/07/13 00:11:04 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2013/07/13 00:10:41 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2013/07/13 00:10:41 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2013/07/13 00:10:41 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2013/07/13 00:10:41 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2013/07/13 00:10:40 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2013/07/13 00:10:40 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2013/07/13 00:10:40 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2013/07/13 00:10:40 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2013/07/13 00:10:40 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2013/07/13 00:10:40 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2013/07/13 00:10:39 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2013/07/13 00:10:39 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2013/07/13 00:10:39 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2013/07/13 00:10:39 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2013/07/13 00:10:39 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2013/07/13 00:10:39 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2013/07/13 00:10:39 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2013/07/13 00:10:37 | 004,699,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/07/13 00:10:36 | 001,585,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/07/13 00:10:15 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/07/13 00:10:14 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/07/13 00:10:13 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2013/07/13 00:10:13 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2013/07/13 00:10:13 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2013/07/13 00:10:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2013/07/13 00:10:07 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2013/07/13 00:10:07 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2013/07/13 00:10:06 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NETSTAT.EXE
[2013/07/13 00:10:06 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2013/07/13 00:10:06 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ARP.EXE
[2013/07/13 00:10:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ROUTE.EXE
[2013/07/13 00:10:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2013/07/13 00:10:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2013/07/13 00:10:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRINFO.EXE
[2013/07/13 00:10:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2013/07/13 00:10:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\finger.exe
[2013/07/13 00:10:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TCPSVCS.EXE
[2013/07/13 00:10:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HOSTNAME.EXE
[2013/07/13 00:10:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2013/07/13 00:10:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2013/07/13 00:10:06 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2013/07/13 00:09:38 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2013/07/13 00:09:00 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe
[2013/07/13 00:09:00 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2013/07/13 00:08:25 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2013/07/13 00:08:25 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2013/07/13 00:08:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2013/07/13 00:08:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.tlb
[2013/07/13 00:08:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2013/07/13 00:08:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amcompat.tlb
[2013/07/13 00:08:17 | 013,426,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/07/13 00:08:13 | 010,627,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/07/13 00:08:11 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/07/13 00:08:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2013/07/13 00:08:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2013/07/13 00:08:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2013/07/13 00:08:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2013/07/13 00:08:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2013/07/13 00:08:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2013/07/13 00:08:10 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/07/13 00:07:51 | 002,425,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/07/13 00:07:51 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/07/13 00:07:51 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/07/13 00:07:51 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/07/13 00:07:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/07/13 00:07:51 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/07/13 00:07:51 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tscupgrd.exe
[2013/07/13 00:07:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscupgrd.exe
[2013/07/13 00:07:50 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/07/13 00:07:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/07/13 00:07:49 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/07/13 00:07:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/07/13 00:07:48 | 001,305,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/07/13 00:07:46 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2013/07/13 00:07:46 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2013/07/13 00:07:42 | 002,900,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2013/07/13 00:07:41 | 003,547,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2013/07/13 00:07:40 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2013/07/13 00:07:40 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2013/07/13 00:07:40 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2013/07/13 00:07:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2013/07/13 00:07:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2013/07/13 00:07:40 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2013/07/13 00:07:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2013/07/13 00:07:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2013/07/13 00:07:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2013/07/13 00:07:38 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/07/13 00:07:37 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/07/13 00:07:34 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2013/07/13 00:07:34 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2013/07/13 00:07:33 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2013/07/13 00:07:33 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2013/07/13 00:07:33 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2013/07/13 00:07:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2013/07/13 00:07:30 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/07/13 00:07:08 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2013/07/13 00:07:07 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2013/07/13 00:07:01 | 001,210,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/07/13 00:06:53 | 001,398,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/07/13 00:06:53 | 001,360,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/07/13 00:06:53 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/07/13 00:06:52 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/07/13 00:06:39 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/07/13 00:06:39 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/07/13 00:06:39 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/07/13 00:06:38 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/07/13 00:06:38 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/07/13 00:06:38 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbeio.dll
