I have tried 2 times but only got 1 log not the extra one.
It has been like this almost a year or so. It have been worse all the time, I have formatted many times and it's little better for a day or so and then it's full fight again- when it started did my laptop run slowly , changes I did on the computer was frequently reset I had win 7 then and I used to check the eventlog to see whats going on, it showed that there was traffic on my pc or ip i dont know but activity it was when the comp was turned OFF? Lots of thing pointed to remote something - I got panic and deactivated everything remote in services. It calm down a little but it came stronger back if I can say so, I have also disabled wifi and bluetooth.
This is what happen most of the time- the flash player stops and hangs almost all the time, or I get the warning that one script has stopped. programs, some folders can not be opened and I be denied to uninstall various prog. I get a lot of : Acsess denied and you do not have enough rights to open ....and Can not uninstall program that is still running in another process but when I open Task Manager I can not find the process. settings, When it comes to global privacy setting (flash) It's hard for me, I can't block that someone can use my microphone and camera, when I click deny the confirmbox show up as usual, but when I klick confirm the box just disappear and I can't block. So when I block in my browser setting it just tell me that the flash player settings does not mach
The pointer does as it wants, goes the opposite way of what I'm doing, open programs and advertisements from the sidebar and more. When I should post on the norton forum (they gave me link to this forum) I could not send I was told to fix where it was highlighted, but there was no highlighted there so I change to html text and deleted all named span then I could post. I'm so tired of this, I thought that I must surely live with it but now that it appears that someone takes over the machine, I know that it will not be possible. One thing I know is that it is not related to money and that someone/something can see everything I write.
Please please help me
Regards
OTL logfile created on: 10.08.2014 00:44:37 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hespetreet\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
5,44 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 67,25% Memory free
10,94 Gb Paging File | 9,08 Gb Available in Paging File | 82,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682,53 Gb Total Space | 638,63 Gb Free Space | 93,57% Space Free | Partition Type: NTFS
Computer Name: NOKRNOK | User Name: Hespetreet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Hespetreet\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Symantec Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (LMSvc) -- C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe (Acer Incorporate)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceFastLaneService) -- C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe (Acer Incorporated)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe (Symantec Corporation)
SRV - (SpeedDiskService) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe (Symantec Corporation)
SRV - (DiskDoctorService) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe (Symantec Corporation)
SRV - (NU16StartManagerSvc) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe (PC Tools)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- c:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symnets.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\Drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\Drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symelam.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symds64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (LMDriver) -- C:\Windows\SysNative\Drivers\LMDriver.sys (Acer Incorporated)
DRV:64bit: - (RadioShim) -- C:\Windows\SysNative\Drivers\RadioShim.sys (Acer Incorporated)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (AthrSdSrv) -- C:\Windows\SysNative\Drivers\athrsd.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\Drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001_6ff\BHDrvx64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {C4FE925D-F47F-4F9A-82A7-3213E79CE617}
IE:64bit: - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://no.yhs4.searc...p={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{C4FE925D-F47F-4F9A-82A7-3213E79CE617}: "URL" = http://www.bing.com/...E10TR&pc=MAPBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {C4FE925D-F47F-4F9A-82A7-3213E79CE617}
IE - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://no.yhs4.searc...p={searchTerms}
IE - HKLM\..\SearchScopes\{C4FE925D-F47F-4F9A-82A7-3213E79CE617}: "URL" = http://www.bing.com/...E10TR&pc=MAPBJS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.no/
IE - HKCU\..\SearchScopes,DefaultScope = {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://www.google.no"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:4.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014.08.08 23:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014.08.09 12:20:26 | 000,000,000 | ---D | M]
[2014.07.20 18:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\Extensions
[2014.07.20 18:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\Firefox\Profiles\79n48bde.default\extensions
[2014.07.20 18:23:52 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\Firefox\Profiles\79n48bde.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014.07.20 18:23:52 | 000,325,350 | ---- | M] () (No name found) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\firefox\profiles\79n48bde.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
[2014.07.30 02:35:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.07.30 02:35:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
CHR - Extension: Google Docs = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Security Toolbar = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.3.13_0\
CHR - Extension: Norton Security Toolbar = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.6.16_0\
CHR - Extension: Google Wallet = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\ips\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0702906F-0F02-4B1B-AA90-2042C1AFF492}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9e67ff6c-100b-11e4-be74-206a8a970a09}\Shell - "" = AutoRun
O33 - MountPoints2\{9e67ff6c-100b-11e4-be74-206a8a970a09}\Shell\AutoRun\command - "" = "E:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014.08.10 00:43:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hespetreet\Desktop\OTL.exe
[2014.08.08 15:18:30 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symnets.sys
[2014.08.08 15:18:30 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symelam.sys
[2014.08.08 15:18:29 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symefa64.sys
[2014.08.08 15:18:29 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symds64.sys
[2014.08.08 15:18:23 | 000,875,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtsp64.sys
[2014.08.08 15:18:23 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtspx64.sys
[2014.08.08 15:18:22 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ironx64.sys
[2014.08.08 15:18:22 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ccsetx64.sys
[2014.08.08 12:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014.08.07 23:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2014.08.07 20:34:45 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\ElevatedDiagnostics
[2014.08.07 20:33:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2014.08.07 10:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013
[2014.08.05 03:47:51 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Diagnostics
[2014.08.03 12:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.08.03 12:07:50 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Programs
[2014.08.01 19:58:02 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Documents\Documents
[2014.07.31 12:32:53 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Norton Utilities 16
[2014.07.31 12:23:13 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4.dll
[2014.07.31 12:23:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4r.dll
[2014.07.31 12:23:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4a.dll
[2014.07.31 12:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
[2014.07.31 12:23:11 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox210.ocx
[2014.07.31 12:23:10 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
[2014.07.31 12:23:10 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox10.ocx
[2014.07.31 12:23:10 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCT2.OCX
[2014.07.31 12:23:10 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml.dll
[2014.07.31 12:23:10 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBoxVB12.ocx
[2014.07.31 12:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.07.31 12:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.07.31 12:14:47 | 000,000,000 | ---D | C] -- C:\AMD
[2014.07.31 12:09:28 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Product_NU16
[2014.07.31 03:13:15 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\CrashDumps
[2014.07.30 02:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.07.29 16:38:17 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\SUPERAntiSpyware.com
[2014.07.29 16:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014.07.28 17:45:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014.07.27 06:33:06 | 000,703,968 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.07.27 06:33:06 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.27 06:24:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\CompatTel
[2014.07.27 06:24:27 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2014.07.25 21:27:24 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wdc.dll
[2014.07.25 21:27:24 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wvc.dll
[2014.07.25 21:27:23 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wdc.dll
[2014.07.25 21:27:23 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysmon.ocx
[2014.07.25 21:27:23 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wvc.dll
[2014.07.25 21:27:23 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysmon.ocx
[2014.07.25 21:25:16 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2014.07.25 21:25:12 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014.07.25 21:25:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2014.07.25 21:25:11 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014.07.25 21:25:11 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2014.07.25 21:25:11 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2014.07.25 21:25:09 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll
