Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit Issue


  • This topic is locked This topic is locked
33 replies to this topic

#1 Kairyn

Kairyn

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 16 October 2012 - 05:32 AM

I've been fighting my computer for about 3 weeks now trying to get it to stop freezing (It 'hangs' for 4-50 seconds at seemingly random.) GMER comes up with nothing, MalwareBytes comes up with nothing.. Basically nothing came up with anything, voltage is within adequate levels. Computer isn't overheating, drivers are functioning. Caps on the motherboard are fine... Everything is plugged in as it should be. I went as far as to analyze wait chains on hanging processes (Apparently they're all getting stuck on Network I/O). I even reinstalled all my windows files with no results (As in I didn't actually reformat and just replaced the Windows files instead... Reformatting isn't an option here because I have no way to back up my files). I even ran a process manager (procmon) that logged every event happening on my computer to see if I could find anything... Nope. Lucky for me, in a last ditch effort CatchMe found something! Yay.

detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error

Some poking around tells me flat out that I have a rootkit (again, though this is on a different system this time) though this one seems much more subversive.

Here's my DDS Log.

DDS (Ver_2012-10-14.05) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by Weeny at 4:17:59 on 2012-10-16
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.7935.5134 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\notepad.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
StartupFolder: C:\Users\Weeny\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{F40EBE39-39C2-425B-8BBE-F8E183DF8010} : DHCPNameServer = 192.168.1.254 75.153.176.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - ExtSQL: 2012-10-11 15:01; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-10-14 18:10; redirectbypasser@moonlight21.com; C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\redirectbypasser@moonlight21.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-27 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-11 399432]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-10-11 46136]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-7-27 10278912]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-7-27 368640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-10-12 1342064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-11 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-11 25928]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-11 1255736]
.
=============== Created Last 30 ================
.
2012-10-16 10:02:20 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1C263D22-0D8F-40A1-82E3-CD1339946D25}\offreg.dll
2012-10-16 09:27:46 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1C263D22-0D8F-40A1-82E3-CD1339946D25}\mpengine.dll
2012-10-15 09:27:31 -------- d-----w- C:\Windows\System32\SPReview
2012-10-15 09:26:12 -------- d-----w- C:\Windows\System32\EventProviders
2012-10-15 00:18:56 -------- d-----w- C:\Program Files (x86)\Cheat Engine 6.2
2012-10-14 20:53:29 9308616 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-13 17:27:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll
2012-10-13 01:54:33 -------- d-----w- C:\Program Files\Paint.NET
2012-10-13 01:54:24 -------- d-----w- C:\Users\Weeny\AppData\Local\Paint.NET
2012-10-13 00:49:25 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-13 00:49:24 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B0440F3-FB3A-49F0-92AF-CAE84AC2ACBC}\gapaengine.dll
2012-10-12 23:40:58 -------- d-----w- C:\Program Files (x86)\BitTorrent
2012-10-12 23:40:24 -------- d-----w- C:\Users\Weeny\AppData\Roaming\BitTorrent
2012-10-12 21:04:58 992368 ----a-w- C:\Windows\System32\VIAPropPageExt.dll
2012-10-12 21:04:58 91760 ----a-w- C:\Windows\System32\Dts2PropPageExt.dll
2012-10-12 21:04:58 86016 ----a-w- C:\Windows\System32\nQPropPageExt.dll
2012-10-12 21:04:58 83056 ----a-w- C:\Windows\System32\ViaMicArrayPropPageExt.dll
2012-10-12 21:04:58 82432 ----a-w- C:\Windows\System32\nQAPO.dll
2012-10-12 21:04:58 549488 ----a-w- C:\Windows\System32\VIASysFx.dll
2012-10-12 21:04:58 248944 ----a-w- C:\Windows\System32\Dts2APO.dll
2012-10-12 21:04:58 199280 ----a-w- C:\Windows\System32\ViaMicArrayAPO.dll
2012-10-12 21:04:58 1342064 ----a-w- C:\Windows\System32\drivers\viahduaa.sys
2012-10-12 21:04:27 414632 ------w- C:\Windows\difxapi.dll
2012-10-12 21:04:27 -------- d-----w- C:\Program Files (x86)\VIA
2012-10-12 20:46:34 -------- d-----w- C:\Users\Weeny\AppData\Roaming\.minecraft
2012-10-12 20:39:31 -------- d-----w- C:\ProgramData\Nexon
2012-10-12 20:37:28 -------- d-----w- C:\ProgramData\NexonUS
2012-10-12 05:30:03 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-10-12 05:30:03 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-10-12 05:29:54 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-12 05:28:13 -------- d-----w- C:\Users\Weeny\AppData\Roaming\.purple