[2013/07/13 00:06:38 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/07/13 00:06:38 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbeio.dll
[2013/07/13 00:06:33 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2013/07/13 00:06:33 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2013/07/13 00:06:32 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2013/07/13 00:06:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2013/07/13 00:06:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2013/07/13 00:06:32 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\L2SecHC.dll
[2013/07/13 00:06:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2013/07/13 00:06:32 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2013/07/13 00:06:32 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2013/07/13 00:06:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2013/07/13 00:06:28 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2013/07/13 00:06:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2013/07/13 00:06:26 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/07/13 00:06:26 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/07/13 00:06:25 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2013/07/13 00:06:25 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avifil32.dll
[2013/07/13 00:06:25 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciavi32.dll
[2013/07/13 00:06:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2013/07/13 00:06:25 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2013/07/13 00:06:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avicap32.dll
[2013/07/13 00:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/07/13 00:06:15 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/07/13 00:06:11 | 001,076,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/07/13 00:06:11 | 000,991,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/07/13 00:06:11 | 000,979,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/07/13 00:06:10 | 001,063,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/07/13 00:06:10 | 000,020,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/07/13 00:06:10 | 000,018,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/07/13 00:06:10 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/07/13 00:06:05 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/07/13 00:05:46 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2013/07/13 00:05:43 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
[2013/07/13 00:05:43 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
[2013/07/13 00:05:43 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
[2013/07/13 00:05:43 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2013/07/13 00:05:42 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/07/13 00:05:40 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/07/13 00:05:40 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/07/13 00:05:39 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/13 00:05:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/07/13 00:05:38 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/13 00:05:29 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/07/13 00:05:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/07/13 00:05:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/07/13 00:05:27 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2013/07/13 00:05:20 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2013/07/13 00:05:20 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/07/13 00:05:19 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2013/07/13 00:05:16 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl.dll
[2013/07/13 00:05:15 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2013/07/13 00:05:11 | 001,915,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2013/07/13 00:05:07 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2013/07/13 00:05:07 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2013/07/13 00:04:59 | 000,772,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/07/13 00:04:59 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2013/07/13 00:04:59 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2013/07/13 00:04:55 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/07/13 00:04:55 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/07/13 00:04:55 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/07/13 00:04:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/07/13 00:04:54 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2013/07/13 00:04:54 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2013/07/13 00:04:54 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/07/13 00:04:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/07/13 00:04:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/07/13 00:04:52 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2013/07/13 00:04:52 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2013/07/13 00:02:44 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Deployment
[2013/07/13 00:02:44 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Apps
[2013/07/12 23:50:29 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop\Antivirus
[2013/07/12 23:47:02 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Malwarebytes
[2013/07/12 23:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/12 23:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/12 23:46:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/07/12 23:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/07/12 23:42:27 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\SysWow64\igxpun.exe
[2013/07/12 23:42:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2013/07/12 23:42:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2013/07/12 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/07/12 23:41:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/07/12 23:37:52 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Adobe
