Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91699 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Newer computer with some bugs [Solved]


  • This topic is locked This topic is locked
54 replies to this topic

#16 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 21 May 2014 - 10:26 PM

Hi cabinover,

MBAM log should be located on your desktop, if not open the Malwarebytes program and locate the log files. Find the most recent one and post in your next reply. If you are still unsuccessful in locating the log, just run the program again.

=========================

bullseye_zpse9eaf36e.gif Run OTL.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Files
    C:\Config.Msi\12bde07b.rbf   
    C:\Config.Msi\12bde07c.rbf 
    C:\Program Files\Itynvrjvrrj
    C:\Program Files\TS
    C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3KZ9N35\SpeedUpMyPC-standalone-setup[1].exe
    C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp
    C:\Windows\System32\msduncerc.dll
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote
    C:\Windows\System32\MPK
    D:\Program Files\Image-Line\FL Studio 9\FL.exe
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptytemp]
    [emptyjava]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
=========================

bullseye_zpse9eaf36e.gif Re- run AdwCleaner

It should be on your desktop
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that log file in your next reply.
  • A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================

bullseye_zpse9eaf36e.gif Re-run OTL (it should be located on your desktop).
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Uncheck the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
    Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.
=========================

In your next post please provide the following:
  • OTL fix log
  • AdwCleaner[S1].txt
  • Fresh OTL.txt
  • MBAM.txt
  • Describe any symptoms you are experiencing?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

    Advertisements

Register to Remove


#17 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 22 May 2014 - 03:57 AM

Could only find protection logs in MalwareBytes log files so I'm running it again. One question I have about a program on this computer. REFOGKEYLOGGER seems to be caught everytime MB scans so I looked up what it is online. I have no use for this spy program and MB spends a crazy amount of time finding all of it's parts. Can I get rid of this program?

 

Still running scans



#18 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 22 May 2014 - 08:38 AM

Hi cabinover,

Yes we can get rid of that program. Although it doesn't appear to be showing in the Program and Features (Control Panel).

Please continue with the scans requested. If MBAM will not complete, go ahead and stop it and complete the remainder of the steps requested.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#19 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 22 May 2014 - 04:21 PM

OK, here's what I can tell you. The version of MalwareBytes I have installed doesn't offer a quick scan so I used the threat scan. It will run all the way through the heuristics scan (where it finds some 15955 problems) and then hangs. Until then it finds 2 PUPs that are related to VUZEremote and two other things but I can't remember what they are at the moment. I get no log from it.

 

Here are the rest of the scans as requested.

 

All processes killed
========== FILES ==========
C:\Config.Msi\12bde07b.rbf moved successfully.
C:\Config.Msi\12bde07c.rbf moved successfully.
C:\Program Files\Itynvrjvrrj\Log\Visual folder moved successfully.
C:\Program Files\Itynvrjvrrj\Log\Text folder moved successfully.
C:\Program Files\Itynvrjvrrj\Log\Audio folder moved successfully.
C:\Program Files\Itynvrjvrrj\Log folder moved successfully.
C:\Program Files\Itynvrjvrrj folder moved successfully.
C:\Program Files\TS\Images folder moved successfully.
C:\Program Files\TS\Help\English folder moved successfully.
C:\Program Files\TS\Help folder moved successfully.
C:\Program Files\TS folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3KZ9N35\SpeedUpMyPC-standalone-setup[1].exe moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\{C040438A-E18D-4DEB-9265-74BA4D596417} folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\WPDNSE folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\plugtmp-3 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\plugtmp-2 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\plugtmp-1 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\plugtmp folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\outlook logging folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_10.0.40219 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\Low folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\KB2789642_10.0.30319 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\KB2742595_10.0.30319 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\KB2737019_10.0.30319 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\KB2729449_10.0.30319 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\KB2656351_10.0.30319 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\KB2604121_10.0.30319 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\is-KP5LI.tmp\_isetup folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\is-KP5LI.tmp folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\comtypes_cache\speedupmypc-27 folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\comtypes_cache folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\acro_rd_dir folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\668368e6ab4a804dbcd98b490d615b folder moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp folder moved successfully.
C:\Windows\System32\msduncerc.dll moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\UserDefinedItems folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\SearchInNewTab folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Rss folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_en-us\ToolbarTranslation folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_en-us folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\ToolbarSettings folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\ToolbarLogin folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\DynamicDialogs folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\AppsMetaData folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Repository folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B} folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\plugins folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\MyStuffApps folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Logs folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\ExternalComponent folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\EmailNotifier folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\UntrustedAppPendingDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\UntrustedAppApprovalDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\UntrustedAddedAppDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\UninstallDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\ToolbarUntrustedAppsApprovalDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\ToolbarFirstTimeDialog\images folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\ToolbarFirstTimeDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorRetakeoverDialog\Images folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorRetakeoverDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorDialog\Images folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorBubbleDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\NewSearchProtectorDialog\images folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\NewSearchProtectorDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\EngineFirstTimeDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\DetectedAppDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\DefualtImages folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs\AddedAppDialog folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\Dialogs folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\CacheIcons folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote folder moved successfully.
C:\Windows\System32\MPK\Lang folder moved successfully.
C:\Windows\System32\MPK\Images folder moved successfully.
C:\Windows\System32\MPK\Help\Spanish folder moved successfully.
C:\Windows\System32\MPK\Help\German folder moved successfully.
C:\Windows\System32\MPK\Help\English folder moved successfully.
C:\Windows\System32\MPK\Help folder moved successfully.
C:\Windows\System32\MPK folder moved successfully.
D:\Program Files\Image-Line\FL Studio 9\FL.exe moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Temporary Internet Files folder emptied: 159593008 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21437378 bytes
->Flash cache emptied: 1301 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 381869 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 17572697 bytes
 
Total Files Cleaned = 190.00 mb
 
 
[EMPTYJAVA]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Java cache emptied: 0 bytes
 
User: Default
 
User: Default User
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Java cache emptied: 0 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Flash cache emptied: 0 bytes
 
User: Default
 
User: Default User
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05222014_174234

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

# AdwCleaner v3.210 - Report created 22/05/2014 at 17:53:11
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Owner - HEDGEWYTCH-PC
# Running from : C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (en-US)

*************************

AdwCleaner[R0].txt - [7453 octets] - [01/05/2014 05:30:27]
AdwCleaner[R1].txt - [1472 octets] - [14/05/2014 06:20:32]
AdwCleaner[R2].txt - [1020 octets] - [22/05/2014 06:37:29]
AdwCleaner[R3].txt - [1078 octets] - [22/05/2014 06:44:26]
AdwCleaner[R4].txt - [1139 octets] - [22/05/2014 16:07:04]
AdwCleaner[R5].txt - [1199 octets] - [22/05/2014 16:20:30]
AdwCleaner[R6].txt - [1253 octets] - [22/05/2014 16:23:54]
AdwCleaner[R7].txt - [1231 octets] - [22/05/2014 17:52:41]
AdwCleaner[S0].txt - [7623 octets] - [01/05/2014 05:31:37]
AdwCleaner[S2].txt - [1319 octets] - [22/05/2014 16:24:20]
AdwCleaner[S3].txt - [1153 octets] - [22/05/2014 17:53:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1213 octets] ##########
 

OTL logfile created on: 5/22/2014 6:03:08 PM - Run 9
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner.Hedgewytch-PC\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.94 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 56.40% Memory free
5.87 Gb Paging File | 4.61 Gb Available in Paging File | 78.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42.23 Gb Total Space | 5.16 Gb Free Space | 12.22% Space Free | Partition Type: NTFS
Drive D: | 255.86 Gb Total Space | 77.80 Gb Free Space | 30.41% Space Free | Partition Type: NTFS
 
Computer Name: HEDGEWYTCH-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\SoftPlanet Software Assistant\spassist.exe (Secure Download Ltd.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (wdserver) -- C:\Program Files\WatchDog\wdserver.exe File not found
SRV - (MPKService) -- C:\Program Files\TS\MPKSrv.exe File not found
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (vzandnetndis) -- system32\DRIVERS\lgvzandnetndis.sys File not found
DRV - (vzandnetmodem) -- system32\DRIVERS\lgvzandnetmdm.sys File not found
DRV - (vzandnetdiag2) -- system32\DRIVERS\lgvzandnetdiag2.sys File not found
DRV - (vzandnetdiag) -- system32\DRIVERS\lgvzandnetdiag.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (sxuptp) -- system32\DRIVERS\sxuptp.sys File not found
DRV - (MRESP50) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS File not found
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found
DRV - (asd2fsm) -- system32\DRIVERS\asd2fsm.sys File not found
DRV - (ap02luce) --  File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (NdisrdMP) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (Ndisrd) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (BCMH43XX) -- C:\Windows\System32\drivers\bcmwlhigh6.sys (Broadcom Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (MAUSBJAMLAB) -- C:\Windows\System32\drivers\MAudioJamLab.sys (Avid Technology, Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows ® 2000 DDK provider)
DRV - (ndicql) -- C:\Windows\System32\drivers\ndicql.sys (NT Kernel Resources)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 A2 B5 81 BE 64 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8D5C4B23-2F5E-489D-80FF-FD763EC6D55D}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Users\Hedgewytch\Music\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/24 12:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/09 19:28:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/09 19:28:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2014/04/30 20:56:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014/05/01 06:12:09 | 000,000,000 | ---D | M]
 