2012-10-12 05:27:13 -------- d-----w- C:\Program Files (x86)\Pidgin
2012-10-12 00:32:01 -------- d-----w- C:\Windows\SysWow64\Wat
2012-10-12 00:32:01 -------- d-----w- C:\Windows\System32\Wat
2012-10-11 23:28:24 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-10-11 23:28:24 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-10-11 22:50:44 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-10-11 22:50:44 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-10-11 22:39:21 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2012-10-11 22:35:41 -------- d-----w- C:\Users\Weeny\AppData\Roaming\Auslogics
2012-10-11 22:35:26 -------- d-----w- C:\Program Files (x86)\Auslogics
2012-10-11 22:26:00 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2012-10-11 22:25:57 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-10-11 22:25:36 -------- d-----w- C:\Users\Weeny\AppData\Local\LogMeIn Hamachi
2012-10-11 22:25:26 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-10-11 22:25:26 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-10-11 22:25:26 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-10-11 22:25:26 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-10-11 22:25:26 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-10-11 22:25:26 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-10-11 22:25:26 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-10-11 22:25:26 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-10-11 22:25:26 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-10-11 22:25:25 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-10-11 22:23:00 748680 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2012-10-11 22:23:00 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2012-10-11 22:23:00 161792 ----a-w- C:\Windows\SysWow64\msls31.dll
2012-10-11 22:23:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-11 22:23:00 107008 ----a-w- C:\Program Files (x86)\Internet Explorer\iecleanup.exe
2012-10-11 21:57:42 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-10-11 21:57:42 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-10-11 21:57:42 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-10-11 21:57:41 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-10-11 21:57:41 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-10-11 21:54:33 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2012-10-11 21:51:55 4068864 ----a-w- C:\Windows\System32\mf.dll
2012-10-11 21:50:59 208896 ----a-w- C:\Windows\System32\profsvc.dll
2012-10-11 21:47:37 -------- d-----w- C:\Users\Weeny\AppData\Local\thq
2012-10-11 21:47:27 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-10-11 21:47:27 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-10-11 21:47:20 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-10-11 21:47:20 31232 ----a-w- C:\Windows\System32\prevhost.exe
2012-10-11 21:47:07 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-10-11 21:47:06 67584 ----a-w- C:\Windows\splwow64.exe
2012-10-11 21:47:06 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-10-11 21:47:06 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-10-11 21:43:04 -------- d-----w- C:\Users\Weeny\AppData\Local\AMD
2012-10-11 21:42:33 -------- d-----w- C:\Users\Weeny\AppData\Local\ATI
2012-10-11 21:41:13 0 ----a-w- C:\Windows\ativpsrm.bin
2012-10-11 21:26:58 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-10-11 21:26:57 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-10-11 21:26:57 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-10-11 21:17:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-10-11 21:17:37 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-10-11 21:17:05 -------- d-----w- C:\Users\Weeny\AppData\Roaming\Malwarebytes
2012-10-11 21:16:22 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-11 21:16:20 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-11 21:16:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-11 21:16:07 -------- d-----w- C:\Users\Weeny\AppData\Local\Macromedia
2012-10-11 21:15:54 -------- d-----w- C:\Program Files\CCleaner
2012-10-11 21:15:42 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-11 21:15:42 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-11 21:12:25 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-10-11 21:12:18 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-10-11 21:11:58 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-10-11 20:42:53 -------- d-----w- C:\Windows\Panther
2012-10-11 20:41:30 -------- d-----r- C:\Program Files (x86)\Skype
2012-10-11 20:40:50 -------- d-----w- C:\ProgramData\AMD
2012-10-11 20:40:48 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2012-10-11 20:40:20 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-10-11 20:39:09 -------- d-----w- C:\AMD
2012-10-11 20:35:32 -------- d-----w- C:\Users\Weeny\AppData\Roaming\Dropbox
2012-10-11 20:26:45 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2012-10-11 20:25:57 91648 ----a-w- C:\Windows\SysWow64\avifil32.dll