[2013/07/12 23:37:39 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Google
[2013/07/12 23:37:39 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Google
[2013/07/12 23:21:21 | 014,033,923 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysNative\acer.exe
[2013/07/12 23:21:16 | 014,033,923 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\acer.exe
[2013/07/12 23:21:16 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Macromedia
[2013/07/12 23:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Incorporated
[2013/07/12 23:21:11 | 000,000,000 | ---D | C] -- C:\Windows\ACER
[2013/07/12 23:19:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013/07/12 23:18:45 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\PowerCinema
[2013/07/12 23:18:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2013/07/12 23:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2013/07/12 23:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/07/12 23:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/07/12 23:14:38 | 000,000,000 | ---D | C] -- C:\CLSetup
[2013/07/12 23:07:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista
[2013/07/12 23:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Inc
[2013/07/12 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
[2013/07/12 23:05:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2013/07/12 23:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2013/07/12 23:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/07/12 23:00:32 | 000,262,144 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2013/07/12 23:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye
[2013/07/12 23:00:22 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\InstallShield
[2013/07/12 22:59:10 | 000,409,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTKVAA64.EXE
[2013/07/12 22:58:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/07/12 22:57:03 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013/07/12 22:57:02 | 000,883,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013/07/12 22:57:02 | 000,605,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/07/12 22:57:02 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/07/12 22:57:02 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/07/12 22:57:02 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/07/12 22:57:02 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/07/12 22:57:01 | 006,495,264 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe
[2013/07/12 22:57:01 | 001,424,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013/07/12 22:57:01 | 001,393,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd64.exe
[2013/07/12 22:57:01 | 000,368,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013/07/12 22:57:01 | 000,245,248 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/07/12 22:57:01 | 000,053,760 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\ppChain.dll
[2013/07/12 22:57:01 | 000,050,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013/07/12 22:57:00 | 000,567,808 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CTAPO64.dll
[2013/07/12 22:57:00 | 000,497,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\CTAPO32.dll
[2013/07/12 22:57:00 | 000,160,768 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll
[2013/07/12 22:57:00 | 000,077,824 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\DaisyWrp.dll
[2013/07/12 22:57:00 | 000,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\ctppld.dll
[2013/07/12 22:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/07/12 22:56:59 | 000,528,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/07/12 22:56:59 | 000,319,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2013/07/12 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Leadertech
[2013/07/12 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Acer
[2013/07/12 22:56:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/12 22:55:43 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/07/12 22:55:43 | 000,000,000 | R--D | C] -- C:\Users\arwen\Searches
[2013/07/12 22:55:43 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/07/12 22:55:34 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Identities
[2013/07/12 22:55:31 | 000,000,000 | R--D | C] -- C:\Users\arwen\Contacts
[2013/07/12 22:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Partner
[2013/07/12 22:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/07/12 22:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/07/12 22:53:39 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\VirtualStore
[2013/07/12 22:53:19 | 000,000,000 | --SD | C] -- C:\Users\arwen\AppData\Roaming\Microsoft
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Videos
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Saved Games
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Pictures
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Music
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Links
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Favorites
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Downloads
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Documents
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\Desktop
[2013/07/12 22:53:19 | 000,000,000 | R--D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\AppData\Local\Temporary Internet Files
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Templates
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Start Menu
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\SendTo
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Recent
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\PrintHood
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\NetHood
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Documents\My Videos
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Documents\My Pictures
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Documents\My Music
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\My Documents
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Local Settings
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\AppData\Local\History
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Cookies
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\Application Data
[2013/07/12 22:53:19 | 000,000,000 | -HSD | C] -- C:\Users\arwen\AppData\Local\Application Data
[2013/07/12 22:53:19 | 000,000,000 | -H-D | C] -- C:\Users\arwen\AppData
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Temp
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Local\Microsoft
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Media Center Programs
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
[2013/07/12 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\arwen\AppData\Roaming\Acer GameZone Console