[2014.07.25 05:07:21 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014.07.25 05:07:20 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014.07.25 05:07:19 | 005,092,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014.07.25 05:07:18 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014.07.25 05:07:17 | 000,332,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014.07.25 01:34:01 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.07.25 01:33:58 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2014.07.25 01:33:57 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2014.07.25 01:33:56 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014.07.24 22:45:07 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014.07.24 22:45:07 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014.07.24 22:45:07 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014.07.24 16:04:54 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys
[2014.07.24 16:04:37 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014.07.24 16:04:32 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSAT.exe
[2014.07.24 16:04:28 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys
[2014.07.24 16:04:26 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2014.07.24 16:04:22 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2014.07.24 16:04:22 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014.07.24 16:04:20 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014.07.24 16:04:20 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014.07.24 16:04:19 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provcore.dll
[2014.07.24 16:04:19 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2014.07.24 16:04:14 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSATAPI.dll
[2014.07.24 16:04:12 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014.07.24 16:04:11 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2014.07.24 16:04:10 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014.07.24 16:04:10 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2014.07.24 16:04:09 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014.07.24 16:04:09 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2014.07.24 16:04:08 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2014.07.24 16:04:07 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014.07.24 16:04:06 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2014.07.24 16:04:06 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014.07.24 16:04:06 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2014.07.24 16:04:06 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014.07.24 16:04:06 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2014.07.24 16:04:05 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2014.07.24 16:04:05 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdsrv.dll
[2014.07.24 16:04:04 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014.07.24 16:04:04 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2014.07.24 16:04:03 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014.07.24 16:04:03 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSATAPI.dll
[2014.07.24 16:04:02 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2014.07.24 16:04:02 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014.07.24 16:03:59 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2014.07.24 16:03:58 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2014.07.24 16:03:58 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2014.07.24 16:03:57 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl
[2014.07.24 16:03:57 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2014.07.24 16:03:56 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2014.07.24 16:03:56 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014.07.24 16:03:56 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2014.07.24 16:03:55 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provcore.dll
[2014.07.24 16:03:55 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2014.07.24 16:03:55 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2014.07.24 16:03:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2014.07.24 16:03:54 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2014.07.24 16:03:54 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avrt.dll
[2014.07.24 16:03:53 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014.07.24 16:03:53 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014.07.24 16:03:53 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2014.07.24 16:03:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2014.07.24 16:03:52 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\batmeter.dll
[2014.07.24 16:03:52 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\batmeter.dll
[2014.07.24 16:03:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014.07.24 16:03:52 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfdisk.dll
[2014.07.24 16:03:51 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2014.07.24 16:03:51 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014.07.24 16:03:51 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2014.07.24 16:03:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfdisk.dll
[2014.07.24 16:03:51 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svchost.exe
[2014.07.24 16:03:49 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014.07.24 16:03:48 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetup.exe
[2014.07.24 16:03:48 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2014.07.24 16:03:48 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2014.07.24 16:03:48 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2014.07.24 16:03:48 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2014.07.24 16:03:48 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014.07.24 16:03:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014.07.24 16:03:48 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2014.07.24 16:03:47 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014.07.24 16:03:47 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2014.07.24 16:03:47 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014.07.24 16:03:47 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014.07.24 16:03:46 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014.07.24 16:03:46 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2014.07.24 16:03:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2014.07.24 16:03:45 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll
[2014.07.24 16:03:45 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll
[2014.07.24 16:03:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfos.dll
[2014.07.24 16:03:43 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2014.07.24 16:03:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vsstrace.dll
[2014.07.24 16:03:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2014.07.24 16:03:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2014.07.24 16:03:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfctrs.dll
[2014.07.24 16:03:40 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfctrs.dll
[2014.07.24 16:03:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfproc.dll
[2014.07.24 16:03:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LangCleanupSysprepAction.dll
[2014.07.24 16:03:40 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfproc.dll
[2014.07.24 16:03:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfos.dll
[2014.07.24 16:03:40 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcls.dll
[2014.07.24 16:03:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcls.dll
[2014.07.24 16:03:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MUILanguageCleanup.dll
[2014.07.24 16:03:39 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2014.07.24 16:03:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2014.07.24 14:43:41 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014.07.24 14:43:39 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2014.07.24 14:43:39 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014.07.24 14:43:38 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014.07.24 14:43:37 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2014.07.24 14:43:36 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014.07.24 14:43:35 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014.07.24 14:43:35 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014.07.24 14:43:34 | 001,622,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014.07.24 14:43:32 | 000,285,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014.07.24 14:43:32 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014.07.24 14:43:32 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014.07.24 14:43:31 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014.07.24 14:43:31 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014.07.24 14:43:31 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014.07.24 14:43:31 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014.07.24 14:43:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014.07.24 14:43:31 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014.07.24 14:43:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014.07.24 12:51:54 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014.07.24 12:51:52 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014.07.24 12:51:47 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2014.07.24 12:51:46 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2014.07.24 12:51:41 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014.07.24 12:51:41 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2014.07.24 12:51:37 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2014.07.24 12:51:37 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2014.07.24 12:51:36 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2014.07.24 11:43:04 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014.07.24 11:43:03 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014.07.24 11:43:00 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014.07.24 11:42:59 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014.07.24 11:42:58 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014.07.24 11:42:58 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014.07.24 11:42:58 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2014.07.24 11:42:58 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2014.07.24 11:42:58 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmmbase.dll
[2014.07.24 11:42:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmmbase.dll