2012-10-11 20:22:35 -------- d-----w- C:\Users\Weeny\AppData\Local\Mozilla
2012-10-11 20:21:59 -------- d-----w- C:\Program Files (x86)\Steam
2012-10-11 20:21:59 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-10-11 20:05:28 77312 ----a-w- C:\Windows\System32\packager.dll
2012-10-11 20:05:28 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-10-11 20:04:18 6368256 ----a-w- C:\Windows\System32\drivers\atipmdag.sys
2012-10-11 20:04:18 420864 ----a-w- C:\Windows\System32\atipdl64.dll
2012-10-11 20:04:18 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2012-10-11 20:04:18 274432 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2012-10-11 20:04:18 118784 ----a-w- C:\Windows\System32\atibtmon.exe
2012-10-11 20:04:18 116736 ----a-w- C:\Windows\System32\drivers\AtiHdmi.sys
2012-10-11 20:04:18 -------- d-sh--w- C:\Windows\Installer
2012-10-11 20:04:17 16440 ----a-w- C:\Windows\System32\drivers\AtiPcie.sys
2012-10-11 20:04:17 -------- d-----w- C:\Program Files\ATI
2012-10-11 20:03:02 -------- d-----w- C:\Program Files\ATI Technologies
2012-10-11 20:01:48 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{635FFF36-C7E9-41EB-AD30-F875DEB62CF8}\mpengine.dll
2012-10-11 20:01:46 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-10-11 20:01:27 139264 ----a-w- C:\Windows\System32\cabview.dll
2012-10-11 20:01:27 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2012-10-11 19:43:52 -------- d-----w- C:\Users\Weeny\Data
2012-10-11 19:43:52 -------- d-----r- C:\Users\Weeny\Dropbox
2012-10-11 19:42:13 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-10-11 19:40:51 -------- d-sh--w- C:\Recovery
2012-09-22 00:06:49 -------- d-----w- C:\Program Files (x86)\NAMCO BANDAI Games
.
==================== Find3M ====================
.
2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-31 04:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-31 04:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-11 00:53:01 714752 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:54:04 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-08-02 17:55:04 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 17:05:42 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-07-28 04:09:20 5538984 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-07-28 04:07:44 10278912 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-07-28 03:43:12 70144 ----a-w- C:\Windows\System32\coinst_8.982.dll
2012-07-28 03:19:34 24935424 ----a-w- C:\Windows\System32\atio6axx.dll
2012-07-28 02:50:10 20546560 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-07-28 02:15:50 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-07-28 02:15:42 931328 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-07-28 02:13:56 1100288 ----a-w- C:\Windows\System32\aticfx64.dll
2012-07-28 02:10:40 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-07-28 02:10:34 534528 ----a-w- C:\Windows\System32\atieclxx.exe
2012-07-28 02:09:44 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-07-28 02:08:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-07-28 02:08:04 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-07-28 02:07:58 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-07-28 02:07:52 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-07-28 02:07:10 6430208 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-07-28 01:51:12 7052288 ----a-w- C:\Windows\System32\atidxx64.dll
2012-07-28 01:41:32 4266496 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-07-28 01:35:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-07-28 01:35:08 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-07-28 01:35:02 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-07-28 01:35:00 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-07-28 01:34:48 16034304 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-07-28 01:32:32 4751872 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-07-28 01:30:10 13605888 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-07-28 01:25:52 6676480 ----a-w- C:\Windows\System32\atiumd64.dll
2012-07-28 01:15:32 540160 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-07-28 01:15:22 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-07-28 01:15:12 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-07-28 01:15:08 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-07-28 01:15:08 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-07-28 01:15:04 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-07-28 01:14:56 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-07-28 01:14:46 368640 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-07-28 01:13:54 129536 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-07-28 01:13:48 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-07-28 01:13:40 103936 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-07-28 01:13:32 83456 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-07-28 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-07-18 17:31:12 3146752 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 4:18:19.77 ===============