========== Files - Modified Within 30 Days ==========

[2013/07/16 06:21:14 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/16 06:21:14 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/16 06:21:13 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/16 06:16:18 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/16 06:14:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013/07/16 06:13:34 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 06:13:33 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 06:13:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/16 06:12:54 | 4220,379,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/16 06:08:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/16 06:02:47 | 000,000,977 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/16 05:53:36 | 000,306,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/15 22:05:45 | 000,174,316 | ---- | M] () -- C:\Users\arwen\Desktop\Calling - babies flat again 07-15-2013 20-5-58.jpg
[2013/07/15 22:01:42 | 000,110,444 | ---- | M] () -- C:\Users\arwen\Desktop\palemale-store_2245_788236037.jpg
[2013/07/15 21:11:06 | 000,140,701 | ---- | M] () -- C:\Users\arwen\Desktop\Palemale.jpg
[2013/07/15 20:10:34 | 000,224,162 | ---- | M] () -- C:\Users\arwen\Desktop\Taylor and Miles home alone 07-15-2013 8.10pm cst.jpg
[2013/07/15 20:10:12 | 000,220,618 | ---- | M] () -- C:\Users\arwen\Desktop\Taylor and Miles home alone 07-15-2013 8.09pm cst.jpg
[2013/07/15 20:05:33 | 000,213,375 | ---- | M] () -- C:\Users\arwen\Desktop\Babies home alone -15-2013 8.05pm.jpg
[2013/07/15 20:04:30 | 000,179,155 | ---- | M] () -- C:\Users\arwen\Desktop\Taylor and Miles home alone 07-15-2013 8.04pm cst.jpg
[2013/07/15 19:40:40 | 000,220,960 | ---- | M] () -- C:\Users\arwen\Desktop\Babies watching Iris land 0-15-2013 7.40pm cst.jpg
[2013/07/15 19:25:15 | 000,194,189 | ---- | M] () -- C:\Users\arwen\Desktop\feeding 4.jpg
[2013/07/15 19:24:35 | 000,189,333 | ---- | M] () -- C:\Users\arwen\Desktop\feeding 3.jpg
[2013/07/15 19:24:22 | 000,157,986 | ---- | M] () -- C:\Users\arwen\Desktop\feeding 2.jpg
[2013/07/15 19:23:13 | 000,188,635 | ---- | M] () -- C:\Users\arwen\Desktop\feedng 1.jpg
[2013/07/15 18:53:40 | 000,149,374 | ---- | M] () -- C:\Users\arwen\Desktop\Iris flapping her wings in the wind - chicks looking on 07-15-2013 6.52pm cst.jpg
[2013/07/15 07:58:34 | 000,003,584 | ---- | M] () -- C:\Users\arwen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/15 01:47:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\arwen\Desktop\OTL.exe
[2013/07/15 01:46:54 | 000,891,022 | ---- | M] () -- C:\Users\arwen\Desktop\SecurityCheck.exe
[2013/07/14 20:45:11 | 000,002,303 | ---- | M] () -- C:\Users\arwen\Desktop\whistle.gif
[2013/07/14 02:44:45 | 000,052,045 | ---- | M] () -- C:\Users\arwen\Desktop\new diamond 5.JPG
[2013/07/13 18:13:53 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/13 05:45:14 | 000,000,960 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2013/07/13 05:45:13 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2013/07/13 05:32:47 | 000,058,696 | ---- | M] (AOL Inc.) -- C:\Windows\SysWow64\AOLParconLink.exe
[2013/07/13 05:31:56 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2013/07/13 02:13:34 | 000,001,954 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013/07/13 02:03:22 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/07/13 02:03:22 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/07/13 02:03:22 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/07/13 01:48:52 | 000,000,375 | ---- | M] () -- C:\Users\arwen\Desktop\Everything - Shortcut.lnk
[2013/07/13 01:46:00 | 000,000,369 | ---- | M] () -- C:\Users\arwen\Desktop\HELLGATE - Shortcut.lnk
[2013/07/13 01:45:37 | 000,000,390 | ---- | M] () -- C:\Users\arwen\Desktop\MADIS & ESTONIA - Shortcut.lnk
[2013/07/13 01:43:28 | 000,002,053 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/13 00:14:22 | 000,055,074 | ---- | M] () -- C:\Users\arwen\Desktop\Paypal GE Capitol payment 07-13-2013.JPG
[2013/07/13 00:13:34 | 000,001,680 | ---- | M] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2013/07/12 23:47:35 | 000,047,092 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/07/12 23:36:30 | 000,001,092 | ---- | M] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Acer Product Registration.lnk
[2013/07/12 23:33:15 | 000,006,903 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2013/07/12 23:14:38 | 000,000,020 | ---- | M] () -- C:\Medion.ini
[2013/07/12 23:07:06 | 000,000,098 | ---- | M] () -- C:\Windows\GridV.UNI
[2013/07/12 23:05:39 | 000,000,089 | ---- | M] () -- C:\Windows\QtZgAcer.UNI
[2013/07/12 23:02:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/07/12 22:57:04 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013/07/12 22:56:59 | 000,319,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2013/07/12 22:53:46 | 000,016,080 | ---- | M] () -- C:\Windows\SysNative\results.xml