[2014/04/30 18:34:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Extensions
[2014/05/19 17:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Firefox\Profiles\utjaaxox.default-1400525861152\extensions
[2014/05/09 19:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/09 19:28:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2011/10/19 13:48:44 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=928 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A7196C0-70A5-4E78-83F5-933097E17B24}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\ts\mpkts.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\MPK\mpk.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell\AutoRun\command - "" = K:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell\AutoRun\command - "" = L:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/22 17:49:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp
[2014/05/21 21:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/21 21:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/21 21:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/05/21 05:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/05/20 19:17:23 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/20 19:17:23 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/05/20 19:17:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/05/20 19:17:22 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/05/20 19:17:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/20 19:17:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/05/20 19:17:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/20 19:17:21 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/20 19:17:21 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/05/20 19:17:21 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/20 19:17:21 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/05/20 19:17:21 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/20 19:17:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/20 19:17:20 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/20 19:17:20 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/20 19:17:20 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/20 19:17:20 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/20 19:17:20 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/05/20 19:17:20 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/05/20 19:17:20 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/05/20 19:17:20 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/05/20 19:17:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/20 19:17:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/20 19:17:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/05/20 19:17:19 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/20 19:17:19 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/20 19:17:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/20 19:17:18 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/05/20 19:17:18 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/20 19:17:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/05/20 19:17:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/05/20 19:17:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/20 19:17:18 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/05/20 19:17:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/20 19:17:17 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/20 19:17:17 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/20 19:17:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/20 19:17:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/05/20 19:17:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/05/20 19:17:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/05/20 19:17:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/05/20 19:17:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/05/20 19:17:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/05/20 19:16:21 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/05/20 19:16:21 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/20 19:16:21 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/20 19:15:59 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/05/20 19:15:59 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/20 19:15:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/20 19:14:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/20 19:14:47 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/05/20 19:14:47 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/05/20 19:14:47 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014/05/20 19:14:47 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/05/20 19:14:47 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/05/20 19:14:47 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/05/20 19:14:47 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/05/20 19:14:47 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014/05/20 19:14:47 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/05/20 19:14:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/05/20 19:14:47 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/20 19:14:46 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/05/20 19:14:46 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/05/20 19:14:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/20 19:14:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014/05/20 19:12:18 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/20 18:20:01 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/05/20 18:20:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/05/20 17:55:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014/05/20 17:54:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014/05/20 17:37:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/05/20 17:26:47 | 002,557,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2014/05/20 16:58:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2014/05/20 16:58:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014/05/20 16:58:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/05/20 16:58:28 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2014/05/20 16:58:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2014/05/20 16:58:27 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2014/05/20 16:58:26 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/05/20 16:58:24 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/05/20 16:58:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/05/20 16:58:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/05/20 16:58:22 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2014/05/20 16:58:21 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/05/20 16:58:20 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014/05/20 16:58:20 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2014/05/20 16:58:18 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2014/05/20 16:58:18 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2014/05/20 16:58:16 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/05/20 16:58:15 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2014/05/20 16:58:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014/05/20 16:58:11 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2014/05/20 16:58:10 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2014/05/20 16:58:09 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2014/05/20 16:58:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/05/20 16:58:09 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2014/05/20 16:58:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2014/05/20 16:58:07 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014/05/20 16:58:07 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2014/05/20 16:58:06 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014/05/20 16:58:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/05/20 16:58:05 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014/05/20 16:58:05 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2014/05/20 16:58:04 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2014/05/20 16:58:03 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2014/05/20 16:58:02 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014/05/20 16:58:01 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2014/05/20 16:58:00 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2014/05/20 16:58:00 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2014/05/20 16:58:00 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014/05/20 16:57:59 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/05/20 16:57:59 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2014/05/20 16:57:59 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2014/05/20 16:57:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/05/20 16:57:58 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/05/20 16:57:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2014/05/20 16:57:57 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2014/05/20 16:57:57 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2014/05/20 16:57:57 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/05/20 16:57:56 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2014/05/20 16:57:55 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2014/05/20 16:57:55 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2014/05/20 16:57:54 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2014/05/20 16:57:54 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2014/05/20 16:57:53 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2014/05/20 16:57:53 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2014/05/20 16:57:53 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/05/20 16:57:53 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2014/05/20 16:57:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2014/05/20 16:57:52 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2014/05/20 16:57:52 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/05/20 16:57:51 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2014/05/20 16:57:51 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2014/05/20 16:57:51 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014/05/20 16:57:51 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2014/05/20 16:57:51 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2014/05/20 16:57:49 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2014/05/20 16:57:49 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2014/05/20 16:57:48 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2014/05/20 16:57:48 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2014/05/20 16:57:48 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2014/05/20 16:57:47 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2014/05/20 16:57:47 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014/05/20 16:57:47 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014/05/20 16:57:47 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2014/05/20 16:57:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2014/05/20 16:57:45 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/05/20 16:57:45 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/05/20 16:57:45 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/05/20 16:57:45 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/05/20 16:57:45 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2014/05/20 16:57:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014/05/20 16:57:45 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2014/05/20 16:57:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2014/05/20 16:57:43 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2014/05/20 16:57:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2014/05/20 16:57:42 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/05/20 16:57:41 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014/05/20 16:57:41 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014/05/20 16:57:41 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2014/05/20 16:57:41 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014/05/20 16:57:40 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014/05/20 16:57:40 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2014/05/20 16:57:40 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2014/05/20 16:57:40 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/05/20 16:57:40 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2014/05/20 16:57:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014/05/20 16:57:39 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014/05/20 16:57:39 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2014/05/20 16:57:39 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2014/05/20 16:57:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2014/05/20 16:57:39 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2014/05/20 16:57:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014/05/20 16:57:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014/05/20 16:57:37 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2014/05/20 16:57:35 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2014/05/20 16:57:35 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014/05/20 16:57:34 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/05/20 16:57:34 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2014/05/20 16:57:34 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2014/05/20 16:57:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/20 16:57:34 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2014/05/20 16:57:33 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2014/05/20 16:57:33 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2014/05/20 16:57:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2014/05/20 16:57:31 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2014/05/20 16:57:31 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2014/05/20 16:57:31 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014/05/20 16:57:31 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2014/05/20 16:57:31 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/05/20 16:57:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014/05/20 16:57:30 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014/05/20 16:57:30 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2014/05/20 16:57:30 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/05/20 16:57:30 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014/05/20 16:57:30 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014/05/20 16:57:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2014/05/20 16:57:29 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2014/05/20 16:57:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2014/05/20 16:57:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2014/05/20 16:57:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014/05/20 16:57:28 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014/05/20 16:57:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2014/05/20 16:57:28 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2014/05/20 16:57:28 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/05/20 16:57:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2014/05/20 16:57:28 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/05/20 16:57:28 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2014/05/20 16:57:27 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2014/05/20 16:57:27 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/05/20 16:57:27 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2014/05/20 16:57:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2014/05/20 16:57:26 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2014/05/20 16:57:25 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014/05/20 16:57:25 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014/05/20 16:57:24 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2014/05/20 16:57:24 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2014/05/20 16:57:24 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2014/05/20 16:57:24 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/05/20 16:57:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2014/05/20 16:57:23 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/05/20 16:57:23 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2014/05/20 16:57:22 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2014/05/20 16:57:21 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014/05/20 16:57:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2014/05/20 16:57:20 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014/05/20 16:57:19 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2014/05/20 16:57:19 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2014/05/20 16:57:19 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2014/05/20 16:57:19 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2014/05/20 16:57:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2014/05/20 16:57:18 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2014/05/20 16:57:18 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2014/05/20 16:57:18 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2014/05/20 16:57:18 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2014/05/20 16:57:17 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2014/05/20 16:57:17 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2014/05/20 16:57:17 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2014/05/20 16:57:17 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2014/05/20 16:57:17 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2014/05/20 16:57:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2014/05/20 16:57:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2014/05/20 16:57:17 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2014/05/20 16:57:17 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2014/05/20 16:57:16 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2014/05/20 16:57:16 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014/05/20 16:57:16 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014/05/20 16:57:16 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/05/20 16:57:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2014/05/20 16:57:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2014/05/20 16:57:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2014/05/20 16:57:13 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014/05/20 16:57:13 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014/05/20 16:57:13 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2014/05/20 16:57:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/05/20 16:57:13 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2014/05/20 16:57:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2014/05/20 16:57:13 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2014/05/20 16:57:13 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/05/20 16:57:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2014/05/20 16:57:12 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2014/05/20 16:57:12 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2014/05/20 16:57:12 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014/05/20 16:57:12 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2014/05/20 16:57:12 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/05/20 16:57:12 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2014/05/20 16:57:12 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014/05/20 16:57:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014/05/20 16:57:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2014/05/20 16:57:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2014/05/20 16:57:11 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2014/05/20 16:57:11 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2014/05/20 16:57:11 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2014/05/20 16:57:11 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014/05/20 16:57:10 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2014/05/20 16:57:10 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2014/05/20 16:57:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2014/05/20 16:57:10 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2014/05/20 16:57:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2014/05/20 16:57:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2014/05/20 16:57:09 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014/05/20 16:57:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2014/05/20 16:57:09 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2014/05/20 16:57:09 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2014/05/20 16:57:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014/05/20 16:57:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/05/20 16:57:09 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2014/05/20 16:57:09 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2014/05/20 16:57:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2014/05/20 16:57:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014/05/20 16:57:08 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2014/05/20 16:57:08 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2014/05/20 16:57:07 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2014/05/20 16:57:07 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2014/05/20 16:57:07 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2014/05/20 16:57:07 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2014/05/20 16:57:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2014/05/20 16:57:07 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/05/20 16:57:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2014/05/20 16:57:06 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/05/20 16:57:06 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014/05/20 16:57:06 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2014/05/20 16:57:06 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2014/05/20 16:57:06 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2014/05/20 16:57:06 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2014/05/20 16:57:06 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2014/05/20 16:57:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2014/05/20 16:57:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2014/05/20 16:57:05 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2014/05/20 16:57:05 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014/05/20 16:57:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2014/05/20 16:57:05 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2014/05/20 16:57:05 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2014/05/20 16:57:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2014/05/20 16:57:05 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2014/05/20 16:57:04 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2014/05/20 16:57:04 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014/05/20 16:57:04 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2014/05/20 16:57:04 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2014/05/20 16:57:04 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2014/05/20 16:57:04 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2014/05/20 16:57:04 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2014/05/20 16:57:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/05/20 16:57:04 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/05/20 16:57:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2014/05/20 16:57:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2014/05/20 16:57:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2014/05/20 16:57:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2014/05/20 16:57:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/05/20 16:57:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2014/05/20 16:57:03 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2014/05/20 16:57:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2014/05/20 16:57:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2014/05/20 16:57:03 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2014/05/20 16:57:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2014/05/20 16:57:01 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2014/05/20 16:57:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2014/05/20 16:57:00 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/05/20 16:57:00 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/05/20 16:57:00 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2014/05/20 16:57:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2014/05/20 16:57:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2014/05/20 16:57:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2014/05/20 16:56:59 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2014/05/20 16:56:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2014/05/20 16:56:59 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2014/05/20 16:56:59 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2014/05/20 16:56:59 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2014/05/20 16:56:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2014/05/20 16:56:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2014/05/20 16:56:58 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2014/05/20 16:56:58 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2014/05/20 16:56:58 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2014/05/20 16:56:58 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014/05/20 16:56:57 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2014/05/20 16:56:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2014/05/20 16:56:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2014/05/20 16:56:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014/05/20 16:56:57 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2014/05/20 16:56:57 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2014/05/20 16:56:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014/05/20 16:56:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2014/05/20 16:56:56 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014/05/20 16:56:55 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2014/05/20 16:56:55 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2014/05/20 16:56:55 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2014/05/20 16:56:55 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2014/05/20 16:56:55 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2014/05/20 16:56:54 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2014/05/20 16:56:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2014/05/20 16:56:54 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014/05/20 16:56:54 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2014/05/20 16:56:54 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2014/05/20 16:56:54 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2014/05/20 16:56:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2014/05/20 16:56:53 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2014/05/20 16:56:53 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2014/05/20 16:56:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2014/05/20 16:56:53 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2014/05/20 16:56:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2014/05/20 16:56:53 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2014/05/20 16:56:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2014/05/20 16:56:52 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2014/05/20 16:56:52 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2014/05/20 16:56:52 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/05/20 16:56:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2014/05/20 16:56:52 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2014/05/20 16:56:51 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2014/05/20 16:56:51 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2014/05/20 16:56:51 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2014/05/20 16:56:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/05/20 16:56:51 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2014/05/20 16:56:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2014/05/20 16:56:50 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2014/05/20 16:56:50 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2014/05/20 16:56:50 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2014/05/20 16:56:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2014/05/20 16:56:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2014/05/20 16:56:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2014/05/20 16:56:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2014/05/20 16:56:50 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2014/05/20 16:56:49 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2014/05/20 16:56:49 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2014/05/20 16:56:49 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2014/05/20 16:56:48 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2014/05/20 16:56:48 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2014/05/20 16:56:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014/05/20 16:56:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2014/05/20 16:56:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2014/05/20 16:56:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2014/05/20 16:56:48 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2014/05/20 16:56:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2014/05/20 16:56:47 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2014/05/20 16:56:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2014/05/20 16:56:47 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2014/05/20 16:56:47 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2014/05/20 16:56:47 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2014/05/20 16:56:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2014/05/20 16:56:47 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2014/05/20 16:56:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2014/05/20 16:56:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2014/05/20 16:56:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2014/05/20 16:56:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014/05/20 16:56:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2014/05/20 16:56:46 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2014/05/20 16:56:46 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2014/05/20 16:56:46 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2014/05/20 16:56:46 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2014/05/20 16:56:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2014/05/20 16:56:46 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2014/05/20 16:56:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2014/05/20 16:56:46 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2014/05/20 16:56:46 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2014/05/20 16:56:46 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2014/05/20 16:56:46 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2014/05/20 16:56:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2014/05/20 16:56:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/05/20 16:56:45 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014/05/20 16:56:45 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2014/05/20 16:56:45 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2014/05/20 16:56:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2014/05/20 16:56:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2014/05/20 16:56:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2014/05/20 16:56:44 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014/05/20 16:56:44 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2014/05/20 16:56:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2014/05/20 16:56:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2014/05/20 16:56:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2014/05/20 16:56:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2014/05/20 16:56:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2014/05/20 16:56:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2014/05/20 16:56:43 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2014/05/20 16:56:43 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2014/05/20 16:56:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2014/05/20 16:56:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2014/05/20 16:56:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2014/05/20 16:56:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2014/05/20 16:56:42 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014/05/20 16:56:42 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2014/05/20 16:56:42 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2014/05/20 16:56:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/05/20 16:56:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2014/05/20 16:56:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2014/05/20 16:56:42 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2014/05/20 16:56:42 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2014/05/20 16:56:42 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2014/05/20 16:56:42 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2014/05/20 16:56:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2014/05/20 16:56:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014/05/20 16:56:42 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2014/05/20 16:56:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2014/05/20 16:56:41 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2014/05/20 16:56:41 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2014/05/20 16:56:41 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2014/05/20 16:56:41 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2014/05/20 16:56:41 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/05/20 16:56:41 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/05/20 16:56:41 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2014/05/20 16:56:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2014/05/20 16:56:41 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014/05/20 16:56:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2014/05/20 16:56:41 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2014/05/20 16:56:41 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2014/05/20 16:56:41 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2014/05/20 16:56:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2014/05/20 16:56:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2014/05/20 16:56:41 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2014/05/20 16:56:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2014/05/20 16:56:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2014/05/20 16:56:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/05/20 16:56:40 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/05/20 16:56:40 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2014/05/20 16:56:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2014/05/20 16:56:40 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2014/05/20 16:56:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2014/05/20 16:56:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2014/05/20 16:56:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014/05/20 16:56:40 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2014/05/20 16:56:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2014/05/20 16:56:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2014/05/20 16:56:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2014/05/20 16:56:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2014/05/20 16:56:39 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2014/05/20 16:56:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2014/05/20 16:56:38 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2014/05/20 16:56:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2014/05/20 16:56:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2014/05/20 16:56:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2014/05/20 16:56:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2014/05/20 16:56:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2014/05/20 16:56:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2014/05/20 16:56:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2014/05/20 16:56:36 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2014/05/20 16:56:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014/05/20 16:56:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2014/05/20 16:56:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2014/05/20 16:56:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014/05/20 16:56:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2014/05/20 16:56:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2014/05/20 16:56:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2014/05/20 16:56:35 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2014/05/20 16:56:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2014/05/20 16:56:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2014/05/20 16:56:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2014/05/20 16:56:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2014/05/20 16:56:34 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2014/05/20 16:56:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2014/05/20 16:56:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2014/05/20 16:56:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014/05/20 16:56:34 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2014/05/20 16:56:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2014/05/20 16:56:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2014/05/20 16:56:32 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2014/05/20 16:56:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2014/05/20 16:56:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2014/05/20 16:56:31 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2014/05/20 16:56:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2014/05/20 16:56:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2014/05/20 16:56:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2014/05/20 16:56:29 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2014/05/20 16:56:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2014/05/20 16:56:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2014/05/20 16:56:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2014/05/20 16:56:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2014/05/20 16:56:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2014/05/20 16:56:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2014/05/20 16:56:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2014/05/20 16:56:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2014/05/20 16:56:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2014/05/20 16:56:26 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2014/05/20 16:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2014/05/20 16:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2014/05/20 16:56:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2014/05/20 16:56:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014/05/20 16:56:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2014/05/20 16:56:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2014/05/20 16:56:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2014/05/20 16:56:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014/05/20 16:56:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2014/05/20 16:56:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/05/20 16:56:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2014/05/20 16:56:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2014/05/20 16:56:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2014/05/20 16:56:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2014/05/20 16:56:23 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2014/05/20 16:56:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2014/05/20 16:56:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2014/05/20 16:56:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2014/05/20 16:56:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2014/05/20 16:56:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2014/05/20 16:56:00 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2014/05/20 16:56:00 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2014/05/20 16:55:52 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2014/05/20 16:55:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2014/05/20 16:55:44 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014/05/20 16:55:14 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2014/05/20 16:55:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014/05/20 16:50:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014/05/20 16:50:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/05/20 16:50:24 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/05/20 16:50:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/05/20 16:48:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/05/20 16:48:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2014/05/20 16:48:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014/05/20 16:47:21 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2014/05/20 16:47:16 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014/05/20 16:47:15 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2014/05/20 16:47:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2014/05/20 16:47:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2014/05/20 16:47:03 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/05/20 16:46:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/05/20 16:46:12 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2014/05/20 16:46:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2014/05/20 16:46:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2014/05/20 16:45:38 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014/05/20 16:45:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2014/05/20 16:45:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014/05/20 16:45:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014/05/20 16:45:16 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/05/20 16:45:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014/05/20 16:45:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014/05/20 16:45:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2014/05/20 16:17:19 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014/05/20 16:17:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014/05/20 16:17:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014/05/20 16:17:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014/05/20 16:17:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/20 16:17:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014/05/20 16:17:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014/05/20 16:17:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014/05/20 16:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014/05/20 16:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014/05/20 16:08:19 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014/05/20 16:08:18 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/05/20 16:08:04 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/05/20 16:08:04 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/05/20 16:08:04 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014/05/20 16:07:52 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/05/20 16:07:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/05/19 14:57:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Old Firefox Data
[2014/05/18 07:10:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/14 06:45:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/13 14:19:14 | 000,192,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2014/05/13 14:17:24 | 000,237,848 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2014/05/13 14:17:22 | 000,210,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2014/05/13 14:17:22 | 000,122,136 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[2014/05/13 14:17:20 | 000,149,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2014/05/13 14:17:20 | 000,107,288 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2014/05/13 14:09:12 | 000,198,936 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2014/05/13 14:04:36 | 000,027,416 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2014/05/13 14:04:34 | 000,021,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2014/05/12 09:28:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014/05/10 08:26:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe
[2014/05/09 19:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\AVG2014
[2014/05/09 06:18:52 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\PC Speed Maximizer
[2014/05/09 06:01:56 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/09 06:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/09 06:01:40 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/09 06:01:40 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/09 06:01:40 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/08 16:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014/05/08 06:05:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Avg2014
[2014/05/08 06:04:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\MFAData
[2014/05/06 20:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/06 20:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/06 20:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2014/05/06 17:16:04 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\HpUpdate
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Skidoo
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Savage info
[2014/05/03 19:23:10 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Recipes
[2014/05/03 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\MP3 Rocket New
[2014/05/03 19:21:45 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Hygiene
[2014/05/03 19:21:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Franco Belge boiler
[2014/05/03 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Alex's Folder
[2014/05/02 13:31:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search_files
[2014/05/01 20:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/05/01 18:55:24 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\ElevatedDiagnostics
[2014/05/01 06:16:34 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Microsoft Office
[2014/05/01 06:15:54 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/01 06:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2014/05/01 06:05:43 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft Help
[2014/05/01 06:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/01 05:54:32 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\OpenOffice.org
[2014/05/01 05:30:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/01 05:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/04/30 21:06:06 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\Add-in Express
[2014/04/30 21:01:23 | 000,880,040 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 21:01:22 | 000,802,728 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:59:39 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Oracle
[2014/04/30 20:59:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/04/30 20:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/04/30 20:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/04/30 20:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/04/30 20:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/04/30 20:48:37 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:48:18 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/30 20:48:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:48:17 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/04/30 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple
[2014/04/30 20:09:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\dvdcss
[2014/04/30 20:08:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\vlc
[2014/04/30 20:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/04/30 20:02:09 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple Computer
[2014/04/30 20:01:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\SoftPlanet
[2014/04/30 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\SoftPlanet Software Assistant
[2014/04/30 20:01:33 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Programs
[2014/04/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Macromedia
[2014/04/30 18:36:55 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Macromedia
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Mozilla
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Mozilla
[2014/04/30 18:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/04/30 18:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/04/30 17:50:35 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/04/30 17:50:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014/04/29 19:54:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Adobe
[2014/04/29 19:54:07 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Apple Computer
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Searches
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/29 19:53:53 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/29 19:53:42 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Identities
[2014/04/29 19:53:39 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Contacts
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temporary Internet Files
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Templates
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Start Menu
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\SendTo
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Recent
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\PrintHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\NetHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Videos
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Pictures
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Music
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\My Documents
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Local Settings
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\History
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Cookies
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Application Data
[2014/04/29 19:50:01 | 000,000,000 | --SD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Videos
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Saved Games
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Pictures
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Music
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Links
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Favorites
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Downloads
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/29 19:50:01 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\TuneUp Software
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Media Center Programs
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\IObit
[2014/04/29 19:49:48 | 000,000,000 | ---D | C] -- C:\Microsoft
[2014/04/29 19:49:09 | 000,000,000 | ---D | C] -- C:\logs
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/22 18:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/22 18:01:18 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/22 18:01:18 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/22 18:00:27 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/22 18:00:27 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/22 17:56:20 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/22 17:56:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/22 17:56:07 | 2364,399,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/22 17:11:35 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/22 17:08:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/22 16:23:29 | 001,326,389 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
[2014/05/21 21:52:10 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/20 20:20:34 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/20 19:46:39 | 001,071,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/05/20 19:17:23 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/20 19:17:23 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/05/20 19:17:23 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/05/20 19:17:22 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/05/20 19:17:22 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/20 19:17:22 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/05/20 19:17:22 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/20 19:17:21 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/20 19:17:21 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/05/20 19:17:21 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/20 19:17:21 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/05/20 19:17:21 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/20 19:17:21 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/20 19:17:20 | 001,967,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/20 19:17:20 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/20 19:17:20 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/20 19:17:20 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/20 19:17:20 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/05/20 19:17:20 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/05/20 19:17:20 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/05/20 19:17:20 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/05/20 19:17:20 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/20 19:17:20 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/20 19:17:20 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/05/20 19:17:20 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/05/20 19:17:19 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/20 19:17:19 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/20 19:17:19 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/20 19:17:18 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/05/20 19:17:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/20 19:17:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/05/20 19:17:18 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/05/20 19:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/20 19:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/05/20 19:17:18 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/05/20 19:17:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/20 19:17:17 | 004,254,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/20 19:17:17 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/20 19:17:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/20 19:17:17 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/05/20 19:17:17 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/05/20 19:17:17 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/05/20 19:17:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/05/20 19:17:17 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/05/20 19:16:21 | 003,969,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/05/20 19:16:21 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/20 19:16:21 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/20 19:15:59 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/05/20 19:15:59 | 000,187,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/20 19:15:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/20 19:14:47 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/05/20 19:14:47 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/20 19:14:47 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/05/20 19:14:47 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/05/20 19:14:47 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014/05/20 19:14:47 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/05/20 19:14:47 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/05/20 19:14:47 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/05/20 19:14:47 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/05/20 19:14:47 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014/05/20 19:14:47 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/05/20 19:14:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/05/20 19:14:47 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/20 19:14:46 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/05/20 19:14:46 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/20 19:14:46 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014/05/20 19:12:18 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/20 18:36:34 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2014/05/20 00:14:40 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/18 14:13:42 | 000,000,764 | RHS- | M] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/05/14 17:15:21 | 000,000,554 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.zip
[2014/05/14 12:06:37 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/14 12:06:37 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/14 06:18:19 | 000,000,512 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.dat
[2014/05/13 14:19:14 | 000,192,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2014/05/13 14:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2014/05/13 14:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2014/05/13 14:17:22 | 000,122,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[2014/05/13 14:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2014/05/13 14:17:20 | 000,107,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2014/05/13 14:09:12 | 000,198,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2014/05/13 14:04:36 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2014/05/13 14:04:34 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2014/05/12 07:26:08 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/12 07:25:58 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/10 08:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe
[2014/05/02 13:31:16 | 000,968,688 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/04/30 20:48:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:47:55 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:47:55 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:47:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:47:51 | 000,880,040 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 20:47:51 | 000,802,728 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:11:34 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/30 18:29:36 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/30 17:44:48 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
 