[2014.07.24 11:42:58 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmm.dll
[2014.07.24 11:42:56 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014.07.24 11:42:56 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2014.07.24 11:42:56 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wwanadvui.dll
[2014.07.24 11:42:56 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2014.07.24 11:42:56 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2014.07.24 11:42:56 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2014.07.24 11:42:56 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014.07.24 11:42:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\openfiles.exe
[2014.07.24 11:42:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014.07.24 11:42:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014.07.24 11:42:55 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014.07.24 11:42:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\openfiles.exe
[2014.07.24 09:32:45 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2014.07.24 09:32:45 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014.07.24 08:54:10 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014.07.24 08:54:08 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014.07.24 08:54:08 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014.07.24 08:54:08 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014.07.24 08:54:06 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2014.07.24 08:54:05 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014.07.24 08:54:05 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014.07.24 08:54:04 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014.07.24 08:54:04 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014.07.24 08:54:03 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014.07.24 08:54:01 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014.07.24 08:54:01 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscms.dll
[2014.07.24 08:54:00 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2014.07.24 08:54:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2014.07.24 08:53:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2014.07.24 08:53:59 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2014.07.24 08:53:58 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeParserTask.exe
[2014.07.24 08:53:57 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2014.07.24 08:53:57 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys
[2014.07.23 11:05:23 | 001,557,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014.07.23 11:05:23 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014.07.23 09:38:04 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2014.07.23 09:38:04 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2014.07.23 09:38:04 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptnet.dll
[2014.07.22 08:57:50 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Nero_AG
[2014.07.22 08:56:48 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Nero
[2014.07.22 00:54:52 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\ATI
[2014.07.22 00:54:52 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\ATI
[2014.07.22 00:54:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.07.21 22:29:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\N360_BACKUP
[2014.07.21 14:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.07.21 14:12:22 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Google
[2014.07.21 14:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014.07.21 11:54:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2014.07.21 09:43:08 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2014.07.21 09:43:03 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014.07.21 09:43:03 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014.07.21 09:43:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014.07.21 09:42:52 | 001,890,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2014.07.21 09:42:46 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2014.07.21 09:42:46 | 000,498,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2014.07.21 09:42:46 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2014.07.21 09:42:41 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2014.07.21 09:42:39 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2014.07.21 09:42:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll
[2014.07.21 09:42:38 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll
[2014.07.21 09:42:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll
[2014.07.21 09:42:37 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2014.07.21 09:42:37 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014.07.21 09:42:37 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014.07.21 09:42:36 | 002,062,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014.07.21 09:42:36 | 001,711,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014.07.21 09:42:36 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014.07.21 09:42:36 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014.07.21 09:42:36 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014.07.21 09:42:36 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2014.07.21 09:42:36 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2014.07.21 09:42:36 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014.07.21 09:42:33 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2014.07.21 09:42:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2014.07.21 09:42:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2014.07.21 09:42:31 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2014.07.21 09:42:30 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2014.07.20 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Macromedia
[2014.07.20 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\CrashRpt
[2014.07.20 18:31:39 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Tencent
[2014.07.20 18:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Tencent
[2014.07.20 18:27:34 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014.07.20 18:25:24 | 000,693,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014.07.20 18:25:24 | 000,628,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationUI.exe
[2014.07.20 18:25:23 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014.07.20 18:25:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.07.20 18:25:23 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2014.07.20 18:25:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.07.20 18:24:10 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014.07.20 18:24:09 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014.07.20 18:24:09 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014.07.20 18:24:09 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014.07.20 18:24:09 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014.07.20 18:23:14 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014.07.20 18:23:14 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2014.07.20 18:23:13 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2014.07.20 18:23:12 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2014.07.20 18:23:12 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014.07.20 18:23:12 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2014.07.20 18:23:12 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSSync.dll
[2014.07.20 18:23:12 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014.07.20 18:23:12 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSSync.dll
[2014.07.20 18:23:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2014.07.20 18:23:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2014.07.20 18:23:12 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014.07.20 18:23:12 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014.07.20 18:23:11 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcln.dll
[2014.07.20 18:23:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupcln.dll
[2014.07.20 18:23:11 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2014.07.20 18:23:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014.07.20 18:22:49 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2014.07.20 18:20:06 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014.07.20 18:20:06 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014.07.20 18:20:05 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014.07.20 18:20:05 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2014.07.20 18:19:58 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014.07.20 18:19:58 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014.07.20 18:19:58 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014.07.20 18:19:58 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014.07.20 18:17:02 | 000,269,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014.07.20 18:17:01 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014.07.20 18:16:55 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014.07.20 18:14:26 | 000,054,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys
[2014.07.20 18:13:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys
[2014.07.20 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Mozilla
[2014.07.20 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Mozilla
[2014.07.20 18:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.07.20 18:04:08 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014.07.20 18:04:07 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014.07.20 18:04:06 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2014.07.20 18:04:05 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2014.07.20 18:04:05 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014.07.20 18:04:05 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014.07.20 18:04:05 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2014.07.20 18:04:04 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014.07.20 18:04:04 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2014.07.20 18:04:03 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2014.07.20 18:04:03 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2014.07.20 18:04:03 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014.07.20 18:04:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2014.07.20 18:04:02 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2014.07.20 18:04:02 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll
[2014.07.20 18:04:01 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll
[2014.07.20 18:04:00 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsquirt.exe