========== Files Created - No Company Name ==========

[2013/07/15 22:05:45 | 000,174,316 | ---- | C] () -- C:\Users\arwen\Desktop\Calling - babies flat again 07-15-2013 20-5-58.jpg
[2013/07/15 22:01:41 | 000,110,444 | ---- | C] () -- C:\Users\arwen\Desktop\palemale-store_2245_788236037.jpg
[2013/07/15 21:11:05 | 000,140,701 | ---- | C] () -- C:\Users\arwen\Desktop\Palemale.jpg
[2013/07/15 20:10:34 | 000,224,162 | ---- | C] () -- C:\Users\arwen\Desktop\Taylor and Miles home alone 07-15-2013 8.10pm cst.jpg
[2013/07/15 20:10:12 | 000,220,618 | ---- | C] () -- C:\Users\arwen\Desktop\Taylor and Miles home alone 07-15-2013 8.09pm cst.jpg
[2013/07/15 20:05:33 | 000,213,375 | ---- | C] () -- C:\Users\arwen\Desktop\Babies home alone -15-2013 8.05pm.jpg
[2013/07/15 20:04:29 | 000,179,155 | ---- | C] () -- C:\Users\arwen\Desktop\Taylor and Miles home alone 07-15-2013 8.04pm cst.jpg
[2013/07/15 19:40:40 | 000,220,960 | ---- | C] () -- C:\Users\arwen\Desktop\Babies watching Iris land 0-15-2013 7.40pm cst.jpg
[2013/07/15 19:25:15 | 000,194,189 | ---- | C] () -- C:\Users\arwen\Desktop\feeding 4.jpg
[2013/07/15 19:24:34 | 000,189,333 | ---- | C] () -- C:\Users\arwen\Desktop\feeding 3.jpg
[2013/07/15 19:24:21 | 000,157,986 | ---- | C] () -- C:\Users\arwen\Desktop\feeding 2.jpg
[2013/07/15 19:23:13 | 000,188,635 | ---- | C] () -- C:\Users\arwen\Desktop\feedng 1.jpg
[2013/07/15 18:53:40 | 000,149,374 | ---- | C] () -- C:\Users\arwen\Desktop\Iris flapping her wings in the wind - chicks looking on 07-15-2013 6.52pm cst.jpg
[2013/07/15 07:58:32 | 000,003,584 | ---- | C] () -- C:\Users\arwen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/15 01:46:54 | 000,891,022 | ---- | C] () -- C:\Users\arwen\Desktop\SecurityCheck.exe
[2013/07/14 20:45:10 | 000,002,303 | ---- | C] () -- C:\Users\arwen\Desktop\whistle.gif
[2013/07/14 02:44:42 | 000,052,045 | ---- | C] () -- C:\Users\arwen\Desktop\new diamond 5.JPG
[2013/07/13 23:40:11 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2013/07/13 23:40:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2013/07/13 23:39:59 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2013/07/13 23:39:38 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2013/07/13 23:39:37 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2013/07/13 23:39:34 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2013/07/13 23:39:34 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2013/07/13 23:39:30 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2013/07/13 23:39:07 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2013/07/13 23:39:05 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2013/07/13 23:39:05 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2013/07/13 23:39:01 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/07/13 23:38:29 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2013/07/13 23:38:29 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2013/07/13 23:38:04 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2013/07/13 23:38:04 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2013/07/13 05:45:14 | 000,000,960 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2013/07/13 05:45:13 | 000,000,872 | ---- | C] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2013/07/13 05:31:56 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2013/07/13 02:13:34 | 000,001,954 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013/07/13 01:48:52 | 000,000,375 | ---- | C] () -- C:\Users\arwen\Desktop\Everything - Shortcut.lnk
[2013/07/13 01:46:00 | 000,000,369 | ---- | C] () -- C:\Users\arwen\Desktop\HELLGATE - Shortcut.lnk
[2013/07/13 01:45:37 | 000,000,390 | ---- | C] () -- C:\Users\arwen\Desktop\MADIS & ESTONIA - Shortcut.lnk