========== Files Created - No Company Name ==========
 
[2014/05/22 16:23:28 | 001,326,389 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
[2014/05/21 21:52:10 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/20 19:49:29 | 000,001,426 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/20 19:17:20 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/05/20 16:58:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014/05/20 16:58:14 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/05/20 16:56:40 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014/05/20 16:56:34 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2014/05/20 16:56:22 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2014/05/14 17:15:21 | 000,000,554 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.zip
[2014/05/14 06:18:19 | 000,000,512 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.dat
[2014/05/09 16:36:32 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/09 06:01:46 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/03 19:24:05 | 000,023,396 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\mad smile.JPG
[2014/05/02 13:31:12 | 000,968,688 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/04/30 20:03:21 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/30 18:29:36 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:51:37 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/29 19:53:18 | 000,000,764 | RHS- | C] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/04/29 19:50:02 | 000,000,290 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/29 19:50:02 | 000,000,272 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/10/18 16:18:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\createcert.exe
[2012/02/12 15:27:56 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Trance Pad
[2012/02/12 15:27:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/02/12 15:27:56 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Woodwind
[2012/02/12 15:27:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Track Settings
[2012/02/12 15:27:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/02/12 15:27:55 | 000,000,012 | RH-- | C] () -- C:\ProgramData\WebServer
[2012/02/12 15:27:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Themes
[2012/02/12 15:27:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/02/12 15:27:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Vocal Transformer
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:8927A071

< End of report >
 

 

All of the MB files that it is finding are MPK, in C:/users/allusers I think.

 

I really appreciate the help even though this is really frustrating. :)



#20 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 22 May 2014 - 07:50 PM

Hi cabinover,
 

I really appreciate the help even though this is really frustrating.

You're quite welcome. We are making progress so let's focus on that and we'll try and get through this as quickly as possible.

=========================

bullseye_zpse9eaf36e.gif Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
  • SoftPlanet Software Assistant
=========================

bullseye_zpse9eaf36e.gif Run OTL.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    PRC - C:\Program Files\SoftPlanet Software Assistant\spassist.exe (Secure Download Ltd.)
    [2014/04/30 20:01:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\SoftPlanet
    [2014/04/30 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\SoftPlanet Software Assistant
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
=========================

Do you have the paid version of MBAM?

Go to Start > All Programs> Malwarebytes Antimalware > Tools > Malwarebytes Antimalware Chameleon and it will take you to this page
ChameleonPic.jpg

Then click on the first link to run Malwarebytes and if wont run try the next one until one of them runs

In your next post please provide the following:
  • OTL fix log
  • MBAM.txt
  • Fresh OTL.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#21 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 23 May 2014 - 04:43 AM

I have the free version of MBAM. The scan does run but after the heuristic analysis section is done it hangs. Tried one Chameleon this morning with the same results. Was going to grab the hang information but even that wasn't happening this morning. Will try the other ones later today after work. Maybe I need to uninstall and reinstall MBAM?

 

Just so you know, I'm not frustrated with your help or the computer. I was frustrated yesterday at myself because I couldn't remember which scans were which, I had too many on my desktop and ended up just redoing all of them. lol

 

I could not find SoftPlanet nor it's subs in Program uninstall. I remember getting rid of it a while ago.

 

Here are the OTL scans and a Notepad of what MBAM did find before it lost it's mind again. If Vuze is a bit-torrent thing I have no use for it and will remove if you say so.

 

All processes killed
========== OTL ==========
No active process named spassist.exe was found!
Folder C:\Users\Owner.Hedgewytch-PC\AppData\Local\SoftPlanet\ not found.
C:\Program Files\SoftPlanet Software Assistant folder moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Temp folder emptied: 485113 bytes
->Temporary Internet Files folder emptied: 462933 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 122858247 bytes
->Flash cache emptied: 1726 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 79094 bytes
 
Total Files Cleaned = 118.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05232014_052825

Files\Folders moved on Reboot...
File\Folder C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\~DF65578CD967415B12.TMP not found!
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp\~DFA0A051B49B80AB7B.TMP moved successfully.
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

OTL logfile created on: 5/23/2014 6:23:17 AM - Run 10
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner.Hedgewytch-PC\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.94 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 58.37% Memory free
5.87 Gb Paging File | 4.65 Gb Available in Paging File | 79.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42.23 Gb Total Space | 5.14 Gb Free Space | 12.17% Space Free | Partition Type: NTFS
Drive D: | 255.86 Gb Total Space | 77.80 Gb Free Space | 30.41% Space Free | Partition Type: NTFS
 
Computer Name: HEDGEWYTCH-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (wdserver) -- C:\Program Files\WatchDog\wdserver.exe File not found
SRV - (MPKService) -- C:\Program Files\TS\MPKSrv.exe File not found
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (vzandnetndis) -- system32\DRIVERS\lgvzandnetndis.sys File not found
DRV - (vzandnetmodem) -- system32\DRIVERS\lgvzandnetmdm.sys File not found
DRV - (vzandnetdiag2) -- system32\DRIVERS\lgvzandnetdiag2.sys File not found
DRV - (vzandnetdiag) -- system32\DRIVERS\lgvzandnetdiag.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (sxuptp) -- system32\DRIVERS\sxuptp.sys File not found
DRV - (MRESP50) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS File not found
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found
DRV - (asd2fsm) -- system32\DRIVERS\asd2fsm.sys File not found
DRV - (aekq1bzs) --  File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (NdisrdMP) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (Ndisrd) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (BCMH43XX) -- C:\Windows\System32\drivers\bcmwlhigh6.sys (Broadcom Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (MAUSBJAMLAB) -- C:\Windows\System32\drivers\MAudioJamLab.sys (Avid Technology, Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows ® 2000 DDK provider)
DRV - (ndicql) -- C:\Windows\System32\drivers\ndicql.sys (NT Kernel Resources)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 A2 B5 81 BE 64 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8D5C4B23-2F5E-489D-80FF-FD763EC6D55D}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Users\Hedgewytch\Music\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/24 12:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/09 19:28:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/09 19:28:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2014/04/30 20:56:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014/05/01 06:12:09 | 000,000,000 | ---D | M]
 