[2014.07.20 18:04:00 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2014.07.20 18:04:00 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2014.07.20 18:04:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll
[2014.07.20 18:04:00 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2014.07.20 18:04:00 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL
[2014.07.20 18:04:00 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2014.07.20 18:03:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
[2014.07.20 18:00:29 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InkEd.dll
[2014.07.20 17:43:07 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014.07.20 17:43:07 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014.07.20 17:41:28 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014.07.20 17:41:26 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2014.07.20 17:41:25 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2014.07.20 17:41:24 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2014.07.20 17:41:23 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2014.07.20 17:41:23 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2014.07.20 17:41:22 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2014.07.20 17:41:22 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014.07.20 17:41:22 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014.07.20 17:41:22 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014.07.20 17:41:22 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2014.07.20 17:41:22 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014.07.20 17:41:21 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014.07.20 17:41:21 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2014.07.20 17:41:21 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2014.07.20 17:41:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2014.07.20 17:41:20 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2014.07.20 17:41:20 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2014.07.20 17:41:20 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2014.07.20 17:41:19 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2014.07.20 17:41:19 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2014.07.20 17:41:19 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2014.07.20 17:41:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2014.07.20 17:41:18 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014.07.20 17:41:18 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2014.07.20 17:41:17 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2014.07.20 17:41:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2014.07.20 17:41:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2014.07.20 17:41:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2014.07.20 17:41:01 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2014.07.20 17:41:00 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2014.07.20 17:41:00 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014.07.20 17:41:00 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014.07.20 17:40:43 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll
[2014.07.20 17:40:43 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll
[2014.07.20 17:40:43 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2014.07.20 17:40:42 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2014.07.20 17:40:42 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll
[2014.07.20 17:40:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2014.07.20 17:40:42 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll
[2014.07.20 17:40:41 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2014.07.20 17:40:41 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2014.07.20 17:40:41 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2014.07.20 17:40:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe
[2014.07.20 17:40:41 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe
[2014.07.20 17:40:41 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe
[2014.07.20 17:40:40 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe
[2014.07.20 17:40:32 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014.07.20 17:40:32 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014.07.20 17:40:07 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014.07.20 17:40:07 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014.07.20 17:40:05 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014.07.20 17:39:55 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014.07.20 17:39:55 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014.07.20 17:39:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2014.07.20 17:39:22 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014.07.20 17:39:01 | 006,987,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014.07.20 17:38:57 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014.07.20 17:38:56 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\objsel.dll
[2014.07.20 17:38:56 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2014.07.20 17:38:56 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2014.07.20 17:38:55 | 001,043,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2014.07.20 17:38:55 | 000,961,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014.07.20 17:38:55 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\objsel.dll
[2014.07.20 17:38:55 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014.07.20 17:38:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dimsroam.dll
[2014.07.20 17:38:54 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dimsroam.dll
[2014.07.20 17:38:54 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2014.07.20 17:38:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workerdd.dll
[2014.07.20 17:38:45 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014.07.20 17:34:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.07.20 17:34:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014.07.20 17:34:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.07.20 17:34:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.07.20 17:34:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014.07.20 17:34:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.07.20 17:34:27 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.07.20 17:34:26 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.07.20 17:34:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.07.20 17:34:26 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014.07.20 17:34:26 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014.07.20 17:34:25 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014.07.20 17:34:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.07.20 17:34:21 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.07.20 17:34:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014.07.20 17:34:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.07.20 17:34:15 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014.07.20 17:34:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014.07.20 17:34:08 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014.07.20 17:33:43 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.07.20 17:33:42 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014.07.20 17:33:41 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014.07.20 17:28:23 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014.07.20 17:28:23 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2014.07.20 17:28:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2014.07.20 17:28:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2014.07.20 17:28:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2014.07.20 17:28:16 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014.07.20 17:28:16 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2014.07.20 17:27:31 | 003,842,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014.07.20 17:27:31 | 002,238,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014.07.20 17:26:13 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014.07.20 17:26:13 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014.07.20 17:25:00 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014.07.20 17:25:00 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014.07.20 17:24:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2014.07.20 17:24:29 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2014.07.20 17:24:08 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014.07.20 17:23:48 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2014.07.20 17:23:48 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2014.07.20 17:23:44 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2014.07.20 17:23:43 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2014.07.20 17:23:40 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2014.07.20 17:23:37 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2014.07.20 17:23:36 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014.07.20 17:23:33 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2014.07.20 17:23:30 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
[2014.07.20 17:23:28 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2014.07.20 17:23:28 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_10ec.dll
[2014.07.20 17:23:28 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014.07.20 17:23:27 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014.07.20 17:23:27 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2014.07.20 17:23:25 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2014.07.20 17:23:25 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014.07.20 17:23:25 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2014.07.20 17:23:25 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014.07.20 17:23:25 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014.07.20 17:23:25 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2014.07.20 17:23:24 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2014.07.20 17:23:24 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014.07.20 17:23:24 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014.07.20 17:23:22 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2014.07.20 17:23:22 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2014.07.20 17:23:22 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2014.07.20 17:23:22 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014.07.20 17:23:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll
[2014.07.20 17:23:22 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll
[2014.07.20 17:23:22 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2014.07.20 17:23:22 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascfg.dll
[2014.07.20 17:23:22 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rascfg.dll