[2013/07/13 00:23:43 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2013/07/13 00:23:43 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2013/07/13 00:23:43 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2013/07/13 00:23:43 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2013/07/13 00:23:43 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2013/07/13 00:23:43 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2013/07/13 00:14:18 | 000,055,074 | ---- | C] () -- C:\Users\arwen\Desktop\Paypal GE Capitol payment 07-13-2013.JPG
[2013/07/13 00:13:34 | 000,001,680 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2013/07/13 00:06:33 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2013/07/13 00:06:22 | 000,002,053 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/13 00:06:22 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/13 00:03:06 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/13 00:03:05 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/12 23:36:30 | 000,001,092 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Acer Product Registration.lnk
[2013/07/12 23:21:21 | 036,909,056 | ---- | C] () -- C:\Windows\SysNative\acer.scr
[2013/07/12 23:21:16 | 036,909,056 | ---- | C] () -- C:\Windows\SysWow64\Acer.scr
[2013/07/12 23:14:38 | 000,000,020 | ---- | C] () -- C:\Medion.ini
[2013/07/12 23:07:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013/07/12 23:07:06 | 000,000,098 | ---- | C] () -- C:\Windows\GridV.UNI
[2013/07/12 23:05:38 | 000,000,089 | ---- | C] () -- C:\Windows\QtZgAcer.UNI
[2013/07/12 23:02:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/07/12 23:00:32 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2013/07/12 23:00:32 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2013/07/12 23:00:32 | 000,004,838 | ---- | C] () -- C:\Windows\Suyin.reg
[2013/07/12 23:00:32 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2013/07/12 22:59:11 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2013/07/12 22:57:03 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2013/07/12 22:57:03 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2013/07/12 22:57:03 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2013/07/12 22:57:03 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2013/07/12 22:57:03 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2013/07/12 22:57:01 | 001,146,400 | ---- | C] () -- C:\Windows\SysNative\RTCOM64.dll
[2013/07/12 22:55:59 | 000,000,953 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/07/12 22:55:44 | 000,000,983 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/07/12 22:55:42 | 000,000,978 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/07/12 22:55:31 | 000,000,919 | ---- | C] () -- C:\Users\arwen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2013/07/12 22:54:45 | 000,000,977 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/12 22:54:38 | 000,001,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Registration.lnk
[2013/07/12 22:54:33 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Assist.lnk
[2013/07/12 22:53:49 | 4220,379,136 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/12 22:53:46 | 000,016,080 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2013/07/12 22:53:19 | 000,001,904 | ---- | C] () -- C:\Users\arwen\Desktop\Cyberlink PowerDirector.lnk
[2013/07/12 22:53:19 | 000,000,258 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/07/12 22:53:19 | 000,000,240 | ---- | C] () -- C:\Users\arwen\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/01/21 09:50:13 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 09:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