[2014/04/30 18:34:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Extensions
[2014/05/19 17:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Firefox\Profiles\utjaaxox.default-1400525861152\extensions
[2014/05/09 19:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/09 19:28:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2011/10/19 13:48:44 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=928 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A7196C0-70A5-4E78-83F5-933097E17B24}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\ts\mpkts.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\MPK\mpk.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell\AutoRun\command - "" = K:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell\AutoRun\command - "" = L:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/22 18:19:02 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\OneNote Notebooks
[2014/05/22 17:49:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp
[2014/05/21 21:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/21 21:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/21 21:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/05/21 05:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/05/20 19:17:23 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/20 19:17:23 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/05/20 19:17:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/05/20 19:17:22 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/05/20 19:17:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/20 19:17:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/05/20 19:17:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/20 19:17:21 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/20 19:17:21 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/05/20 19:17:21 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/20 19:17:21 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/05/20 19:17:21 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/20 19:17:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/20 19:17:20 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/20 19:17:20 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/20 19:17:20 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/20 19:17:20 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/20 19:17:20 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/05/20 19:17:20 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/05/20 19:17:20 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/05/20 19:17:20 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/05/20 19:17:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/20 19:17:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/20 19:17:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/05/20 19:17:19 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/20 19:17:19 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/20 19:17:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/20 19:17:18 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/05/20 19:17:18 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/20 19:17:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/05/20 19:17:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/05/20 19:17:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/20 19:17:18 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/05/20 19:17:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/20 19:17:17 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/20 19:17:17 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/20 19:17:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/20 19:17:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/05/20 19:17:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/05/20 19:17:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/05/20 19:17:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/05/20 19:17:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/05/20 19:17:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/05/20 19:16:21 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/05/20 19:16:21 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/20 19:16:21 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/20 19:15:59 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/05/20 19:15:59 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/20 19:15:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/20 19:14:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/20 19:14:47 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/05/20 19:14:47 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/05/20 19:14:47 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014/05/20 19:14:47 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/05/20 19:14:47 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/05/20 19:14:47 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/05/20 19:14:47 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/05/20 19:14:47 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014/05/20 19:14:47 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/05/20 19:14:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/05/20 19:14:47 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/20 19:14:46 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/05/20 19:14:46 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/05/20 19:14:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/20 19:14:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014/05/20 19:12:18 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/20 18:20:01 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/05/20 18:20:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/05/20 17:55:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014/05/20 17:54:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014/05/20 17:37:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/05/20 17:26:47 | 002,557,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2014/05/20 16:58:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2014/05/20 16:58:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014/05/20 16:58:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/05/20 16:58:28 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2014/05/20 16:58:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2014/05/20 16:58:27 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2014/05/20 16:58:26 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/05/20 16:58:24 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/05/20 16:58:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/05/20 16:58:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/05/20 16:58:22 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2014/05/20 16:58:21 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/05/20 16:58:20 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014/05/20 16:58:20 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2014/05/20 16:58:18 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2014/05/20 16:58:18 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2014/05/20 16:58:16 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/05/20 16:58:15 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2014/05/20 16:58:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014/05/20 16:58:11 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2014/05/20 16:58:10 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2014/05/20 16:58:09 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2014/05/20 16:58:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/05/20 16:58:09 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2014/05/20 16:58:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2014/05/20 16:58:07 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014/05/20 16:58:07 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2014/05/20 16:58:06 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014/05/20 16:58:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/05/20 16:58:05 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014/05/20 16:58:05 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2014/05/20 16:58:04 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2014/05/20 16:58:03 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2014/05/20 16:58:02 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014/05/20 16:58:01 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2014/05/20 16:58:00 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2014/05/20 16:58:00 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2014/05/20 16:58:00 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014/05/20 16:57:59 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/05/20 16:57:59 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2014/05/20 16:57:59 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2014/05/20 16:57:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/05/20 16:57:58 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/05/20 16:57:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2014/05/20 16:57:57 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2014/05/20 16:57:57 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2014/05/20 16:57:57 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/05/20 16:57:56 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2014/05/20 16:57:55 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2014/05/20 16:57:55 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2014/05/20 16:57:54 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2014/05/20 16:57:54 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2014/05/20 16:57:53 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2014/05/20 16:57:53 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2014/05/20 16:57:53 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/05/20 16:57:53 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2014/05/20 16:57:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2014/05/20 16:57:52 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2014/05/20 16:57:52 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/05/20 16:57:51 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2014/05/20 16:57:51 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2014/05/20 16:57:51 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014/05/20 16:57:51 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2014/05/20 16:57:51 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2014/05/20 16:57:49 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2014/05/20 16:57:49 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2014/05/20 16:57:48 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2014/05/20 16:57:48 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2014/05/20 16:57:48 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2014/05/20 16:57:47 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2014/05/20 16:57:47 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014/05/20 16:57:47 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014/05/20 16:57:47 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2014/05/20 16:57:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2014/05/20 16:57:45 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/05/20 16:57:45 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/05/20 16:57:45 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/05/20 16:57:45 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/05/20 16:57:45 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2014/05/20 16:57:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014/05/20 16:57:45 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2014/05/20 16:57:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2014/05/20 16:57:43 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2014/05/20 16:57:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2014/05/20 16:57:42 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/05/20 16:57:41 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014/05/20 16:57:41 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014/05/20 16:57:41 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2014/05/20 16:57:41 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014/05/20 16:57:40 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014/05/20 16:57:40 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2014/05/20 16:57:40 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2014/05/20 16:57:40 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/05/20 16:57:40 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2014/05/20 16:57:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014/05/20 16:57:39 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014/05/20 16:57:39 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2014/05/20 16:57:39 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2014/05/20 16:57:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2014/05/20 16:57:39 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2014/05/20 16:57:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014/05/20 16:57:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014/05/20 16:57:37 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2014/05/20 16:57:35 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2014/05/20 16:57:35 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014/05/20 16:57:34 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/05/20 16:57:34 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2014/05/20 16:57:34 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2014/05/20 16:57:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/20 16:57:34 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2014/05/20 16:57:33 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2014/05/20 16:57:33 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2014/05/20 16:57:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2014/05/20 16:57:31 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2014/05/20 16:57:31 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2014/05/20 16:57:31 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014/05/20 16:57:31 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2014/05/20 16:57:31 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/05/20 16:57:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014/05/20 16:57:30 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014/05/20 16:57:30 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2014/05/20 16:57:30 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/05/20 16:57:30 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014/05/20 16:57:30 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014/05/20 16:57:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2014/05/20 16:57:29 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2014/05/20 16:57:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2014/05/20 16:57:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2014/05/20 16:57:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014/05/20 16:57:28 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014/05/20 16:57:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2014/05/20 16:57:28 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2014/05/20 16:57:28 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/05/20 16:57:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2014/05/20 16:57:28 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/05/20 16:57:28 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2014/05/20 16:57:27 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2014/05/20 16:57:27 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/05/20 16:57:27 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2014/05/20 16:57:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2014/05/20 16:57:26 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2014/05/20 16:57:25 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014/05/20 16:57:25 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014/05/20 16:57:24 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2014/05/20 16:57:24 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2014/05/20 16:57:24 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2014/05/20 16:57:24 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/05/20 16:57:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2014/05/20 16:57:23 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/05/20 16:57:23 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2014/05/20 16:57:22 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2014/05/20 16:57:21 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014/05/20 16:57:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2014/05/20 16:57:20 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014/05/20 16:57:19 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2014/05/20 16:57:19 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2014/05/20 16:57:19 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2014/05/20 16:57:19 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2014/05/20 16:57:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2014/05/20 16:57:18 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2014/05/20 16:57:18 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2014/05/20 16:57:18 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2014/05/20 16:57:18 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2014/05/20 16:57:17 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2014/05/20 16:57:17 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2014/05/20 16:57:17 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2014/05/20 16:57:17 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2014/05/20 16:57:17 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2014/05/20 16:57:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2014/05/20 16:57:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2014/05/20 16:57:17 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2014/05/20 16:57:17 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2014/05/20 16:57:16 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2014/05/20 16:57:16 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014/05/20 16:57:16 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014/05/20 16:57:16 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/05/20 16:57:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2014/05/20 16:57:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2014/05/20 16:57:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2014/05/20 16:57:13 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014/05/20 16:57:13 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014/05/20 16:57:13 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2014/05/20 16:57:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/05/20 16:57:13 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2014/05/20 16:57:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2014/05/20 16:57:13 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2014/05/20 16:57:13 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/05/20 16:57:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2014/05/20 16:57:12 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2014/05/20 16:57:12 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2014/05/20 16:57:12 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014/05/20 16:57:12 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2014/05/20 16:57:12 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/05/20 16:57:12 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2014/05/20 16:57:12 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014/05/20 16:57:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014/05/20 16:57:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2014/05/20 16:57:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2014/05/20 16:57:11 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2014/05/20 16:57:11 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2014/05/20 16:57:11 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2014/05/20 16:57:11 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014/05/20 16:57:10 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2014/05/20 16:57:10 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2014/05/20 16:57:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2014/05/20 16:57:10 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2014/05/20 16:57:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2014/05/20 16:57:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2014/05/20 16:57:09 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014/05/20 16:57:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2014/05/20 16:57:09 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2014/05/20 16:57:09 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2014/05/20 16:57:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014/05/20 16:57:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/05/20 16:57:09 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2014/05/20 16:57:09 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2014/05/20 16:57:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2014/05/20 16:57:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014/05/20 16:57:08 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2014/05/20 16:57:08 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2014/05/20 16:57:07 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2014/05/20 16:57:07 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2014/05/20 16:57:07 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2014/05/20 16:57:07 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2014/05/20 16:57:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2014/05/20 16:57:07 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/05/20 16:57:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2014/05/20 16:57:06 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/05/20 16:57:06 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014/05/20 16:57:06 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2014/05/20 16:57:06 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2014/05/20 16:57:06 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2014/05/20 16:57:06 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2014/05/20 16:57:06 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2014/05/20 16:57:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2014/05/20 16:57:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2014/05/20 16:57:05 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2014/05/20 16:57:05 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014/05/20 16:57:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2014/05/20 16:57:05 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2014/05/20 16:57:05 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2014/05/20 16:57:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2014/05/20 16:57:05 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2014/05/20 16:57:04 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2014/05/20 16:57:04 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014/05/20 16:57:04 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2014/05/20 16:57:04 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2014/05/20 16:57:04 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2014/05/20 16:57:04 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2014/05/20 16:57:04 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2014/05/20 16:57:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/05/20 16:57:04 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/05/20 16:57:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2014/05/20 16:57:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2014/05/20 16:57:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2014/05/20 16:57:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2014/05/20 16:57:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/05/20 16:57:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2014/05/20 16:57:03 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2014/05/20 16:57:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2014/05/20 16:57:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2014/05/20 16:57:03 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2014/05/20 16:57:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2014/05/20 16:57:01 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2014/05/20 16:57:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2014/05/20 16:57:00 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/05/20 16:57:00 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/05/20 16:57:00 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2014/05/20 16:57:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2014/05/20 16:57:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2014/05/20 16:57:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2014/05/20 16:56:59 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2014/05/20 16:56:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2014/05/20 16:56:59 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2014/05/20 16:56:59 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2014/05/20 16:56:59 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2014/05/20 16:56:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2014/05/20 16:56:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2014/05/20 16:56:58 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2014/05/20 16:56:58 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2014/05/20 16:56:58 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2014/05/20 16:56:58 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014/05/20 16:56:57 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2014/05/20 16:56:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2014/05/20 16:56:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2014/05/20 16:56:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014/05/20 16:56:57 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2014/05/20 16:56:57 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2014/05/20 16:56:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014/05/20 16:56:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2014/05/20 16:56:56 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014/05/20 16:56:55 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2014/05/20 16:56:55 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2014/05/20 16:56:55 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2014/05/20 16:56:55 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2014/05/20 16:56:55 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2014/05/20 16:56:54 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2014/05/20 16:56:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2014/05/20 16:56:54 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014/05/20 16:56:54 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2014/05/20 16:56:54 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2014/05/20 16:56:54 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2014/05/20 16:56:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2014/05/20 16:56:53 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2014/05/20 16:56:53 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2014/05/20 16:56:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2014/05/20 16:56:53 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2014/05/20 16:56:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2014/05/20 16:56:53 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2014/05/20 16:56:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2014/05/20 16:56:52 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2014/05/20 16:56:52 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2014/05/20 16:56:52 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/05/20 16:56:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2014/05/20 16:56:52 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2014/05/20 16:56:51 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2014/05/20 16:56:51 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2014/05/20 16:56:51 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2014/05/20 16:56:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/05/20 16:56:51 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2014/05/20 16:56:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2014/05/20 16:56:50 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2014/05/20 16:56:50 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2014/05/20 16:56:50 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2014/05/20 16:56:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2014/05/20 16:56:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2014/05/20 16:56:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2014/05/20 16:56:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2014/05/20 16:56:50 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2014/05/20 16:56:49 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2014/05/20 16:56:49 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2014/05/20 16:56:49 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2014/05/20 16:56:48 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2014/05/20 16:56:48 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2014/05/20 16:56:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014/05/20 16:56:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2014/05/20 16:56:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2014/05/20 16:56:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2014/05/20 16:56:48 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2014/05/20 16:56:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2014/05/20 16:56:47 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2014/05/20 16:56:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2014/05/20 16:56:47 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2014/05/20 16:56:47 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2014/05/20 16:56:47 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2014/05/20 16:56:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2014/05/20 16:56:47 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2014/05/20 16:56:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2014/05/20 16:56:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2014/05/20 16:56:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2014/05/20 16:56:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014/05/20 16:56:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2014/05/20 16:56:46 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2014/05/20 16:56:46 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2014/05/20 16:56:46 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2014/05/20 16:56:46 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2014/05/20 16:56:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2014/05/20 16:56:46 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2014/05/20 16:56:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2014/05/20 16:56:46 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2014/05/20 16:56:46 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2014/05/20 16:56:46 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2014/05/20 16:56:46 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2014/05/20 16:56:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2014/05/20 16:56:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/05/20 16:56:45 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014/05/20 16:56:45 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2014/05/20 16:56:45 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2014/05/20 16:56:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2014/05/20 16:56:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2014/05/20 16:56:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2014/05/20 16:56:44 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014/05/20 16:56:44 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2014/05/20 16:56:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2014/05/20 16:56:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2014/05/20 16:56:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2014/05/20 16:56:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2014/05/20 16:56:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2014/05/20 16:56:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2014/05/20 16:56:43 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2014/05/20 16:56:43 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2014/05/20 16:56:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2014/05/20 16:56:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2014/05/20 16:56:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2014/05/20 16:56:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2014/05/20 16:56:42 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014/05/20 16:56:42 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2014/05/20 16:56:42 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2014/05/20 16:56:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/05/20 16:56:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2014/05/20 16:56:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2014/05/20 16:56:42 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2014/05/20 16:56:42 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2014/05/20 16:56:42 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2014/05/20 16:56:42 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2014/05/20 16:56:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2014/05/20 16:56:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014/05/20 16:56:42 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2014/05/20 16:56:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2014/05/20 16:56:41 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2014/05/20 16:56:41 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2014/05/20 16:56:41 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2014/05/20 16:56:41 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2014/05/20 16:56:41 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/05/20 16:56:41 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/05/20 16:56:41 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2014/05/20 16:56:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2014/05/20 16:56:41 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014/05/20 16:56:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2014/05/20 16:56:41 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2014/05/20 16:56:41 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2014/05/20 16:56:41 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2014/05/20 16:56:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2014/05/20 16:56:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2014/05/20 16:56:41 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2014/05/20 16:56:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2014/05/20 16:56:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2014/05/20 16:56:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/05/20 16:56:40 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/05/20 16:56:40 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2014/05/20 16:56:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2014/05/20 16:56:40 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2014/05/20 16:56:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2014/05/20 16:56:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2014/05/20 16:56:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014/05/20 16:56:40 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2014/05/20 16:56:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2014/05/20 16:56:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2014/05/20 16:56:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2014/05/20 16:56:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2014/05/20 16:56:39 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2014/05/20 16:56:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2014/05/20 16:56:38 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2014/05/20 16:56:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2014/05/20 16:56:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2014/05/20 16:56:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2014/05/20 16:56:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2014/05/20 16:56:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2014/05/20 16:56:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2014/05/20 16:56:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2014/05/20 16:56:36 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2014/05/20 16:56:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014/05/20 16:56:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2014/05/20 16:56:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2014/05/20 16:56:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014/05/20 16:56:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2014/05/20 16:56:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2014/05/20 16:56:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2014/05/20 16:56:35 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2014/05/20 16:56:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2014/05/20 16:56:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2014/05/20 16:56:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2014/05/20 16:56:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2014/05/20 16:56:34 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2014/05/20 16:56:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2014/05/20 16:56:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2014/05/20 16:56:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014/05/20 16:56:34 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2014/05/20 16:56:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2014/05/20 16:56:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2014/05/20 16:56:32 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2014/05/20 16:56:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2014/05/20 16:56:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2014/05/20 16:56:31 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2014/05/20 16:56:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2014/05/20 16:56:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2014/05/20 16:56:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2014/05/20 16:56:29 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2014/05/20 16:56:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2014/05/20 16:56:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2014/05/20 16:56:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2014/05/20 16:56:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2014/05/20 16:56:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2014/05/20 16:56:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2014/05/20 16:56:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2014/05/20 16:56:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2014/05/20 16:56:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2014/05/20 16:56:26 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2014/05/20 16:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2014/05/20 16:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2014/05/20 16:56:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2014/05/20 16:56:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014/05/20 16:56:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2014/05/20 16:56:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2014/05/20 16:56:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2014/05/20 16:56:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014/05/20 16:56:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2014/05/20 16:56:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/05/20 16:56:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2014/05/20 16:56:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2014/05/20 16:56:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2014/05/20 16:56:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2014/05/20 16:56:23 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2014/05/20 16:56:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2014/05/20 16:56:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2014/05/20 16:56:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2014/05/20 16:56:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2014/05/20 16:56:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2014/05/20 16:56:00 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2014/05/20 16:56:00 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2014/05/20 16:55:52 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2014/05/20 16:55:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2014/05/20 16:55:44 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014/05/20 16:55:14 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2014/05/20 16:55:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014/05/20 16:50:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014/05/20 16:50:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/05/20 16:50:24 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/05/20 16:50:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/05/20 16:48:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/05/20 16:48:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2014/05/20 16:48:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014/05/20 16:47:21 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2014/05/20 16:47:16 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014/05/20 16:47:15 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2014/05/20 16:47:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2014/05/20 16:47:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2014/05/20 16:47:03 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/05/20 16:46:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/05/20 16:46:12 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2014/05/20 16:46:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2014/05/20 16:46:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2014/05/20 16:45:38 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014/05/20 16:45:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2014/05/20 16:45:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014/05/20 16:45:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014/05/20 16:45:16 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/05/20 16:45:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014/05/20 16:45:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014/05/20 16:45:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2014/05/20 16:17:19 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014/05/20 16:17:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014/05/20 16:17:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014/05/20 16:17:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014/05/20 16:17:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/20 16:17:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014/05/20 16:17:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014/05/20 16:17:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014/05/20 16:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014/05/20 16:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014/05/20 16:08:19 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014/05/20 16:08:18 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/05/20 16:08:04 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/05/20 16:08:04 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/05/20 16:08:04 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014/05/20 16:07:52 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/05/20 16:07:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/05/19 14:57:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Old Firefox Data
[2014/05/18 07:10:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/14 06:45:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/13 14:19:14 | 000,192,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2014/05/13 14:17:24 | 000,237,848 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2014/05/13 14:17:22 | 000,210,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2014/05/13 14:17:22 | 000,122,136 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[2014/05/13 14:17:20 | 000,149,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2014/05/13 14:17:20 | 000,107,288 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2014/05/13 14:09:12 | 000,198,936 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2014/05/13 14:04:36 | 000,027,416 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2014/05/13 14:04:34 | 000,021,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2014/05/12 09:28:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014/05/10 08:26:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe
[2014/05/09 19:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\AVG2014
[2014/05/09 06:18:52 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\PC Speed Maximizer
[2014/05/09 06:01:56 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/09 06:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/09 06:01:40 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/09 06:01:40 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/09 06:01:40 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/08 16:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014/05/08 06:05:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Avg2014
[2014/05/08 06:04:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\MFAData
[2014/05/06 20:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/06 20:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/06 20:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2014/05/06 17:16:04 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\HpUpdate
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Skidoo
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Savage info
[2014/05/03 19:23:10 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Recipes
[2014/05/03 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\MP3 Rocket New
[2014/05/03 19:21:45 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Hygiene
[2014/05/03 19:21:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Franco Belge boiler
[2014/05/03 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Alex's Folder
[2014/05/02 13:31:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search_files
[2014/05/01 20:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/05/01 18:55:24 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\ElevatedDiagnostics
[2014/05/01 06:16:34 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Microsoft Office
[2014/05/01 06:15:54 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/01 06:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2014/05/01 06:05:43 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft Help
[2014/05/01 06:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/01 05:54:32 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\OpenOffice.org
[2014/05/01 05:30:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/01 05:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/04/30 21:06:06 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\Add-in Express
[2014/04/30 21:01:23 | 000,880,040 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 21:01:22 | 000,802,728 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:59:39 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Oracle
[2014/04/30 20:59:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/04/30 20:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/04/30 20:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/04/30 20:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/04/30 20:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/04/30 20:48:37 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:48:18 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/30 20:48:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:48:17 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/04/30 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple
[2014/04/30 20:09:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\dvdcss
[2014/04/30 20:08:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\vlc
[2014/04/30 20:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/04/30 20:02:09 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple Computer
[2014/04/30 20:01:33 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Programs
[2014/04/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Macromedia
[2014/04/30 18:36:55 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Macromedia
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Mozilla
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Mozilla
[2014/04/30 18:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/04/30 18:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/04/30 17:50:35 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/04/30 17:50:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014/04/29 19:54:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Adobe
[2014/04/29 19:54:07 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Apple Computer
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Searches
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/29 19:53:53 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/29 19:53:42 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Identities
[2014/04/29 19:53:39 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Contacts
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temporary Internet Files
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Templates
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Start Menu
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\SendTo
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Recent
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\PrintHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\NetHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Videos
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Pictures
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Music
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\My Documents
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Local Settings
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\History
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Cookies
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Application Data
[2014/04/29 19:50:01 | 000,000,000 | --SD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Videos
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Saved Games
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Pictures
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Music
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Links
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Favorites
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Downloads
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/29 19:50:01 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\TuneUp Software
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Media Center Programs
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\IObit
[2014/04/29 19:49:48 | 000,000,000 | ---D | C] -- C:\Microsoft
[2014/04/29 19:49:09 | 000,000,000 | ---D | C] -- C:\logs
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/23 06:08:06 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/23 06:06:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/23 05:37:46 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/23 05:37:46 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/23 05:37:22 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/23 05:37:22 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/23 05:36:03 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/23 05:35:16 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/23 05:32:30 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/23 05:32:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/23 05:32:04 | 2364,399,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/22 18:19:01 | 000,001,289 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2014/05/22 16:23:29 | 001,326,389 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
[2014/05/21 21:52:10 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/20 20:20:34 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/20 19:46:39 | 001,071,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/05/20 19:17:23 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/20 19:17:23 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/05/20 19:17:23 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/05/20 19:17:22 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/05/20 19:17:22 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/20 19:17:22 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/05/20 19:17:22 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/20 19:17:21 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/20 19:17:21 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/05/20 19:17:21 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/20 19:17:21 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/05/20 19:17:21 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/20 19:17:21 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/20 19:17:20 | 001,967,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/20 19:17:20 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/20 19:17:20 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/20 19:17:20 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/20 19:17:20 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/05/20 19:17:20 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/05/20 19:17:20 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/05/20 19:17:20 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/05/20 19:17:20 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/20 19:17:20 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/20 19:17:20 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/05/20 19:17:20 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/05/20 19:17:19 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/20 19:17:19 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/20 19:17:19 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/20 19:17:18 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/05/20 19:17:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/20 19:17:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/05/20 19:17:18 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/05/20 19:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/20 19:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/05/20 19:17:18 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/05/20 19:17:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/20 19:17:17 | 004,254,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/20 19:17:17 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/20 19:17:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/20 19:17:17 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/05/20 19:17:17 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/05/20 19:17:17 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/05/20 19:17:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/05/20 19:17:17 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/05/20 19:16:21 | 003,969,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/05/20 19:16:21 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/20 19:16:21 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/20 19:15:59 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/05/20 19:15:59 | 000,187,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/20 19:15:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/20 19:14:47 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/05/20 19:14:47 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/20 19:14:47 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/05/20 19:14:47 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/05/20 19:14:47 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014/05/20 19:14:47 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/05/20 19:14:47 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/05/20 19:14:47 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/05/20 19:14:47 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/05/20 19:14:47 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014/05/20 19:14:47 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/05/20 19:14:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/05/20 19:14:47 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/20 19:14:46 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/05/20 19:14:46 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/20 19:14:46 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014/05/20 19:12:18 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/20 18:36:34 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2014/05/20 00:14:40 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/18 14:13:42 | 000,000,764 | RHS- | M] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/05/14 17:15:21 | 000,000,554 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.zip
[2014/05/14 12:06:37 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/14 12:06:37 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/14 06:18:19 | 000,000,512 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.dat
[2014/05/13 14:19:14 | 000,192,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2014/05/13 14:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2014/05/13 14:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2014/05/13 14:17:22 | 000,122,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[2014/05/13 14:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2014/05/13 14:17:20 | 000,107,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2014/05/13 14:09:12 | 000,198,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2014/05/13 14:04:36 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2014/05/13 14:04:34 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2014/05/12 07:26:08 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/10 08:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe
[2014/05/02 13:31:16 | 000,968,688 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/04/30 20:48:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:47:55 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:47:55 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:47:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:47:51 | 000,880,040 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 20:47:51 | 000,802,728 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:11:34 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/30 18:29:36 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/30 17:44:48 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
 