[2014.07.20 17:23:21 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014.07.20 17:23:21 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2014.07.20 17:23:21 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014.07.20 17:23:21 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2014.07.20 17:23:21 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2014.07.20 17:23:21 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdvm.dll
[2014.07.20 17:23:20 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2014.07.20 17:23:20 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2014.07.20 17:23:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll
[2014.07.20 17:23:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2014.07.20 17:23:20 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2014.07.20 17:23:19 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2014.07.20 17:23:19 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenuineCenter.dll
[2014.07.20 17:23:19 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2014.07.20 17:23:19 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014.07.20 17:23:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2014.07.20 17:23:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmifs.dll
[2014.07.20 17:23:18 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcat.dll
[2014.07.20 17:23:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhmanagew.exe
[2014.07.20 17:23:18 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhshl.dll
[2014.07.20 17:23:18 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvc.dll
[2014.07.20 17:23:18 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2014.07.20 17:23:18 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchapi.dll
[2014.07.20 17:23:18 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdiag.dll
[2014.07.20 17:23:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchph.dll
[2014.07.20 17:23:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhlisten.dll
[2014.07.20 17:23:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdiag.dll
[2014.07.20 17:23:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcleanup.dll
[2014.07.20 17:23:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fmifs.dll
[2014.07.20 17:23:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2014.07.20 17:23:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2014.07.20 17:23:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2014.07.20 17:23:17 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhautoplay.dll
[2014.07.20 17:23:17 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndptsp.tsp
[2014.07.20 17:23:17 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndptsp.tsp
[2014.07.20 17:23:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmxs.dll
[2014.07.20 17:23:17 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhtask.dll
[2014.07.20 17:23:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasmxs.dll
[2014.07.20 17:23:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasser.dll
[2014.07.20 17:23:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasser.dll
[2014.07.20 17:23:16 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kmddsp.tsp
[2014.07.20 17:23:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kmddsp.tsp
[2014.07.20 17:23:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2014.07.20 17:23:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwmp.dll
[2014.07.20 17:23:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwmp.dll
[2014.07.20 17:23:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2014.07.20 17:23:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2014.07.20 17:23:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdxm.ocx
[2014.07.20 17:23:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxmasf.dll
[2014.07.20 17:23:15 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL
[2014.07.20 17:23:14 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL
[2014.07.20 17:19:12 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014.07.20 17:19:11 | 008,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014.07.20 17:19:09 | 002,304,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014.07.20 17:19:09 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014.07.20 17:19:09 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014.07.20 17:19:08 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014.07.20 17:18:37 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014.07.20 17:18:37 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014.07.20 17:10:53 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2014.07.20 17:10:53 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2014.07.20 17:10:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2014.07.20 17:10:53 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2014.07.20 16:23:06 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2014.07.20 16:22:58 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\GEARAspi64.dll
[2014.07.20 16:22:58 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysWow64\GEARAspi.dll
[2014.07.20 16:22:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64
[2014.07.20 16:22:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0700000.012
[2014.07.20 16:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2014.07.20 16:22:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2014.07.19 13:45:59 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symefa64.sys
[2014.07.19 13:45:59 | 000,875,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys
[2014.07.19 13:45:59 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symnets.sys
[2014.07.19 13:45:59 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symds64.sys
[2014.07.19 13:45:59 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ironx64.sys
[2014.07.19 13:45:59 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ccsetx64.sys
[2014.07.19 13:45:59 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys
[2014.07.19 13:45:59 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symelam.sys
[2014.07.19 13:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D
[2014.07.19 13:41:20 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014.07.19 13:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014.07.19 13:37:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64
[2014.07.19 13:37:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014.07.19 13:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2014.07.19 13:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2014.07.19 13:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014.07.19 12:04:12 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\WildTangent
[2014.07.19 11:48:12 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Atheros
[2014.07.19 11:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_YAHOO
[2014.07.19 11:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Preload
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Searches
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Contacts
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.07.19 11:47:18 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Adobe
[2014.07.19 11:46:26 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Synaptics
[2014.07.19 11:46:07 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\VirtualStore
[2014.07.19 11:45:53 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Packages
[2014.07.19 11:45:43 | 000,000,000 | --SD | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Videos
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Saved Games
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Pictures
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Music
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Links
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Favorites
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Downloads
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Documents
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Desktop
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AppData\Local\Temporary Internet Files
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Start-meny
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Skrivere
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\SendTo
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Recent
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Programdata
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AppData\Local\Programdata
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Mine dokumenter
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Documents\Mine bilder
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Documents\Min musikk
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Maler
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Lokale innstillinger
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AppData\Local\Logg
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Documents\Intern video
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Cookies
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AndrMask
[2014.07.19 11:45:43 | 000,000,000 | -H-D | C] -- C:\Users\Hespetreet\AppData
[2014.07.19 11:45:43 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Temp
[2014.07.19 11:45:43 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Microsoft
[2014.07.19 11:45:43 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.07.19 11:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014.07.19 11:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2014.07.19 11:07:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014.07.19 06:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2014.07.19 06:28:41 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Canneverbe Limited
[2014.07.19 06:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2014.07.19 06:25:39 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Macromedia
[2014.07.19 05:52:00 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
========== Files - Modified Within 30 Days ==========
[2014.08.10 00:43:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hespetreet\Desktop\OTL.exe
[2014.08.10 00:17:00 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.08.10 00:05:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.08.09 19:24:31 | 000,007,625 | ---- | M] () -- C:\Users\Hespetreet\AppData\Local\Resmon.ResmonCfg
[2014.08.09 19:04:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\NUSchedule.job
[2014.08.09 18:58:55 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.08.09 17:50:51 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2014.08.09 14:17:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.08.09 13:00:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\SpeedDiskSchedule.job