#144 CoolCat

Silver Member

Authentic Member
498 posts

Posted 16 July 2013 - 05:37 AM

OTL Extras logfile created on: 7/16/2013 6:20:30 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\arwen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 58.93% Memory free
8.03 Gb Paging File | 6.16 Gb Available in Paging File | 76.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 143.04 Gb Total Space | 90.10 Gb Free Space | 62.99% Space Free | Partition Type: NTFS
Drive D: | 139.50 Gb Total Space | 101.17 Gb Free Space | 72.52% Space Free | Partition Type: NTFS

Computer Name: ARWEN-PC | User Name: arwen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = B6 35 6B F7 23 82 CE 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027F224E-37C4-4213-BE25-0DDAAB32AB15}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe |
"{0A487301-F76F-4A82-8718-1CA34DF79449}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{14906BB3-7D4D-41B3-82F4-C39925B272F2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{163537B2-1126-4164-B7AD-4DEF10624E91}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe |
"{1B1C711B-720F-44FF-AB30-6C66EC7023F1}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{24F593A8-0123-4685-BB8E-422B093D04A3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{2B76DE92-E355-426C-BC56-F49F8FE917A7}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{2D66A76C-4C69-445C-ADCB-5634106E186B}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{4D6B8B74-083A-4D0B-B201-6248EBA0A4AC}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{5847E3B6-0031-4866-BF04-15B9D3E619A5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{67468C3C-5C39-4942-A381-BCA9DB50934A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{683361FB-A4B9-47F6-9B91-4F8B770E9253}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{6F7E378B-3922-4220-9F2F-418C01B861E5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{734FD059-CF27-49D4-9FF5-4A2F82F7C9CC}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{79F7A21C-BC60-4AE7-A1B3-7437852E4AF7}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{800BDF12-EEE3-417A-B3AC-7AE348B8919D}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{8C3F0811-F880-457C-8948-D2CD56172D48}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{8FD88B85-CC86-4BE5-ACA5-ACB0F2D6BE81}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1373719338\ee\aolsoftware.exe |
"{9F5CF71C-8E66-4C06-B519-165D39888873}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{9FFF7E5F-748A-4E2B-AFCF-3A6E4F03FA8A}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{A65D9AB7-771F-4B7A-843A-ED625AF37230}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{A89094F7-283A-40E1-A068-9AF07663F7C6}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{AA14E4F7-70AD-4E58-8E17-0BD50F0F87C8}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{C1B34878-2606-4C21-A7E1-92211DE23C7E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{CDC3C022-7345-4E1C-8F0A-1ADE539AC4B8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{E2A23FAE-07D6-4C6D-8ABF-3AB4514C52F7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{E7A64EC3-B52F-46C8-AE65-F4540F643F97}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{ECC2C5B7-25F1-4305-AF73-20E5B334EDD4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1373719338\ee\aolsoftware.exe |
"{FCB317F8-1932-4744-B630-80F3316F82FC}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{41564952-412D-5637-00A7-A758B70C0201}" = Avira SearchFree Toolbar plus Web Protection
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{A47642B2-4CB5-4325-8093-C88D4747953F}" = GeekBuddy
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Avira AntiVir Desktop" = Avira Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"ViewpointMediaPlayer" = Viewpoint Media Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/14/2013 5:33:47 AM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/14/2013 7:48:09 PM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/15/2013 4:22:51 AM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/15/2013 4:42:08 AM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/15/2013 4:47:22 AM | Computer Name = arwen-PC | Source = Application Error | ID = 1000
Description = Faulting application Toolbar.exe, version 21.1.0.607, time stamp 0x51bba2d8,
faulting module OLEAUT32.dll, version 6.0.6001.18565, time stamp 0x4d0f78bd, exception
code 0xc0000005, fault offset 0x000041e6, process id 0x131c, application start time
0x01ce8137866556bb.

Error - 7/15/2013 7:39:17 AM | Computer Name = arwen-PC | Source = Application Error | ID = 1000
Description = Faulting application Toolbar.exe, version 21.1.0.607, time stamp 0x51bba2d8,
faulting module OLEAUT32.dll, version 6.0.6001.18565, time stamp 0x4d0f78bd, exception
code 0xc0000005, fault offset 0x000041e6, process id 0x11e8, application start time
0x01ce814fe0967e8b.

Error - 7/15/2013 8:11:23 PM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/16/2013 1:11:25 AM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/16/2013 1:14:02 AM | Computer Name = arwen-PC | Source = Application Error | ID = 1000
Description = Faulting application Toolbar.exe, version 21.1.0.607, time stamp 0x51bba2d8,
faulting module OLEAUT32.dll, version 6.0.6001.18565, time stamp 0x4d0f78bd, exception
code 0xc0000005, fault offset 0x000041e6, process id 0x1050, application start time
0x01ce81e31c74f6fd.

Error - 7/16/2013 4:38:15 AM | Computer Name = arwen-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 7/13/2013 2:42:24 AM | Computer Name = arwen-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 7/13/2013 3:15:59 AM | Computer Name = arwen-PC | Source = DCOM | ID = 10010
Description =

Error - 7/13/2013 3:16:04 AM | Computer Name = arwen-PC | Source = DCOM | ID = 10010
Description =

Error - 7/13/2013 4:41:21 AM | Computer Name = arwen-PC | Source = HTTP | ID = 15016
Description =

Error - 7/13/2013 5:16:16 AM | Computer Name = arwen-PC | Source = DCOM | ID = 10010
Description =

Error - 7/13/2013 5:17:54 AM | Computer Name = arwen-PC | Source = HTTP | ID = 15016
Description =