========== Files Created - No Company Name ==========
 
[2014/05/22 18:19:01 | 000,001,289 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2014/05/22 16:23:28 | 001,326,389 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
[2014/05/21 21:52:10 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/20 19:49:29 | 000,001,426 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/20 19:17:20 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/05/20 16:58:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014/05/20 16:58:14 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/05/20 16:56:40 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014/05/20 16:56:34 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2014/05/20 16:56:22 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2014/05/14 17:15:21 | 000,000,554 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.zip
[2014/05/14 06:18:19 | 000,000,512 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.dat
[2014/05/09 16:36:32 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/09 06:01:46 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/03 19:24:05 | 000,023,396 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\mad smile.JPG
[2014/05/02 13:31:12 | 000,968,688 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/04/30 20:03:21 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/30 18:29:36 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:51:37 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/29 19:53:18 | 000,000,764 | RHS- | C] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/04/29 19:50:02 | 000,000,290 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/29 19:50:02 | 000,000,272 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/10/18 16:18:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\createcert.exe
[2012/02/12 15:27:56 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Trance Pad
[2012/02/12 15:27:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/02/12 15:27:56 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Woodwind
[2012/02/12 15:27:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Track Settings
[2012/02/12 15:27:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/02/12 15:27:55 | 000,000,012 | RH-- | C] () -- C:\ProgramData\WebServer
[2012/02/12 15:27:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Themes
[2012/02/12 15:27:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/02/12 15:27:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Vocal Transformer
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:8927A071

< End of report >
 

 

 

NOTEPAD:

PUP.Optional.VuzeRemoteTB.A  HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\S
PUP.Optional.VuzeRemoteTB.A  HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\S
PUP.Optional.Conduit.A    C:\temp]embededstub_new2.exe
PUP.Optional.SoftM8.A    C:\Users\Owner\Hedgewytch-PC\Downloads\vlc-player.exe

 

If this VLC player is corrupt I can get rid of that if I have to. I do have a great amount of purchased music on it though.

 

Thank you


Edited by cabinover, 23 May 2014 - 04:46 AM.


#22 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 23 May 2014 - 07:02 PM

Hi cabinover,
 

Maybe I need to uninstall and reinstall MBAM?

Try disabling you anti-virus software then see if you can get a complete scan to run. If not uninstall, reboot the download a fresh copy and reinstall.

=========================
 

Just so you know, I'm not frustrated with your help or the computer. I was frustrated yesterday at myself because I couldn't remember which scans were which, I had too many on my desktop and ended up just redoing all of them. lol

I completely understand. It can get a bit confusing with all the different tools and multiple scans to keep the information organized. Don't worry, when we finish we will be removing all of the tools and logs they have generated.

=========================
 

If Vuze is a bit-torrent thing I have no use for it and will remove if you say so.

Vuze is considered a P2P and not recommended. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P file-sharing as a major conduit to spread their wares.

If you choose to remove VUZE, I don't believe it shows in you uninstall programs list. You may need to use RevoUninstaller.

bullseye_zpse9eaf36e.gif Revo Uninstaller Pro

Please download Revo Uninstaller Pro and save it to your desktop.
(This version is a fully functional, 30 day free trial)
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • From the list of programs click on
    Vuze
  • Chose "Uninstall". When prompted click Yes.
  • Make sure the advanced option is checked... then click Next.
  • The program will run, when prompted... click Yes... then Next.
  • Once the program has searched for leftovers click Next.
  • Check ONLY the bold items on the list then... click Next... then Yes.
  • When done click Finish.
=========================

I see you have AVG Toolbar installed, here is some information you should review: http://remove-malwar...olbarno-thanks/





If this VLC player is corrupt I can get rid of that if I have to. I do have a great amount of purchased music on it though.

VLC:although the program itself is not malicious, it possesses characteristics of a program classified as a PUP (Potentially Unwanted Programs). If you can access the music you use via another media player you might want to consider removing it. It's a personal decision.

=========================

bullseye_zpse9eaf36e.gif Run OTL.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7
    O4 - HKLM..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" File not found
    O20 - HKLM Winlogon: UserInit - (c:\program files\ts\mpkts.exe) -  File not found
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\MPK\mpk.exe) -  File not found
    [2014/05/09 06:18:52 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\PC Speed Maximizer
    
    :Files
    C:\Program Files\WatchDog\wdserver.exe
    C:\Program Files\TS\MPKSrv.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Windows\system32\DRIVERS\lgvzandnetndis.sys
    C:\Windows\system32\DRIVERS\lgvzandnetmdm.sys
    C:\Windows\system32\DRIVERS\lgvzandnetdiag2.sys
    C:\Windows\system32\DRIVERS\lgvzandnetdiag.sys
    C:\Windows\System32\drivers\rdvgkmd.sys 
    C:\Windows\system32\drivers\tsusbhub.sys 
    C:\Windows\drivers\synth3dvsc.sys
    C:\Windows\system32\DRIVERS\sxuptp.sys 
    C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS 
    C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
    C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS 
    C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS 
    C:\Program Files\LogMeIn\x86\RaInfo.sys 
    C:\Windows\\DRIVERS\asd2fsm.sys 
    C:\Windows\System32\LMIRfsClientNP.dll
    C:\Windows\System32\drivers\LMIRfsDriver.sys
    
    :Services
    wdserver
    MPKService
    ACDaemon
    vzandnetndis
    vzandnetmodem 
    vzandnetdiag2
    vzandnetdiag 
    VGPU
    tsusbhub
    Synth3dVsc
    sxuptp
    MRESP50 
    MRENDIS5
    MREMPR5 
    MREMP50
    LMIInfo
    asd2fsm 
    aekq1bzs 
    LMIRfsClientNP
    LMIRfsDriver
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
=========================

In your next post please provide the following:
  • OTL fix log
  • Fresh OTL.txt
  • How is the computer running at the moment?
  • MBAM log if you can get one.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#23 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 24 May 2014 - 06:24 AM

Tried shutting AVG down and running MalwareBytes, Same result. Got rid of MB and reinstalled with same results. Hang after Heuristic analysis is complete. Tried Chameleon and either same results or program wouldn't work altogether.

 

Downloaded Revo and Vuze is not on the menu. It's not in my Program files either. The only place any part is found is in the HKU... whatever and wherever that is.

 

I find no AVG toolbar to get rid of. It's not in my Program Files that I can see unless it's in the D: partition There is a lot of stuff in there that was on the computer when I bought it.

 

I uninstalled VLC for the time being. I'll look around for a player that will play FLAC files when this computer is clean again.