[2014.08.09 12:20:54 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\NUAutoUpdate.job
[2014.08.09 12:19:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.08.09 12:19:23 | 380,006,399 | -HS- | M] () -- C:\hiberfil.sys
[2014.08.09 12:18:29 | 000,000,577 | ---- | M] () -- C:\Users\Hespetreet\Documents\rød.rtf
[2014.08.07 08:28:36 | 001,534,910 | ---- | M] () -- C:\Users\Hespetreet\Documents\Borte.rtf
[2014.08.07 05:39:18 | 000,007,555 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokumentccc.rtf
[2014.08.06 12:32:10 | 006,050,006 | ---- | M] () -- C:\Users\Hespetreet\Documents\xtranr 4.rtf
[2014.08.06 01:49:53 | 001,081,344 | ---- | M] () -- C:\Users\Hespetreet\s-1-5-21-3604915464-1756807762-4202892429-1001.rrr
[2014.08.04 15:13:37 | 000,000,236 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokumenty.rtf
[2014.08.04 14:11:31 | 000,001,359 | ---- | M] () -- C:\Users\Hespetreet\Documents\nort.rtf
[2014.08.04 10:07:03 | 000,178,264 | ---- | M] () -- C:\Users\Hespetreet\Documents\1.jpg
[2014.08.03 19:35:23 | 006,050,001 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokumentx.rtf
[2014.08.03 19:33:02 | 011,347,276 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokument.rtf
[2014.08.02 11:48:12 | 000,015,799 | ---- | M] () -- C:\Users\Hespetreet\Documents\artx.odt
[2014.08.01 14:24:02 | 000,014,240 | ---- | M] () -- C:\Users\Hespetreet\Documents\xx.rtf
[2014.07.31 22:49:37 | 000,000,172 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\isolate.ini
[2014.07.31 12:53:15 | 000,042,291 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\VT20140731.006
[2014.07.31 12:27:50 | 000,001,195 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities 16.lnk
[2014.07.31 12:23:14 | 000,021,977 | ---- | M] () -- C:\WINDOWS\is-F874M.msg
[2014.07.31 12:23:14 | 000,000,346 | ---- | M] () -- C:\WINDOWS\is-F874M.lst
[2014.07.31 12:23:13 | 001,550,880 | ---- | M] () -- C:\WINDOWS\is-F874M.exe
[2014.07.31 12:19:27 | 004,288,559 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014.07.29 20:26:46 | 000,001,238 | ---- | M] () -- C:\Users\Hespetreet\Desktop\Norton Download Manager.lnk
[2014.07.29 20:07:22 | 001,362,464 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.07.29 20:07:22 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.07.29 20:07:22 | 000,449,912 | ---- | M] () -- C:\WINDOWS\SysNative\perfh014.dat
[2014.07.29 20:07:22 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.07.29 20:07:22 | 000,077,052 | ---- | M] () -- C:\WINDOWS\SysNative\perfc014.dat
[2014.07.28 17:45:27 | 000,281,680 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.07.28 17:45:12 | 670,148,535 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014.07.27 19:53:29 | 000,002,536 | ---- | M] () -- C:\Users\Hespetreet\Documents\arti.rtf
[2014.07.27 19:48:58 | 000,002,890 | ---- | M] () -- C:\Users\Hespetreet\Documents\art.odt
[2014.07.23 07:13:10 | 000,030,068 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symvtcer.dat
[2014.07.21 14:13:12 | 000,002,225 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.20 18:09:51 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.07.20 16:53:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014.07.19 13:49:34 | 000,002,331 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014.07.19 13:41:19 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014.07.19 13:41:19 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014.07.19 13:41:19 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014.07.19 06:40:32 | 1044,938,752 | ---- | M] () -- C:\NBRT.iso
[2014.07.19 06:28:41 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
========== Files Created - No Company Name ==========
[2014.08.09 12:18:29 | 000,000,577 | ---- | C] () -- C:\Users\Hespetreet\Documents\rød.rtf
[2014.08.08 15:18:30 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symelam64.cat
[2014.08.08 15:18:30 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symnet64.cat
[2014.08.08 15:18:30 | 000,001,440 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symnet.inf
[2014.08.08 15:18:29 | 000,008,194 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symefa64.cat
[2014.08.08 15:18:29 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symds64.cat
[2014.08.08 15:18:29 | 000,003,433 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symefa.inf
[2014.08.08 15:18:29 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symds.inf
[2014.08.08 15:18:29 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symelam.inf
[2014.08.08 15:18:23 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtspx64.cat
[2014.08.08 15:18:23 | 000,001,437 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtsp64.inf
[2014.08.08 15:18:23 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtspx64.inf
[2014.08.08 15:18:22 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ccsetx64.cat
[2014.08.08 15:18:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtsp64.cat
[2014.08.08 15:18:22 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\iron.cat
[2014.08.08 15:18:22 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ccsetx64.inf
[2014.08.08 15:18:22 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\iron.inf
[2014.08.08 15:16:55 | 000,030,068 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symvtcer.dat
[2014.08.08 15:16:53 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\isolate.ini
[2014.08.07 07:30:33 | 001,534,910 | ---- | C] () -- C:\Users\Hespetreet\Documents\Borte.rtf
[2014.08.06 12:32:10 | 006,050,006 | ---- | C] () -- C:\Users\Hespetreet\Documents\xtranr 4.rtf
[2014.08.06 12:24:42 | 000,178,264 | ---- | C] () -- C:\Users\Hespetreet\Documents\1.jpg
[2014.08.06 01:49:53 | 001,081,344 | ---- | C] () -- C:\Users\Hespetreet\s-1-5-21-3604915464-1756807762-4202892429-1001.rrr
[2014.08.04 23:54:54 | 000,007,555 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokumentccc.rtf
[2014.08.04 15:13:37 | 000,000,236 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokumenty.rtf
[2014.08.04 00:03:11 | 000,001,359 | ---- | C] () -- C:\Users\Hespetreet\Documents\nort.rtf
[2014.08.03 19:35:23 | 006,050,001 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokumentx.rtf
[2014.08.03 16:28:28 | 011,347,276 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokument.rtf
[2014.08.03 06:46:18 | 000,007,625 | ---- | C] () -- C:\Users\Hespetreet\AppData\Local\Resmon.ResmonCfg
[2014.08.01 14:38:00 | 000,000,356 | ---- | C] () -- C:\WINDOWS\tasks\SpeedDiskSchedule.job
[2014.08.01 00:55:30 | 000,042,291 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\VT20140731.006
[2014.07.31 19:56:39 | 000,014,240 | ---- | C] () -- C:\Users\Hespetreet\Documents\xx.rtf
[2014.07.31 19:55:23 | 000,015,799 | ---- | C] () -- C:\Users\Hespetreet\Documents\artx.odt
[2014.07.31 19:20:19 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\NUSchedule.job
[2014.07.31 12:28:05 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\NUAutoUpdate.job
[2014.07.31 12:27:50 | 000,001,195 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities 16.lnk
[2014.07.31 12:23:14 | 000,000,346 | ---- | C] () -- C:\WINDOWS\is-F874M.lst
[2014.07.31 12:23:13 | 001,550,880 | ---- | C] () -- C:\WINDOWS\is-F874M.exe
[2014.07.31 12:23:13 | 000,021,977 | ---- | C] () -- C:\WINDOWS\is-F874M.msg
[2014.07.31 12:23:11 | 000,042,624 | ---- | C] () -- C:\WINDOWS\SysNative\CleanMFT64.exe
[2014.07.28 17:45:15 | 000,281,680 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.07.28 17:45:12 | 670,148,535 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014.07.27 19:53:29 | 000,002,536 | ---- | C] () -- C:\Users\Hespetreet\Documents\arti.rtf
[2014.07.27 19:47:13 | 000,002,890 | ---- | C] () -- C:\Users\Hespetreet\Documents\art.odt
[2014.07.24 22:45:07 | 000,387,268 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.07.21 14:13:12 | 000,002,225 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.21 14:12:25 | 000,001,016 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.07.21 14:12:24 | 000,001,012 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.07.20 20:38:13 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.07.20 18:23:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014.07.20 18:23:11 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.07.20 18:09:50 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.07.20 18:09:47 | 000,001,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.07.20 16:53:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014.07.20 16:22:26 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0700000.012\isolate.ini
[2014.07.19 13:49:37 | 004,288,559 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014.07.19 13:45:59 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symelam64.cat
[2014.07.19 13:45:59 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ccsetx64.cat
[2014.07.19 13:45:59 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtspx64.cat
[2014.07.19 13:45:59 | 000,008,194 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symefa64.cat
[2014.07.19 13:45:59 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symnet64.cat
[2014.07.19 13:45:59 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtsp64.cat
[2014.07.19 13:45:59 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symds64.cat
[2014.07.19 13:45:59 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\iron.cat
[2014.07.19 13:45:59 | 000,003,433 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symefa.inf
[2014.07.19 13:45:59 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symds.inf
[2014.07.19 13:45:59 | 000,001,440 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symnet.inf
[2014.07.19 13:45:59 | 000,001,437 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtsp64.inf
[2014.07.19 13:45:59 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtspx64.inf
[2014.07.19 13:45:59 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symelam.inf
[2014.07.19 13:45:59 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ccsetx64.inf
[2014.07.19 13:45:59 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\iron.inf
[2014.07.19 13:45:53 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014.07.19 13:41:20 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014.07.19 13:41:20 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014.07.19 13:41:17 | 000,002,331 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014.07.19 11:47:18 | 000,001,446 | ---- | C] () -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.07.19 11:07:48 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014.07.19 11:07:45 | 380,006,399 | -HS- | C] () -- C:\hiberfil.sys
[2014.07.19 06:28:41 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2014.07.19 06:28:40 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2014.07.19 06:04:18 | 1044,938,752 | ---- | C] () -- C:\NBRT.iso