Error - 7/13/2013 8:06:24 AM | Computer Name = arwen-PC | Source = HTTP | ID = 15016
Description =

Error - 7/13/2013 8:42:39 AM | Computer Name = arwen-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 7/13/2013 8:28:31 PM | Computer Name = arwen-PC | Source = HTTP | ID = 15016
Description =

Error - 7/13/2013 11:09:58 PM | Computer Name = arwen-PC | Source = HTTP | ID = 15016
Description =

< End of report >

#145 OCD

SuperHelper

Malware Team
5,574 posts

Posted 16 July 2013 - 07:55 AM

Hi CoolCat,

I see you are using the Windows Firewall. You stated earlier you deleted Comodo. If you NOT going to re-install Comodo complete the following (first) OTL step. If you will be re-installing Comodo SKIP the (first) OTL step.

=========================

1. Run OTL.exe

Windows Vista and Windows 7 users Right Click and select "Run as Administrator"

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:OTL
PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions Inc.)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
[2013/07/13 02:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013/07/13 02:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2013/07/13 02:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013/07/13 02:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo

:Files
C:\Program Files (x86)\Common Files\COMODO

:Services
GeekBuddyRSP
CLPSLauncher

:Reg

:Commands
[purity]
[createrestorepoint]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done

Adobe Flash Player 10
Adobe Reader 9

=========================

3. Adobe Flash Player:

Go to http://get.adobe.com...player/?no_ab=1

Remove the check mark from the box "Install Google Drive"
Click the Download button, and follow the onscreen directions to complete the installation.

Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

=========================

5. Adobe Reader:

Go to http://get.adobe.com.../otherversions/

Use the drop down menu's to select your operating system
Select your language > Select The current version of Adobe Reader for your language
Remove the check mark from the box "Free! McAfee Security Scan Plus"
Click the Download button, and follow the onscreen directions to complete the installation.

Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

=========================

6. Update Internet Explorer:

Go to http://www.microsoft...ails.aspx?id=43 to get the latest version (IE8).

=========================

7. Reboot

=========================

8. Security Check

Re-run Security Check by screen317.

Right click SecurityCheck.exe, select "Run as Administrator" and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

9. Re-run OTL (it should be located on your desktop).

Windows Vista and Windows 7 & 8 users Right Click and select "Run as Administrator" on the icon to run it.

Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Uncheck the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

In your next post please provide the following:
checkup.txt
OTL.txt
How is the computer running, any issues?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

Advertisements

Register to Remove

#146 CoolCat

Silver Member

Authentic Member
498 posts

Posted 16 July 2013 - 06:41 PM

I am still going to use Comodo but since it zaps everything before I can run it, I am waiting until we are done before I reinstall it. So, omit that first line? This one? PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)

#147 OCD

SuperHelper

Malware Team
5,574 posts

Posted 16 July 2013 - 09:52 PM

Hi CoolCat,

I am still going to use Comodo but since it zaps everything before I can run it, I am waiting until we are done before I reinstall it. So, omit that first line? This one?
PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)

FYI when you re-install Comodo it will still "zap everything" until you teach it how to treat each application.

No that is not correct. Skip Step 1. Complete Steps 2 through 9

Post the logs requested

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#148 OCD

SuperHelper

Malware Team
5,574 posts

Posted 19 July 2013 - 11:45 AM

Hi CoolCat, Just checking in to see if you still require assistance?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#149 CoolCat

Silver Member

Authentic Member
498 posts

Posted 19 July 2013 - 10:32 PM

Here are the logs. I don't know how the computer is running, yet. It disabled all the add-ons that I need such as my adblocker, etc.

Also, I already have IE 9 so what do you want me to do, delete that and download 8 instead?

Results of screen317's Security Check version 0.99.69
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Reader 10.1.4 Adobe Reader out of Date!
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

#150 CoolCat

Silver Member

Authentic Member
498 posts

Posted 19 July 2013 - 10:33 PM

Results of screen317's Security Check version 0.99.69
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Reader 10.1.4 Adobe Reader out of Date!
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Body Background

skin color theme