 

OTLFIX log:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn GUI deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:c:\program files\ts\mpkts.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\system32\MPK\mpk.exe deleted successfully.
C:\Users\Owner.Hedgewytch-PC\Documents\PC Speed Maximizer folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files\WatchDog\wdserver.exe not found.
File\Folder C:\Program Files\TS\MPKSrv.exe not found.
File\Folder C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe not found.
File\Folder C:\Windows\system32\DRIVERS\lgvzandnetndis.sys not found.
File\Folder C:\Windows\system32\DRIVERS\lgvzandnetmdm.sys not found.
File\Folder C:\Windows\system32\DRIVERS\lgvzandnetdiag2.sys not found.
File\Folder C:\Windows\system32\DRIVERS\lgvzandnetdiag.sys not found.
File\Folder C:\Windows\System32\drivers\rdvgkmd.sys not found.
File\Folder C:\Windows\system32\drivers\tsusbhub.sys not found.
File\Folder C:\Windows\drivers\synth3dvsc.sys not found.
File\Folder C:\Windows\system32\DRIVERS\sxuptp.sys not found.
File\Folder C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS not found.
File\Folder C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS not found.
File\Folder C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS not found.
File\Folder C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS not found.
File\Folder C:\Program Files\LogMeIn\x86\RaInfo.sys not found.
File\Folder C:\Windows\\DRIVERS\asd2fsm.sys not found.
C:\Windows\System32\LMIRfsClientNP.dll moved successfully.
C:\Windows\System32\drivers\LMIRfsDriver.sys moved successfully.
========== SERVICES/DRIVERS ==========
Service wdserver stopped successfully!
Service wdserver deleted successfully!
Service MPKService stopped successfully!
Service MPKService deleted successfully!
Service ACDaemon stopped successfully!
Service ACDaemon deleted successfully!
Service vzandnetndis stopped successfully!
Service vzandnetndis deleted successfully!
Service vzandnetmodem stopped successfully!
Service vzandnetmodem deleted successfully!
Service vzandnetdiag2 stopped successfully!
Service vzandnetdiag2 deleted successfully!
Service vzandnetdiag stopped successfully!
Service vzandnetdiag deleted successfully!
Service VGPU stopped successfully!
Service VGPU deleted successfully!
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
Service sxuptp stopped successfully!
Service sxuptp deleted successfully!
Service MRESP50 stopped successfully!
Service MRESP50 deleted successfully!
Service MRENDIS5 stopped successfully!
Service MRENDIS5 deleted successfully!
Service MREMPR5 stopped successfully!
Service MREMPR5 deleted successfully!
Service MREMP50 stopped successfully!
Service MREMP50 deleted successfully!
Service LMIInfo stopped successfully!
Service LMIInfo deleted successfully!
Service asd2fsm stopped successfully!
Service asd2fsm deleted successfully!
Error: No service named aekq1bzs was found to stop!
Service\Driver key aekq1bzs not found.
Service LMIRfsClientNP stopped successfully!
Service LMIRfsClientNP deleted successfully!
Service LMIRfsDriver stopped successfully!
Service LMIRfsDriver deleted successfully!
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Temp folder emptied: 789610 bytes
->Temporary Internet Files folder emptied: 428871 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 116771637 bytes
->Flash cache emptied: 1783 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28402 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 80550320 bytes
 
Total Files Cleaned = 189.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05242014_074150

Files\Folders moved on Reboot...
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

OTLSCAN:

 

OTL logfile created on: 5/24/2014 7:49:11 AM - Run 11
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner.Hedgewytch-PC\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.94 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 62.05% Memory free
5.87 Gb Paging File | 4.83 Gb Available in Paging File | 82.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42.23 Gb Total Space | 5.27 Gb Free Space | 12.48% Space Free | Partition Type: NTFS
Drive D: | 255.86 Gb Total Space | 77.80 Gb Free Space | 30.41% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1201.60 Gb Free Space | 64.50% Space Free | Partition Type: NTFS
 
Computer Name: HEDGEWYTCH-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (az4l4o3l) --  File not found
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NdisrdMP) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (Ndisrd) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
DRV - (BCMH43XX) -- C:\Windows\System32\drivers\bcmwlhigh6.sys (Broadcom Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (MAUSBJAMLAB) -- C:\Windows\System32\drivers\MAudioJamLab.sys (Avid Technology, Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows ® 2000 DDK provider)
DRV - (ndicql) -- C:\Windows\System32\drivers\ndicql.sys (NT Kernel Resources)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 A2 B5 81 BE 64 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8D5C4B23-2F5E-489D-80FF-FD763EC6D55D}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Users\Hedgewytch\Music\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/24 12:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/09 19:28:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/23 17:15:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2014/04/30 20:56:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014/05/23 17:15:29 | 000,000,000 | ---D | M]
 