[2014.07.19 05:52:00 | 000,001,238 | ---- | C] () -- C:\Users\Hespetreet\Desktop\Norton Download Manager.lnk
[2013.04.26 20:34:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.04.09 15:17:42 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013.04.09 15:17:42 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013.04.09 15:17:42 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013.04.09 15:17:39 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013.04.09 15:17:39 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2012.11.27 10:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.28 10:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.28 08:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.07.19 06:28:41 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Canneverbe Limited
[2014.07.31 12:09:28 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Product_NU16
[2014.07.19 11:46:26 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Synaptics
[2014.07.20 18:31:42 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Tencent
[2014.07.20 17:22:54 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\WildTangent
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16384_en-us_7bca26f6f419a854\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16433_en-us_7bff382ef3f2006f\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16726_en-us_7c0d0eaaf3e727f8\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20534_en-us_7c89d5440d0eb990\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20837_en-us_7c8cdbd40d0bfd0a\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_3696cd177bf59a86\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16433_nb-no_36cbde4f7bcdf2a1\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16726_nb-no_36d9b4cb7bc31a2a\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20534_nb-no_37567b6494eaabc2\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20837_nb-no_375981f494e7ef3c\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16384_none_6e8451187a9a1607\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16420_none_6ec1315e7a6d062c\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16433_none_6eb962507a726e22\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.20521_none_6f4bce739389bf4d\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.20534_none_6f43ff65938f2743\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2014.07.31 01:31:00 | 000,191,929 | ---- | M] () MD5=0DFFA20BC55B04EB41A645B2B3C090AF -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013.06.01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013.06.01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2014.07.31 01:30:51 | 000,191,911 | ---- | M] () MD5=7EE632A61E017550EA93DE43B2F5E11A -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2014.07.29 19:49:58 | 000,220,310 | ---- | M] () MD5=8245C120A0228DF5FEDA420EEA92073A -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2014.07.31 01:31:10 | 000,190,101 | ---- | M] () MD5=88FFBEDEE68E55114100F40018C8502E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2014.07.31 01:30:41 | 000,193,351 | ---- | M] () MD5=D7BB0E752E2500BC35445E8DF43C64E8 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2014.07.29 19:49:52 | 000,221,955 | ---- | M] () MD5=E6BB49E22BE475CD8D9A8E4F09C94D88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013.06.01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013.06.01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
[2014.07.29 19:50:04 | 000,220,321 | ---- | M] () MD5=F684C576CFB3780C22C6F5289540A455 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2014.07.29 19:50:10 | 000,217,360 | ---- | M] () MD5=FAE1FCD1E42A50D856EB908554431055 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\en-US\explorer.exe.mui
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_en-us_5ebc2e81fd6600eb\explorer.exe.mui
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_en-us_6910d8d431c6c2e6\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\nb-NO\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\nb-NO\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_1988d4a28541f31d\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_23dd7ef4b9a2b518\explorer.exe.mui
< MD5 for: EXPLORER.EXE-03C49D11.PF >
[2014.08.08 15:20:17 | 000,305,452 | ---- | M] () MD5=36360316CDBA6839FEBCE737F49EBEB7 -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
< MD5 for: IEXPLORE.EXE >
[2014.07.31 01:32:49 | 000,005,047 | ---- | M] () MD5=1EC7A0840B5D42FDFC091483A869A58F -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.21145_none_2ba102e53a13fa8e\iexplore.exe
[2014.07.30 09:44:14 | 000,006,966 | ---- | M] () MD5=24670320D89511DDA191DDA6151AA248 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_21212dc505d3918f\iexplore.exe
[2014.07.30 09:44:07 | 000,006,981 | ---- | M] () MD5=2BC908FD7537A5636F6B0A936556AC32 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_37f8bacaec24e2f1\iexplore.exe
[2014.07.30 09:44:17 | 000,006,954 | ---- | M] () MD5=2E073528F85BFCBF00428E0A2F22B0E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20589_none_2124bd0505d07710\iexplore.exe
[2014.07.31 01:32:44 | 000,006,458 | ---- | M] () MD5=2F71A41DFC21337640B166530CE9186D -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20557_none_2b7694093a33b9c4\iexplore.exe
[2014.07.31 01:32:37 | 000,006,438 | ---- | M] () MD5=33B73A238448C89C169F701F7A0EEA7D -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16484_none_42524fc720813d40\iexplore.exe
[2014.07.31 01:32:34 | 000,006,395 | ---- | M] () MD5=5155938C91796D10D4C98E1B076059A1 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16453_none_424f65b12083d79a\iexplore.exe
[2014.07.31 01:32:29 | 000,006,437 | ---- | M] () MD5=5B3164964927CA11615547C18EACEBF1 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_424d651d2085a4ec\iexplore.exe
[2014.07.30 09:44:11 | 000,006,971 | ---- | M] () MD5=67602FE7AB7B1A2A3D72DDEE1EB63F39 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16484_none_37fda574ec207b45\iexplore.exe
[2014.07.30 09:44:10 | 000,006,964 | ---- | M] () MD5=693D23212F9A8E20C6E40C868C50DA66 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16453_none_37fabb5eec23159f\iexplore.exe
[2014.07.31 01:32:41 | 000,006,411 | ---- | M] () MD5=89094B3EC5AC021DB4CB945DC44967CA -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_2b75d8173a34538a\iexplore.exe
[2014.07.30 09:44:13 | 000,006,974 | ---- | M] () MD5=9B84E83112577BB2DB07AA30AFF1A260 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_21202d7b05d47838\iexplore.exe
[2014.07.31 01:32:46 | 000,006,435 | ---- | M] () MD5=A14B020D2A42AE23D3E21E33518D8683 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20589_none_2b7967573a31390b\iexplore.exe
[2014.07.31 01:32:32 | 000,006,445 | ---- | M] () MD5=A8E0F48369B0B18850EFAF31AD731303 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_424e7c2f2084a4a2\iexplore.exe
[2014.06.19 06:18:02 | 000,775,320 | ---- | M] (Microsoft Corporation) MD5=B606732D1F1948DF9CE9E30517E17268 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014.06.19 06:18:02 | 000,775,320 | ---- | M] (Microsoft Corporation) MD5=B606732D1F1948DF9CE9E30517E17268 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.17028_none_38228a2eec05d722\iexplore.exe
[2014.07.30 09:44:09 | 000,006,957 | ---- | M] () MD5=CC87EE8E26F460DCF2F79A673A52C3DE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_37f9d1dcec23e2a7\iexplore.exe
[2014.07.30 09:44:06 | 000,006,931 | ---- | M] () MD5=E2959839CBCB3881F2F3B216EDB756CE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_38087560ec185f54\iexplore.exe
[2014.07.31 01:32:39 | 000,006,428 | ---- | M] () MD5=E9AE9BD5A3C867FEF119200131583E18 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_2b74d7cd3a353a33\iexplore.exe
[2014.07.30 09:44:18 | 000,004,062 | ---- | M] () MD5=EEC65E0DE4E99D7BCDFF16E4048FBB56 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.21145_none_214c589305b33893\iexplore.exe
[2014.07.31 01:32:27 | 000,006,831 | ---- | M] () MD5=F19C332E8E54180D5B5E3765CFCB603F -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_425d1fb32079214f\iexplore.exe
[2014.06.19 03:13:09 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=F37633EA6056B7F7DE685FB7F6DFB1FC -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014.06.19 03:13:09 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=F37633EA6056B7F7DE685FB7F6DFB1FC -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.17028_none_427734812066991d\iexplore.exe
[2014.07.30 09:44:16 | 000,006,954 | ---- | M] () MD5=F5895B4C5FB676EB79A26A886E10ED73 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20557_none_2121e9b705d2f7c9\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Program Files (x86)\Internet Explorer\nb-NO\iexplore.exe.mui
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Program Files\Internet Explorer\nb-NO\iexplore.exe.mui
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_nb-no_ec81b0f8aba1926d\iexplore.exe.mui
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_nb-no_f6d65b4ae0025468\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_en-us_31b50ad823c5a03b\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_en-us_3c09b52a58266236\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-7A9337F2.PF >
[2014.08.08 15:21:17 | 000,129,926 | ---- | M] () MD5=6DDDF7E11A4A9B9FF8086FA19CE9B81D -- C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
< MD5 for: IEXPLORE.EXE-F4FB5D2F.PF >
[2014.08.08 15:21:33 | 000,269,264 | ---- | M] () MD5=82C1C03DBC1C3BD4E52DE7D9F3A7EC90 -- C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
< MD5 for: SERVICES >
[2014.08.09 12:18:02 | 000,093,580 | ---- | M] () MD5=C2CB626533B5A32CA0C43404F4329577 -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\MMC\services
[2012.07.26 07:26:47 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.2.9200.16384_none_8e0944daeed62829\services
< MD5 for: SERVICES.EXE >
[2014.07.30 12:09:33 | 000,001,252 | ---- | M] () MD5=348BBC0997F12A346E802238B7A10743 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_98a9ea2e9f571eb2\services.exe
[2012.09.20 08:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\WINDOWS\SysNative\services.exe
[2012.09.20 08:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[2014.07.30 12:09:32 | 000,038,189 | ---- | M] () MD5=A06C65A37A48D1CD522F12A0CEBDB101 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2012.07.26 09:48:33 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2012.07.26 09:48:33 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_en-us_c2c6ee7bafb963b8\services.exe.mui
[2013.04.26 21:10:11 | 000,019,456 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysNative\nb-NO\services.exe.mui
[2013.04.26 21:10:11 | 000,019,456 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_7d93949c379555ea\services.exe.mui
< MD5 for: SERVICES.JS >
[2014.07.20 18:37:28 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.308_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:37:12 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.308_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:37:54 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingSports_2.0.0.310_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:34:42 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.319_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:38:12 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:54:34 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:23:54 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingNews_1.7.0.27_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:54:46 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingSports_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:23:16 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:54:24 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
< MD5 for: SERVICES.LNK >
[2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.lnk
< MD5 for: SERVICES.MOF >
[2012.06.02 16:35:05 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2012.06.02 16:35:05 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\services.mof
< MD5 for: SERVICES.MSC >
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2012.06.02 16:31:20 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2012.06.02 16:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_fd08be678622fdab\services.msc
[2012.06.02 16:31:20 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.msc
[2012.06.02 16:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_3282345b03dfdcd5\services.msc
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_a0ea22e3cdc58c75\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\WINDOWS\SysNative\nb-NO\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\Windows\SysWOW64\nb-NO\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_b7d564880dfeefdd\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_5bb6c90455a17ea7\services.msc
< MD5 for: SERVICES.PTXML >
[2012.07.25 22:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2012.07.25 22:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2013.04.26 21:10:51 | 000,008,583 | ---- | M] () MD5=787DDCA2128570E80753702FF3C248D4 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_a89a5f0cee8221f2\WinLogon.adml
[2012.07.26 09:49:05 | 000,008,017 | ---- | M] () MD5=C270056255498A723E7331EFF1AA162F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.2.9200.16384_en-us_edcdb8ec66a62fc0\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2012.06.02 16:34:22 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.2.9200.16384_none_d3d704270306719d\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2014.07.30 17:47:24 | 000,082,923 | ---- | M] () MD5=074C6F8BE6B1E5FC4631DDDDE36C35AC -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2014.07.30 17:47:22 | 000,082,933 | ---- | M] () MD5=60A6E655A6CE36A30EB3143780EA975A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2014.04.12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\WINDOWS\SysNative\winlogon.exe
[2014.04.12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_c87ee12f5ec0739b\winlogon.exe
[2014.04.12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17014_none_c8d83b755e7d1081\winlogon.exe
[2014.07.30 17:47:32 | 000,072,808 | ---- | M] () MD5=7A24F7763DEE7CA7ABA008927E3B707A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21133_none_c94b381e77abced6\winlogon.exe
[2014.07.30 17:47:30 | 000,072,808 | ---- | M] () MD5=7C3E1E29E27AFACA4364F62D84624EA4 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_c95fd5c6779c8076\winlogon.exe
[2014.07.30 17:47:29 | 000,082,427 | ---- | M] () MD5=B9F8135D86DF7A3E298911409D4BCAE9 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2014.07.30 17:47:27 | 000,082,925 | ---- | M] () MD5=CEBD61BCC3F4C7BA57AF73FD09828E58 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2014.07.30 17:47:25 | 000,082,423 | ---- | M] () MD5=DFD4A1D1C48DD0B4BA33FF508FB9BCBC -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2012.07.26 09:48:51 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=B9094B7088CD579E5AED57A693F9BFBD -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2012.07.26 09:48:51 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=B9094B7088CD579E5AED57A693F9BFBD -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.2.9200.16384_en-us_23c238ef8ddaa831\winlogon.exe.mui
[2013.04.26 21:10:26 | 000,024,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysNative\nb-NO\winlogon.exe.mui
[2013.04.26 21:10:26 | 000,024,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_de8edf1015b69a63\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2012.07.26 09:48:52 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2012.07.26 09:48:52 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.2.9200.16384_en-us_81848abaa91301c6\winlogon.mfl
[2013.04.26 21:10:26 | 000,001,080 | ---- | M] () MD5=B77C9DEE4508725B86AC3575C9E10A49 -- C:\WINDOWS\SysNative\wbem\nb-NO\winlogon.mfl
[2013.04.26 21:10:26 | 000,001,080 | ---- | M] () MD5=B77C9DEE4508725B86AC3575C9E10A49 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_3c5130db30eef3f8\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2012.07.25 22:30:16 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2012.07.25 22:30:16 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.2.9200.16384_none_d9027134ffac135f\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2012.06.02 16:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014.08.09 12:19:23 | 380,006,399 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.19 06:40:32 | 1044,938,752 | ---- | M] () -- C:\NBRT.iso
[2014.08.09 12:19:27 | 1610,612,735 | -HS- | M] () -- C:\pagefile.sys
[2014.07.19 03:07:23 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2014.08.09 12:19:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.08.05 00:03:07 | 000,427,178 | ---- | M] () -- C:\TDSSKiller.3.0.0.40_05.08.2014_00.00.56_log.txt
< %systemroot%\Fonts\*.com >
[2013.04.09 14:34:54 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013.04.09 14:34:54 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013.04.09 14:34:54 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013.04.09 14:34:54 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2012.07.26 10:11:41 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2012.07.26 10:11:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is Packard Bell
Volume Serial Number is FCD8-3BFE
Directory of C:\
26.07.2012 09:22 <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
26.07.2012 09:22 <JUNCTION> Application Data [C:\ProgramData]
26.07.2012 09:22 <JUNCTION> Desktop [C:\Users\Public\Desktop]
26.07.2012 09:22 <JUNCTION> Documents [C:\Users\Public\Documents]
26.07.2012 09:22 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
26.07.2012 09:22 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
26.07.2012 09:22 <SYMLINKD> All Users [C:\ProgramData]
26.07.2012 09:22 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
26.07.2012 09:22 <JUNCTION> Application Data [C:\ProgramData]
26.07.2012 09:22 <JUNCTION> Desktop [C:\Users\Public\Desktop]
26.07.2012 09:22 <JUNCTION> Documents [C:\Users\Public\Documents]
26.07.2012 09:22 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
26.07.2012 09:22 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
26.07.2012 09:22 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
26.07.2012 09:22 <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
26.07.2012 09:22 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
26.07.2012 09:22 <JUNCTION> My Documents [C:\Users\Default\Documents]
26.07.2012 09:22 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
26.07.2012 09:22 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
26.07.2012 09:22 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
26.07.2012 09:22 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
26.07.2012 09:22 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
26.07.2012 09:22 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
26.07.2012 09:22 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
26.07.2012 09:22 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
26.07.2012 09:22 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
26.07.2012 09:22 <JUNCTION> My Music [C:\Users\Default\Music]
26.07.2012 09:22 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
26.07.2012 09:22 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Hespetreet
19.07.2014 11:45 <JUNCTION> AndrMask [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19.07.2014 11:45 <JUNCTION> Cookies [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Cookies]
19.07.2014 11:45 <JUNCTION> Lokale innstillinger [C:\Users\Hespetreet\AppData\Local]
19.07.2014 11:45 <JUNCTION> Maler [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Templates]
19.07.2014 11:45 <JUNCTION> Mine dokumenter [C:\Users\Hespetreet\Documents]
19.07.2014 11:45 <JUNCTION> Programdata [C:\Users\Hespetreet\AppData\Roaming]
19.07.2014 11:45 <JUNCTION> Recent [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Recent]
19.07.2014 11:45 <JUNCTION> SendTo [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\SendTo]
19.07.2014 11:45 <JUNCTION> Skrivere [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19.07.2014 11:45 <JUNCTION> Start-meny [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu]
0 File(s) 0 bytes
Directory of C:\Users\Hespetreet\AppData\Local
19.07.2014 11:45 <JUNCTION> Logg [C:\Users\Hespetreet\AppData\Local\Microsoft\Windows\History]
19.07.2014 11:45 <JUNCTION> Programdata [C:\Users\Hespetreet\AppData\Local]
19.07.2014 11:45 <JUNCTION> Temporary Internet Files [C:\Users\Hespetreet\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu
19.07.2014 11:45 <JUNCTION> Programmer [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 File(s) 0 bytes
Directory of C:\Users\Hespetreet\Documents
19.07.2014 11:45 <JUNCTION> Intern video [C:\Users\Hespetreet\Videos]
19.07.2014 11:45 <JUNCTION> Min musikk [C:\Users\Hespetreet\Music]
19.07.2014 11:45 <JUNCTION> Mine bilder [C:\Users\Hespetreet\Pictures]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
26.07.2012 09:22 <JUNCTION> My Music [C:\Users\Public\Music]
26.07.2012 09:22 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
26.07.2012 09:22 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
49 Dir(s) 685ÿ589ÿ454ÿ848 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014.07.19 12:09:43 | 000,000,223 | -HS- | M] () -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014.08.10 00:43:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hespetreet\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:792D4CF1
< End of report >