[2014/04/30 18:34:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Extensions
[2014/05/19 17:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\mozilla\Firefox\Profiles\utjaaxox.default-1400525861152\extensions
[2014/05/09 19:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/09 19:28:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2011/10/19 13:48:44 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=928 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A7196C0-70A5-4E78-83F5-933097E17B24}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/03/17 13:53:06 | 000,000,000 | ---D | M] - F:\Automatically Add to iTunes -- [ NTFS ]
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{38902f3c-d23c-11e3-ab5e-001aa06a468f}\Shell\AutoRun\command - "" = K:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell - "" = AutoRun
O33 - MountPoints2\{dfc57943-d113-11e3-9d5d-001aa06a468f}\Shell\AutoRun\command - "" = L:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/24 06:33:44 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/24 06:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/24 06:33:25 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/24 06:33:25 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/24 06:33:25 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/24 06:33:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/05/23 22:05:40 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\VS Revo Group
[2014/05/23 22:05:29 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2014/05/23 22:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/05/23 22:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/05/23 22:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/05/23 17:08:02 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Adobe
[2014/05/22 18:19:02 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\OneNote Notebooks
[2014/05/22 17:49:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temp
[2014/05/21 21:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/21 21:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/21 21:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/05/21 05:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/05/20 19:17:23 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/20 19:17:23 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/05/20 19:17:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/05/20 19:17:22 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/05/20 19:17:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/20 19:17:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/05/20 19:17:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/20 19:17:21 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/20 19:17:21 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/05/20 19:17:21 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/20 19:17:21 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/05/20 19:17:21 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/20 19:17:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/20 19:17:20 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/20 19:17:20 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/20 19:17:20 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/20 19:17:20 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/20 19:17:20 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/05/20 19:17:20 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/05/20 19:17:20 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/05/20 19:17:20 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/05/20 19:17:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/20 19:17:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/20 19:17:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/05/20 19:17:19 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/20 19:17:19 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/20 19:17:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/20 19:17:18 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/05/20 19:17:18 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/20 19:17:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/05/20 19:17:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/05/20 19:17:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/20 19:17:18 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/05/20 19:17:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/20 19:17:17 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/20 19:17:17 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/20 19:17:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/20 19:17:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/05/20 19:17:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/05/20 19:17:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/05/20 19:17:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/05/20 19:17:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/05/20 19:17:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/05/20 19:16:21 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/05/20 19:16:21 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/20 19:16:21 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/20 19:15:59 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/05/20 19:15:59 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/20 19:15:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/20 19:14:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/20 19:14:47 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/05/20 19:14:47 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/05/20 19:14:47 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014/05/20 19:14:47 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/05/20 19:14:47 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/05/20 19:14:47 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/05/20 19:14:47 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/05/20 19:14:47 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014/05/20 19:14:47 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/05/20 19:14:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/05/20 19:14:47 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/20 19:14:46 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/05/20 19:14:46 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/05/20 19:14:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/20 19:14:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014/05/20 19:12:18 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/20 18:20:01 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/05/20 18:20:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/05/20 17:55:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014/05/20 17:54:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014/05/20 17:37:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/05/20 17:26:47 | 002,557,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2014/05/20 16:58:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2014/05/20 16:58:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014/05/20 16:58:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/05/20 16:58:28 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2014/05/20 16:58:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2014/05/20 16:58:27 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2014/05/20 16:58:26 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/05/20 16:58:24 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/05/20 16:58:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/05/20 16:58:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/05/20 16:58:22 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2014/05/20 16:58:21 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/05/20 16:58:20 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014/05/20 16:58:20 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2014/05/20 16:58:18 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2014/05/20 16:58:18 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2014/05/20 16:58:16 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/05/20 16:58:15 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2014/05/20 16:58:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014/05/20 16:58:11 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2014/05/20 16:58:10 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2014/05/20 16:58:09 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2014/05/20 16:58:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/05/20 16:58:09 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2014/05/20 16:58:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2014/05/20 16:58:07 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014/05/20 16:58:07 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2014/05/20 16:58:06 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014/05/20 16:58:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/05/20 16:58:05 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014/05/20 16:58:05 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2014/05/20 16:58:04 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2014/05/20 16:58:03 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2014/05/20 16:58:02 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014/05/20 16:58:01 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2014/05/20 16:58:00 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2014/05/20 16:58:00 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2014/05/20 16:58:00 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014/05/20 16:57:59 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/05/20 16:57:59 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2014/05/20 16:57:59 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2014/05/20 16:57:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/05/20 16:57:58 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/05/20 16:57:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2014/05/20 16:57:57 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2014/05/20 16:57:57 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2014/05/20 16:57:57 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/05/20 16:57:56 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2014/05/20 16:57:55 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2014/05/20 16:57:55 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2014/05/20 16:57:54 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2014/05/20 16:57:54 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2014/05/20 16:57:53 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2014/05/20 16:57:53 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2014/05/20 16:57:53 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/05/20 16:57:53 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2014/05/20 16:57:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2014/05/20 16:57:52 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2014/05/20 16:57:52 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/05/20 16:57:51 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2014/05/20 16:57:51 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2014/05/20 16:57:51 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014/05/20 16:57:51 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2014/05/20 16:57:51 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2014/05/20 16:57:49 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2014/05/20 16:57:49 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2014/05/20 16:57:48 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2014/05/20 16:57:48 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2014/05/20 16:57:48 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2014/05/20 16:57:47 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2014/05/20 16:57:47 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014/05/20 16:57:47 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014/05/20 16:57:47 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2014/05/20 16:57:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2014/05/20 16:57:45 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/05/20 16:57:45 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/05/20 16:57:45 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/05/20 16:57:45 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/05/20 16:57:45 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2014/05/20 16:57:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014/05/20 16:57:45 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2014/05/20 16:57:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2014/05/20 16:57:43 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2014/05/20 16:57:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2014/05/20 16:57:42 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/05/20 16:57:41 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014/05/20 16:57:41 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014/05/20 16:57:41 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2014/05/20 16:57:41 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014/05/20 16:57:40 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014/05/20 16:57:40 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2014/05/20 16:57:40 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2014/05/20 16:57:40 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/05/20 16:57:40 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2014/05/20 16:57:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014/05/20 16:57:39 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014/05/20 16:57:39 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2014/05/20 16:57:39 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2014/05/20 16:57:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2014/05/20 16:57:39 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2014/05/20 16:57:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014/05/20 16:57:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014/05/20 16:57:37 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2014/05/20 16:57:35 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2014/05/20 16:57:35 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014/05/20 16:57:34 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/05/20 16:57:34 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2014/05/20 16:57:34 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2014/05/20 16:57:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/20 16:57:34 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2014/05/20 16:57:33 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2014/05/20 16:57:33 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2014/05/20 16:57:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2014/05/20 16:57:31 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2014/05/20 16:57:31 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2014/05/20 16:57:31 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014/05/20 16:57:31 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2014/05/20 16:57:31 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/05/20 16:57:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014/05/20 16:57:30 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014/05/20 16:57:30 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2014/05/20 16:57:30 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/05/20 16:57:30 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014/05/20 16:57:30 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014/05/20 16:57:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2014/05/20 16:57:29 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2014/05/20 16:57:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2014/05/20 16:57:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2014/05/20 16:57:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014/05/20 16:57:28 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014/05/20 16:57:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2014/05/20 16:57:28 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2014/05/20 16:57:28 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/05/20 16:57:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2014/05/20 16:57:28 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/05/20 16:57:28 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2014/05/20 16:57:27 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2014/05/20 16:57:27 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/05/20 16:57:27 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2014/05/20 16:57:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2014/05/20 16:57:26 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2014/05/20 16:57:25 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014/05/20 16:57:25 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014/05/20 16:57:24 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2014/05/20 16:57:24 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2014/05/20 16:57:24 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2014/05/20 16:57:24 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/05/20 16:57:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2014/05/20 16:57:23 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/05/20 16:57:23 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2014/05/20 16:57:22 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2014/05/20 16:57:21 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014/05/20 16:57:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2014/05/20 16:57:20 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014/05/20 16:57:19 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2014/05/20 16:57:19 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2014/05/20 16:57:19 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2014/05/20 16:57:19 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2014/05/20 16:57:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2014/05/20 16:57:18 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2014/05/20 16:57:18 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2014/05/20 16:57:18 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2014/05/20 16:57:18 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2014/05/20 16:57:17 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2014/05/20 16:57:17 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2014/05/20 16:57:17 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2014/05/20 16:57:17 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2014/05/20 16:57:17 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2014/05/20 16:57:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2014/05/20 16:57:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2014/05/20 16:57:17 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2014/05/20 16:57:17 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2014/05/20 16:57:16 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2014/05/20 16:57:16 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014/05/20 16:57:16 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014/05/20 16:57:16 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/05/20 16:57:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2014/05/20 16:57:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2014/05/20 16:57:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2014/05/20 16:57:13 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014/05/20 16:57:13 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014/05/20 16:57:13 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2014/05/20 16:57:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/05/20 16:57:13 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2014/05/20 16:57:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2014/05/20 16:57:13 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2014/05/20 16:57:13 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/05/20 16:57:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2014/05/20 16:57:12 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2014/05/20 16:57:12 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2014/05/20 16:57:12 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014/05/20 16:57:12 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2014/05/20 16:57:12 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/05/20 16:57:12 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2014/05/20 16:57:12 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014/05/20 16:57:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014/05/20 16:57:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2014/05/20 16:57:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2014/05/20 16:57:11 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2014/05/20 16:57:11 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2014/05/20 16:57:11 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2014/05/20 16:57:11 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014/05/20 16:57:10 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2014/05/20 16:57:10 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2014/05/20 16:57:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2014/05/20 16:57:10 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2014/05/20 16:57:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2014/05/20 16:57:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2014/05/20 16:57:09 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014/05/20 16:57:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2014/05/20 16:57:09 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2014/05/20 16:57:09 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2014/05/20 16:57:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014/05/20 16:57:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/05/20 16:57:09 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2014/05/20 16:57:09 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2014/05/20 16:57:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2014/05/20 16:57:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014/05/20 16:57:08 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2014/05/20 16:57:08 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2014/05/20 16:57:07 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2014/05/20 16:57:07 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2014/05/20 16:57:07 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2014/05/20 16:57:07 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2014/05/20 16:57:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2014/05/20 16:57:07 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/05/20 16:57:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2014/05/20 16:57:06 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/05/20 16:57:06 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014/05/20 16:57:06 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2014/05/20 16:57:06 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2014/05/20 16:57:06 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2014/05/20 16:57:06 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2014/05/20 16:57:06 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2014/05/20 16:57:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2014/05/20 16:57:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2014/05/20 16:57:05 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2014/05/20 16:57:05 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014/05/20 16:57:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2014/05/20 16:57:05 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2014/05/20 16:57:05 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2014/05/20 16:57:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2014/05/20 16:57:05 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2014/05/20 16:57:04 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2014/05/20 16:57:04 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014/05/20 16:57:04 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2014/05/20 16:57:04 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2014/05/20 16:57:04 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2014/05/20 16:57:04 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2014/05/20 16:57:04 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2014/05/20 16:57:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/05/20 16:57:04 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/05/20 16:57:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2014/05/20 16:57:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2014/05/20 16:57:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2014/05/20 16:57:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2014/05/20 16:57:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/05/20 16:57:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2014/05/20 16:57:03 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2014/05/20 16:57:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2014/05/20 16:57:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2014/05/20 16:57:03 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2014/05/20 16:57:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2014/05/20 16:57:01 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2014/05/20 16:57:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2014/05/20 16:57:00 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/05/20 16:57:00 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/05/20 16:57:00 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2014/05/20 16:57:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2014/05/20 16:57:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2014/05/20 16:57:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2014/05/20 16:56:59 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2014/05/20 16:56:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2014/05/20 16:56:59 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2014/05/20 16:56:59 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2014/05/20 16:56:59 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2014/05/20 16:56:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2014/05/20 16:56:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2014/05/20 16:56:58 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2014/05/20 16:56:58 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2014/05/20 16:56:58 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2014/05/20 16:56:58 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014/05/20 16:56:57 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2014/05/20 16:56:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2014/05/20 16:56:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2014/05/20 16:56:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014/05/20 16:56:57 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2014/05/20 16:56:57 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2014/05/20 16:56:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014/05/20 16:56:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2014/05/20 16:56:56 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014/05/20 16:56:55 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2014/05/20 16:56:55 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2014/05/20 16:56:55 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2014/05/20 16:56:55 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2014/05/20 16:56:55 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2014/05/20 16:56:54 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2014/05/20 16:56:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2014/05/20 16:56:54 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014/05/20 16:56:54 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2014/05/20 16:56:54 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2014/05/20 16:56:54 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2014/05/20 16:56:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2014/05/20 16:56:53 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2014/05/20 16:56:53 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2014/05/20 16:56:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2014/05/20 16:56:53 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2014/05/20 16:56:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2014/05/20 16:56:53 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2014/05/20 16:56:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2014/05/20 16:56:52 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2014/05/20 16:56:52 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2014/05/20 16:56:52 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/05/20 16:56:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2014/05/20 16:56:52 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2014/05/20 16:56:51 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2014/05/20 16:56:51 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2014/05/20 16:56:51 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2014/05/20 16:56:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/05/20 16:56:51 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2014/05/20 16:56:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2014/05/20 16:56:50 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2014/05/20 16:56:50 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2014/05/20 16:56:50 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2014/05/20 16:56:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2014/05/20 16:56:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2014/05/20 16:56:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2014/05/20 16:56:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2014/05/20 16:56:50 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2014/05/20 16:56:49 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2014/05/20 16:56:49 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2014/05/20 16:56:49 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2014/05/20 16:56:48 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2014/05/20 16:56:48 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2014/05/20 16:56:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014/05/20 16:56:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2014/05/20 16:56:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2014/05/20 16:56:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2014/05/20 16:56:48 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2014/05/20 16:56:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2014/05/20 16:56:47 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2014/05/20 16:56:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2014/05/20 16:56:47 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2014/05/20 16:56:47 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2014/05/20 16:56:47 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2014/05/20 16:56:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2014/05/20 16:56:47 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2014/05/20 16:56:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2014/05/20 16:56:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2014/05/20 16:56:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2014/05/20 16:56:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014/05/20 16:56:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2014/05/20 16:56:46 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2014/05/20 16:56:46 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2014/05/20 16:56:46 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2014/05/20 16:56:46 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2014/05/20 16:56:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2014/05/20 16:56:46 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2014/05/20 16:56:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2014/05/20 16:56:46 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2014/05/20 16:56:46 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2014/05/20 16:56:46 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2014/05/20 16:56:46 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2014/05/20 16:56:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2014/05/20 16:56:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/05/20 16:56:45 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014/05/20 16:56:45 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2014/05/20 16:56:45 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2014/05/20 16:56:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2014/05/20 16:56:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2014/05/20 16:56:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2014/05/20 16:56:44 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014/05/20 16:56:44 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2014/05/20 16:56:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2014/05/20 16:56:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2014/05/20 16:56:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2014/05/20 16:56:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2014/05/20 16:56:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2014/05/20 16:56:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2014/05/20 16:56:43 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2014/05/20 16:56:43 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2014/05/20 16:56:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2014/05/20 16:56:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2014/05/20 16:56:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2014/05/20 16:56:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2014/05/20 16:56:42 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014/05/20 16:56:42 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2014/05/20 16:56:42 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2014/05/20 16:56:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/05/20 16:56:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2014/05/20 16:56:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2014/05/20 16:56:42 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2014/05/20 16:56:42 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2014/05/20 16:56:42 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2014/05/20 16:56:42 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2014/05/20 16:56:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2014/05/20 16:56:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014/05/20 16:56:42 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2014/05/20 16:56:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2014/05/20 16:56:41 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2014/05/20 16:56:41 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2014/05/20 16:56:41 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2014/05/20 16:56:41 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2014/05/20 16:56:41 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/05/20 16:56:41 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/05/20 16:56:41 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2014/05/20 16:56:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2014/05/20 16:56:41 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014/05/20 16:56:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2014/05/20 16:56:41 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2014/05/20 16:56:41 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2014/05/20 16:56:41 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2014/05/20 16:56:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2014/05/20 16:56:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2014/05/20 16:56:41 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2014/05/20 16:56:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2014/05/20 16:56:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2014/05/20 16:56:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/05/20 16:56:40 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/05/20 16:56:40 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2014/05/20 16:56:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2014/05/20 16:56:40 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2014/05/20 16:56:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2014/05/20 16:56:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2014/05/20 16:56:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014/05/20 16:56:40 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2014/05/20 16:56:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2014/05/20 16:56:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2014/05/20 16:56:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2014/05/20 16:56:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2014/05/20 16:56:39 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2014/05/20 16:56:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2014/05/20 16:56:38 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2014/05/20 16:56:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2014/05/20 16:56:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2014/05/20 16:56:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2014/05/20 16:56:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2014/05/20 16:56:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2014/05/20 16:56:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2014/05/20 16:56:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2014/05/20 16:56:36 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2014/05/20 16:56:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014/05/20 16:56:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2014/05/20 16:56:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2014/05/20 16:56:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014/05/20 16:56:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2014/05/20 16:56:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2014/05/20 16:56:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2014/05/20 16:56:35 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2014/05/20 16:56:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2014/05/20 16:56:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2014/05/20 16:56:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2014/05/20 16:56:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2014/05/20 16:56:34 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2014/05/20 16:56:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2014/05/20 16:56:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2014/05/20 16:56:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014/05/20 16:56:34 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2014/05/20 16:56:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2014/05/20 16:56:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2014/05/20 16:56:32 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2014/05/20 16:56:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2014/05/20 16:56:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2014/05/20 16:56:31 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2014/05/20 16:56:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2014/05/20 16:56:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2014/05/20 16:56:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2014/05/20 16:56:29 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2014/05/20 16:56:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2014/05/20 16:56:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2014/05/20 16:56:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2014/05/20 16:56:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2014/05/20 16:56:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2014/05/20 16:56:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2014/05/20 16:56:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2014/05/20 16:56:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2014/05/20 16:56:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2014/05/20 16:56:26 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2014/05/20 16:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2014/05/20 16:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2014/05/20 16:56:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2014/05/20 16:56:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014/05/20 16:56:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2014/05/20 16:56:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2014/05/20 16:56:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2014/05/20 16:56:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014/05/20 16:56:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2014/05/20 16:56:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/05/20 16:56:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2014/05/20 16:56:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2014/05/20 16:56:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2014/05/20 16:56:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2014/05/20 16:56:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2014/05/20 16:56:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2014/05/20 16:56:23 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2014/05/20 16:56:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2014/05/20 16:56:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2014/05/20 16:56:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2014/05/20 16:56:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2014/05/20 16:56:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2014/05/20 16:56:00 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2014/05/20 16:56:00 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2014/05/20 16:55:52 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2014/05/20 16:55:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2014/05/20 16:55:44 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014/05/20 16:55:14 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2014/05/20 16:55:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014/05/20 16:50:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014/05/20 16:50:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/05/20 16:50:24 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/05/20 16:50:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/05/20 16:48:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/05/20 16:48:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2014/05/20 16:48:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014/05/20 16:47:21 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2014/05/20 16:47:16 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014/05/20 16:47:15 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2014/05/20 16:47:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2014/05/20 16:47:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2014/05/20 16:47:03 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/05/20 16:46:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/05/20 16:46:12 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2014/05/20 16:46:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2014/05/20 16:46:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2014/05/20 16:45:38 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014/05/20 16:45:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2014/05/20 16:45:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014/05/20 16:45:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014/05/20 16:45:16 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/05/20 16:45:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014/05/20 16:45:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014/05/20 16:45:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2014/05/20 16:17:19 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014/05/20 16:17:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014/05/20 16:17:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/05/20 16:17:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014/05/20 16:17:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014/05/20 16:17:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/20 16:17:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014/05/20 16:17:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014/05/20 16:17:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014/05/20 16:17:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014/05/20 16:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014/05/20 16:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014/05/20 16:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014/05/20 16:08:19 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014/05/20 16:08:18 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/05/20 16:08:04 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/05/20 16:08:04 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/05/20 16:08:04 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014/05/20 16:07:52 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/05/20 16:07:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/05/19 14:57:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Old Firefox Data
[2014/05/18 07:10:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/14 06:45:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/13 14:19:14 | 000,192,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2014/05/13 14:17:24 | 000,237,848 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2014/05/13 14:17:22 | 000,210,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2014/05/13 14:17:22 | 000,122,136 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[2014/05/13 14:17:20 | 000,149,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2014/05/13 14:17:20 | 000,107,288 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2014/05/13 14:09:12 | 000,198,936 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2014/05/13 14:04:36 | 000,027,416 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2014/05/13 14:04:34 | 000,021,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2014/05/12 09:28:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014/05/10 08:26:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe
[2014/05/09 19:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\AVG2014
[2014/05/09 06:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/08 16:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014/05/08 06:05:48 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Avg2014
[2014/05/08 06:04:35 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\MFAData
[2014/05/06 20:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/06 20:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/06 20:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2014/05/06 17:16:04 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\HpUpdate
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Skidoo
[2014/05/03 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Savage info
[2014/05/03 19:23:10 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Recipes
[2014/05/03 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\MP3 Rocket New
[2014/05/03 19:21:45 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Hygiene
[2014/05/03 19:21:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Franco Belge boiler
[2014/05/03 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Alex's Folder
[2014/05/02 13:31:12 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search_files
[2014/05/01 20:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/05/01 18:55:24 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\ElevatedDiagnostics
[2014/05/01 06:16:34 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop\Microsoft Office
[2014/05/01 06:15:54 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2014/05/01 06:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/01 06:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2014/05/01 06:05:43 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft Help
[2014/05/01 06:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/01 05:54:32 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\OpenOffice.org
[2014/05/01 05:30:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/01 05:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/04/30 21:06:06 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\Add-in Express
[2014/04/30 21:01:23 | 000,880,040 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 21:01:22 | 000,802,728 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 20:59:39 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Oracle
[2014/04/30 20:59:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/04/30 20:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/04/30 20:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/04/30 20:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/04/30 20:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/04/30 20:48:37 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:48:18 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/30 20:48:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:48:17 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple
[2014/04/30 20:09:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\dvdcss
[2014/04/30 20:08:05 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\vlc
[2014/04/30 20:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/04/30 20:02:09 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Apple Computer
[2014/04/30 20:01:33 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Programs
[2014/04/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Macromedia
[2014/04/30 18:36:55 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Macromedia
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Mozilla
[2014/04/30 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Mozilla
[2014/04/30 18:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/04/30 18:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/04/30 17:50:35 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/04/30 17:50:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014/04/29 19:54:19 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Adobe
[2014/04/29 19:54:07 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Apple Computer
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Searches
[2014/04/29 19:53:53 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/29 19:53:53 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/29 19:53:42 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Identities
[2014/04/29 19:53:39 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Contacts
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Temporary Internet Files
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Templates
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Start Menu
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\SendTo
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Recent
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\PrintHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\NetHood
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Videos
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Pictures
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Documents\My Music
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\My Documents
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Local Settings
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\History
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Cookies
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\Application Data
[2014/04/29 19:50:03 | 000,000,000 | -HSD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Application Data
[2014/04/29 19:50:01 | 000,000,000 | --SD | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Videos
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Saved Games
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Pictures
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Music
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Links
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Favorites
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Downloads
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Documents
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\Desktop
[2014/04/29 19:50:01 | 000,000,000 | R--D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/29 19:50:01 | 000,000,000 | -H-D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\TuneUp Software
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Trusteer
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Media Center Programs
[2014/04/29 19:50:01 | 000,000,000 | ---D | C] -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\IObit
[2014/04/29 19:49:48 | 000,000,000 | ---D | C] -- C:\Microsoft
[2014/04/29 19:49:09 | 000,000,000 | ---D | C] -- C:\logs
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/24 07:51:34 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/24 07:51:34 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/24 07:46:33 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/24 07:46:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/24 07:46:09 | 2364,399,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/24 07:15:27 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/24 07:15:22 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/24 07:08:37 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/24 07:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/24 06:35:25 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/24 06:35:25 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/24 06:33:28 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/23 22:05:31 | 000,001,267 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/05/23 22:05:31 | 000,001,243 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/05/22 18:19:01 | 000,001,289 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2014/05/22 16:23:29 | 001,326,389 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
[2014/05/21 21:52:10 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/20 19:46:39 | 001,071,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/05/20 19:17:23 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/20 19:17:23 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/05/20 19:17:23 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/05/20 19:17:22 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/05/20 19:17:22 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/20 19:17:22 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/05/20 19:17:22 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/20 19:17:21 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/20 19:17:21 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/05/20 19:17:21 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/20 19:17:21 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/05/20 19:17:21 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/20 19:17:21 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/20 19:17:20 | 001,967,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/20 19:17:20 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/20 19:17:20 | 000,575,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/20 19:17:20 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/20 19:17:20 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/05/20 19:17:20 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/05/20 19:17:20 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/05/20 19:17:20 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/05/20 19:17:20 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/20 19:17:20 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/20 19:17:20 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/05/20 19:17:20 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/05/20 19:17:19 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/20 19:17:19 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/20 19:17:19 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/20 19:17:18 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/05/20 19:17:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/20 19:17:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/05/20 19:17:18 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/05/20 19:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/20 19:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/05/20 19:17:18 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/05/20 19:17:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/20 19:17:17 | 004,254,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/20 19:17:17 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/20 19:17:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/20 19:17:17 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/05/20 19:17:17 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/05/20 19:17:17 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/05/20 19:17:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/05/20 19:17:17 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/05/20 19:16:21 | 003,969,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/05/20 19:16:21 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/20 19:16:21 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/20 19:15:59 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/05/20 19:15:59 | 000,187,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/20 19:15:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/20 19:14:47 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/05/20 19:14:47 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/20 19:14:47 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/05/20 19:14:47 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/05/20 19:14:47 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014/05/20 19:14:47 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/05/20 19:14:47 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/05/20 19:14:47 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/05/20 19:14:47 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/05/20 19:14:47 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014/05/20 19:14:47 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/05/20 19:14:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/05/20 19:14:47 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/20 19:14:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/20 19:14:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/20 19:14:47 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/20 19:14:46 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/05/20 19:14:46 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/20 19:14:46 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014/05/20 19:12:18 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/20 18:36:34 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2014/05/20 00:14:40 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/18 14:13:42 | 000,000,764 | RHS- | M] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/05/14 17:15:21 | 000,000,554 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.zip
[2014/05/14 12:06:37 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/14 12:06:37 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/14 06:18:19 | 000,000,512 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.dat
[2014/05/13 14:19:14 | 000,192,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2014/05/13 14:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2014/05/13 14:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2014/05/13 14:17:22 | 000,122,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[2014/05/13 14:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2014/05/13 14:17:20 | 000,107,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2014/05/13 14:09:12 | 000,198,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2014/05/13 14:04:36 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2014/05/13 14:04:34 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2014/05/12 07:26:08 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/10 08:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner.Hedgewytch-PC\Desktop\OTL.exe
[2014/05/02 13:31:16 | 000,968,688 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/04/30 20:48:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/04/30 20:47:55 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/04/30 20:47:55 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/04/30 20:47:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/04/30 20:47:51 | 000,880,040 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2014/04/30 20:47:51 | 000,802,728 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2014/04/30 18:29:36 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | M] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/30 17:44:48 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
 
========== Files Created - No Company Name ==========
 
[2014/05/24 06:33:28 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/23 22:05:31 | 000,001,267 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/05/23 22:05:31 | 000,001,243 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/05/22 18:19:01 | 000,001,289 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2014/05/22 16:23:28 | 001,326,389 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\AdwCleaner.exe
[2014/05/21 21:52:10 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/20 19:49:29 | 000,001,426 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/20 19:17:20 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/05/20 16:58:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014/05/20 16:58:14 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/05/20 16:56:40 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014/05/20 16:56:34 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2014/05/20 16:56:22 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2014/05/14 17:15:21 | 000,000,554 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.zip
[2014/05/14 06:18:19 | 000,000,512 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\MBR.dat
[2014/05/09 16:36:32 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/03 19:24:05 | 000,023,396 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\mad smile.JPG
[2014/05/02 13:31:12 | 000,968,688 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Desktop\gv black caries classification - Google Search.htm
[2014/05/01 20:33:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014/04/30 18:29:36 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 18:10:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
[2014/04/30 18:10:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2014/04/30 17:53:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/04/30 17:53:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
[2014/04/30 17:51:37 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/30 17:50:18 | 000,001,420 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/29 19:53:18 | 000,000,764 | RHS- | C] () -- C:\Users\Owner.Hedgewytch-PC\ntuser.pol
[2014/04/29 19:50:02 | 000,000,290 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/29 19:50:02 | 000,000,272 | ---- | C] () -- C:\Users\Owner.Hedgewytch-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/10/18 16:18:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\createcert.exe
[2012/02/12 15:27:56 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Trance Pad
[2012/02/12 15:27:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/02/12 15:27:56 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Woodwind
[2012/02/12 15:27:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Track Settings
[2012/02/12 15:27:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/02/12 15:27:55 | 000,000,012 | RH-- | C] () -- C:\ProgramData\WebServer
[2012/02/12 15:27:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Themes
[2012/02/12 15:27:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/02/12 15:27:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Vocal Transformer
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:8927A071

< End of report >
 

 

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

When the MB scan starts catching it's 15,000+ files it starts with these two:

 

Refog.Keylogger C:\ProgramData\MPK\1
Refog.Keylogger C:\ProgramData\MPK\1\I41337_9885235185

 

From there they are all Keylogger files as far as I can tell. After about 200 I am locked out of looking at the date by MalwareBytes.



#24 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 24 May 2014 - 11:10 AM

Hi cabinover,

You're doing great, let's keep going. Other than MBAM not completing a scan, are there any other issues?

Is your F drive an external hard drive?

=========================

Try this MBAM Clean Removal Process https://forums.malwa...howtopic=146017
Scroll down the page to Method 2 - Free version and follow the recommended steps.

=========================

bullseye_zpse9eaf36e.gif SystemLook

Please download SystemLook from one of the links below and save it to your Desktop.

Download the version suitable to your computer.
  • Right click SystemLook.exe and select "Run as Administrator" to run it.
  • Copy the content of the following code-box into the main text-field:
    :folderfind
    *Vuze*
    *MPK*
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

=========================

In your next post please provide the following:
  • Answer to questions asked.
  • MBAM.txt, if available
  • SystemLook.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#25 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 24 May 2014 - 01:27 PM

Hi OCD,

Yes, F: is my external HD. That should be clean with not much beyond music on it.

 

I used the MBAM cleaner and reinstalled MBAM. Even tried the trial version so I could access the quick scan tool. Made it all the way through the Heuristic analysis finding the 15K problems and locked up again.

 

Other than Mozilla hanging and not responding for about 20 seconds while loading this forum everything seems to be working fine.

 

Here is the systemlook text:

 

SystemLook 30.07.11 by jpshortstuff
Log created at 14:52 on 24/05/2014 by Owner
Administrator - Elevation successful

========== folderfind ==========

Searching for "*Vuze*"
C:\AdwCleaner\Quarantine\C\Program Files\Vuze    d------    [09:31 01/05/2014]
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote    d------    [20:30 21/03/2012]

Searching for "*MPK*"
C:\ProgramData\MPK    d--hs--    [18:25 30/09/2010]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppHang_MPKTS.exe_463a2613b3e7c7809f78a99b877fce43aae10aa_1d191dfb    d----c-    [14:26 20/01/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppHang_MPKTS.exe_7763baac92722bc622a874aadc861e7dedf6982_389df90c    d----c-    [01:56 12/04/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppHang_MPKTS.exe_7763baac92722bc622a874aadc861e7dedf6982_389e1091    d----c-    [01:56 12/04/2013]
C:\Users\All Users\MPK    d--hs--    [18:25 30/09/2010]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_MPKTS.exe_463a2613b3e7c7809f78a99b877fce43aae10aa_1d191dfb    d----c-    [14:26 20/01/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_MPKTS.exe_7763baac92722bc622a874aadc861e7dedf6982_389df90c    d----c-    [01:56 12/04/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_MPKTS.exe_7763baac92722bc622a874aadc861e7dedf6982_389e1091    d----c-    [01:56 12/04/2013]
C:\Users\Owner.Hedgewytch-PC\Desktop\Recipes\Classic Pumpkin Bread & Desi’s Spiced Maple Pecan Butter   gfe--gluten free easily_files    d------    [23:23 03/05/2014]
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\MPK    d------    [18:17 26/06/2012]

-= EOF =-


Edited by cabinover, 24 May 2014 - 01:30 PM.

    Advertisements

Register to Remove


#26 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 24 May 2014 - 03:33 PM

Hi cabinover,

bullseye_zpse9eaf36e.gif Run OTL.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Files
    C:\ProgramData\MPK
    C:\Users\All Users\MPK
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
=========================

bullseye_zpse9eaf36e.gif ESET Online Scanner

*Note:
  • It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
  • Please don't go surfing while your resident protection is disabled!
  • Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is  Checked.
  • Click Scan.
  • Wait for the scan to finish.
  • When the scan completes, click List of found threats
  • click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
  • Include the contents of this report in your next reply

    Note - when ESET doesn't find any threats, no report will be created.
  • Push the back button.
  • Push Finish
  • Re-enable your Antivirus software.
=========================

In your next post please provide the following:
  • OTL fix log
  • ESET log

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#27 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 24 May 2014 - 08:01 PM

Here you go...

 

All processes killed
========== FILES ==========
C:\ProgramData\MPK\REFOG Keylogger folder moved successfully.
C:\ProgramData\MPK\MalformedDB folder moved successfully.
C:\ProgramData\MPK\CPDM folder moved successfully.
C:\ProgramData\MPK\CPDA folder moved successfully.
C:\ProgramData\MPK\6\HCAL folder moved successfully.
C:\ProgramData\MPK\6 folder moved successfully.
C:\ProgramData\MPK\5 folder moved successfully.
C:\ProgramData\MPK\4 folder moved successfully.
C:\ProgramData\MPK\3 folder moved successfully.
C:\ProgramData\MPK\2 folder moved successfully.
C:\ProgramData\MPK\1 folder moved successfully.
C:\ProgramData\MPK folder moved successfully.
File\Folder C:\Users\All Users\MPK not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Temp folder emptied: 2032 bytes
->Temporary Internet Files folder emptied: 37747 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 75562646 bytes
->Flash cache emptied: 602 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16178 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 17858096 bytes
 
Total Files Cleaned = 89.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05242014_175419

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

ESETScan:

 

C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth.dll.old.vir    a variant of Win32/Toolbar.Widgi.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\Vuze\.install4j\i4j_extf_20_5p83tu.exe.vir    Win32/Somoto.F potentially unwanted application
C:\Config.Msi\12bde0a7.rbf    a variant of Win32/Toolbar.Widgi.A potentially unwanted application
C:\temp\a.exe    Win32/Conduit.SearchProtect.M potentially unwanted application
C:\temp\embededstub_new2.exe    a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\temp\launcher.exe    Win32/Conduit.SearchProtect.M potentially unwanted application
C:\temp\white.exe    Win32/Conduit.SearchProtect.M potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ECMUS5G\WhiteUS139[1].exe    Win32/Conduit.SearchProtect.M potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IYXUUZJ9\WhiteUS131[1].exe    Win32/Conduit.SearchProtect.M potentially unwanted application
C:\_OTL\MovedFiles\05182014_071036\C_Program Files\pcreg\pcreg.exe    a variant of Win32/Conduit.SearchProtect.O potentially unwanted application
C:\_OTL\MovedFiles\05182014_071036\C_Program Files\pcreg\service.exe    Win32/Conduit.SearchProtect.O potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Config.Msi\12bde07b.rbf    a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Config.Msi\12bde07c.rbf    a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Program Files\Itynvrjvrrj\eufkz.exe    a variant of Win32/KeyLogger.AllInOneKeylogger.B application
C:\_OTL\MovedFiles\05222014_174234\C_Program Files\TS\MPKTS.exe    a variant of Win32/KeyLogger.Refog.B application
C:\_OTL\MovedFiles\05222014_174234\C_Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3KZ9N35\SpeedUpMyPC-standalone-setup[1].exe    Win32/SpeedUpMyPC potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Users\Owner.Hedgewytch-PC\AppData\Local\Temp\optiSetup.exe    Win32/SpeedUpMyPC.A potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Users\Owner.Hedgewytch-PC\AppData\Local\Temp\is-KP5LI.tmp\SpeedUpMyPC-standalone-setup.exe    Win32/SpeedUpMyPC potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\msduncerc.dll    a variant of Win32/Spy.KeyLogger.NOB trojan
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\ldrtbVuz0.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\ldrtbVuz2.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\ldrtbVuze.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\tbVuz0.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\tbVuz1.dll    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\tbVuz2.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\tbVuze.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application
C:\_OTL\MovedFiles\05222014_174234\C_Windows\System32\MPK\MPK.exe    a variant of Win32/KeyLogger.Refog.B application
C:\_OTL\MovedFiles\05222014_174234\D_Program Files\Image-Line\FL Studio 9\FL.exe    Win32/BadJoke.F trojan
 



#28 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 25 May 2014 - 12:24 AM

Hi cabinover,

Most of the items listed from the ESET scan are in quarantine folders and will be removed when we clean up the tools and logs when we have finished. The others we will remove with this next OTL fix.

bullseye_zpse9eaf36e.gif Run OTL.exe

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Files
    C:\Config.Msi\12bde0a7.rbf
    C:\temp\a.exe
    C:\temp\embededstub_new2.exe
    C:\temp\launcher.exe
    C:\temp\white.exe
    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ECMUS5G\WhiteUS139[1].exe 
    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IYXUUZJ9\WhiteUS131[1].exe
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

=========================

bullseye_zpse9eaf36e.gif TFC

Download TFC to your desktop

  • Close any open windows.
  • Double click the TFC icon to run the program
    • Vista, Windows 7 & 8 Right click and select "Run as Administrator"
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean

=========================

Next, boot into Safe Mode w/Networking and attempt to run MBAM again.

bullseye_zpse9eaf36e.gif Reboot in Safe Mode using the F8 Method:

  • Restart your computer.
  • When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key repeatedly until you are presented with the Windows 7 Advanced Boot Options.
  • Select the Safe Mode with Networking option using the arrow keys.
  • Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.
  • When Windows starts you will be at a typical logon screen. Logon to your computer and Windows 7 will enter Safe mode.

=========================

bullseye_zpse9eaf36e.gif Malwarebytes' Anti-Malware

Locate Malwarebytes' Anti-Malware (it should be on your desktop).
If not, download it here

  • Right click and select "Run as Administrator" mbam-setup.exe and follow the prompts to run the program..
  • Once the program has loaded, select the Update tab to get the latest updates before performing the scan.
  • Select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

Reboot back into Normal Mode.

In your next post please provide the following:

  • OTL fix log
  • MBAM log

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#29 cabinover

cabinover

    Authentic Member

  • Authentic Member
  • PipPip
  • 104 posts

Posted 25 May 2014 - 07:01 AM

I do not see anywhere, on MalwareBytes, a place to check off REMOVE SELECTED. I ran the program and saved the log. Surprised that it's finally working!

 

Here are the logs:

 

All processes killed
========== FILES ==========
C:\Config.Msi\12bde0a7.rbf moved successfully.
C:\temp\a.exe moved successfully.
C:\temp\embededstub_new2.exe moved successfully.
C:\temp\launcher.exe moved successfully.
C:\temp\white.exe moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ECMUS5G\WhiteUS139[1].exe moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IYXUUZJ9\WhiteUS131[1].exe moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Chloe.Hedgewytch-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Hedgewytch
 
User: Owner
 
User: Owner.Hedgewytch-PC
->Temp folder emptied: 1013 bytes
->Temporary Internet Files folder emptied: 37747 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21621095 bytes
->Flash cache emptied: 492 bytes
 
User: Public
 
User: Rune.Hedgewytch-PC
 
User: TEMP
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11627 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 21.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05252014_082149

Files\Folders moved on Reboot...
C:\Users\Owner.Hedgewytch-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/25/2014
Scan Time: 8:47:44 AM
Logfile: MBAM5252014.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.25.02
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Owner

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 318991
Time Elapsed: 3 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
Refog.Keylogger, HKLM\SOFTWARE\Refog Software, , [6333114490eb0630121beb4df013ee12],
PUP.Optional.PriceGong.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [0096b0a599e20b2bc3c9cbd5fd05a35d],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#30 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 25 May 2014 - 10:51 AM

Hi cabinover,

Please download ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
**Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.

=========================

bullseye_zpse9eaf36e.gif Run OTL.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Refog Software]
    [-HKEY_USERS\S-1-5-21-1950312456-1538931133-2421260759-1000\Software\AppDataLow\Software\PriceGong]
    
    :Commands
    [createrestorepoint]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
=========================

In your next post please provide the following:
  • OTL fix log
  • Fresh OTL.txt
  • Any remaining issues?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users