And here's logs from OTL which for the love of me I can't read (For shame considering I took two years of programming. >-< D'oh!)


OTL logfile created on: 16/10/2012 4:03:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Weeny\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.75 Gb Total Physical Memory | 5.23 Gb Available Physical Memory | 67.55% Memory free
15.50 Gb Paging File | 12.50 Gb Available in Paging File | 80.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.33 Gb Total Space | 610.26 Gb Free Space | 66.53% Space Free | Partition Type: NTFS

Computer Name: WEENY-PC | User Name: Weeny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Weeny\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\mssvoice.asi ()
MOD - C:\Program Files (x86)\Steam\bin\mssmp3.asi ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.1) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 7D C8 33 F3 A7 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: redirectbypasser@moonlight21.com:1.6.3
FF - prefs.js..extensions.enabledAddons: {77d2ed30-4cd2-11e0-b8af-0800200c9a66}:4.8.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/11 15:00:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/10/11 14:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Extensions
[2012/10/14 18:10:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions
[2012/10/11 14:25:03 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2012/10/14 18:10:31 | 000,000,000 | ---D | M] (RedirectBypasser) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\redirectbypasser@moonlight21.com
[2012/10/11 15:01:31 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/11 15:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/11 15:00:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/10 19:06:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/10 19:05:38 | 000,001,607 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2012/10/10 19:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/10 19:05:38 | 000,001,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2012/10/10 19:05:38 | 000,003,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012/10/10 19:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/10/10 19:05:38 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2012/10/10 19:05:38 | 000,001,309 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - Startup: C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.153.176.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F40EBE39-39C2-425B-8BBE-F8E183DF8010}: DhcpNameServer = 192.168.1.254 75.153.176.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/16 04:02:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Weeny\Desktop\OTL.exe
[2012/10/15 03:27:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/10/15 03:26:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/10/15 03:00:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/10/14 18:19:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Documents\My Cheat Tables
[2012/10/14 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2012/10/14 17:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/10/13 11:28:54 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\FLT
[2012/10/13 11:28:13 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/10/13 11:28:13 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/10/13 11:28:13 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/10/13 11:28:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/10/13 11:28:13 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/10/13 11:28:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/10/13 11:28:12 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/10/13 11:28:12 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/10/13 11:28:12 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/10/13 11:28:12 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/10/13 11:28:12 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/10/13 11:28:12 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/10/13 11:28:11 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/10/13 11:28:11 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/10/13 11:28:11 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/10/13 11:28:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/10/13 11:28:10 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/10/13 11:28:10 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/10/13 11:28:10 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/10/13 11:28:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/10/13 11:28:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/10/13 11:28:09 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/10/13 11:28:09 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/10/13 11:28:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/10/13 11:28:08 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/10/13 11:28:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/10/13 11:28:07 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/10/13 11:28:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/10/13 11:28:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/10/13 11:28:07 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/10/13 11:28:06 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/10/13 11:28:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/10/13 11:28:06 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/10/13 11:28:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/10/13 11:28:05 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/10/13 11:28:05 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/10/13 11:28:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/10/13 11:28:05 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/10/13 11:28:05 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/10/13 11:28:05 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/10/13 11:28:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/10/13 11:28:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/10/13 11:28:04 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/10/13 11:28:04 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/10/13 11:28:03 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/10/13 11:28:03 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/10/13 11:28:03 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/10/13 11:28:03 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/10/13 11:28:03 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/10/13 11:28:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/10/13 11:28:03 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/10/13 11:28:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/10/13 11:28:02 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/10/13 11:28:02 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/10/13 11:28:02 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/10/13 11:28:02 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/10/13 11:28:01 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/10/13 11:28:01 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/10/13 11:28:01 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/10/13 11:28:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/10/13 11:28:01 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/10/13 11:28:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/10/13 11:28:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/10/13 11:28:00 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/10/13 11:28:00 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/10/13 11:28:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/10/13 11:27:59 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/10/13 11:27:59 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/10/13 11:27:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/10/13 11:27:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/10/13 11:27:59 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/10/13 11:27:59 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/10/13 11:27:58 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/10/13 11:27:58 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/10/13 11:27:58 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/10/13 11:27:58 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/10/13 11:27:58 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/10/13 11:27:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/10/13 11:27:57 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/10/13 11:27:57 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/10/13 11:27:57 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/10/13 11:27:57 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/10/13 11:27:56 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/10/13 11:27:56 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/10/13 11:27:56 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/10/13 11:27:56 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/10/13 11:27:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/10/13 11:27:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/10/13 11:27:56 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/10/13 11:27:56 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/10/13 11:27:55 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/10/13 11:27:55 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/10/13 11:27:54 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/10/13 11:27:54 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/10/13 11:27:53 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/10/13 11:27:53 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/10/13 11:27:53 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/10/13 11:27:53 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/10/13 11:27:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/10/13 11:27:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/10/13 11:27:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/10/13 11:27:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/10/13 11:27:52 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/10/13 11:27:52 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/10/13 11:27:51 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/10/13 11:27:51 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/10/13 11:27:50 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/10/13 11:27:50 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/10/13 11:27:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/10/13 11:27:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/10/13 11:27:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/10/13 11:27:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/10/13 11:27:46 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/10/13 11:27:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/10/13 11:27:45 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/10/13 11:27:45 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/10/13 11:27:45 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/10/13 11:27:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/10/13 11:27:45 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/10/13 11:27:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/10/13 11:27:43 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/10/13 11:27:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/10/13 11:27:43 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/10/13 11:27:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/10/13 11:27:43 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/10/13 11:27:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/10/13 11:27:43 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/10/13 11:27:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/10/13 11:27:42 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/10/13 11:27:42 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/10/13 11:27:41 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/10/13 11:27:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/10/13 11:27:40 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/10/13 11:27:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/10/13 11:27:39 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/10/13 11:27:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/10/13 11:27:39 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/10/13 11:27:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/10/13 11:27:39 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/10/13 11:27:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/10/13 11:27:37 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/10/13 11:27:37 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/10/13 11:27:35 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/10/13 11:27:35 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/10/13 11:27:35 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/10/13 11:27:35 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/10/13 11:27:34 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/10/13 11:27:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/10/13 11:27:33 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/10/13 11:27:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/10/13 11:27:33 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/10/13 11:27:33 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/10/13 11:27:32 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/10/13 11:27:32 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/10/13 11:27:32 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/10/13 11:27:32 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/10/13 11:27:31 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/10/13 11:27:31 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/10/13 11:27:30 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/10/13 11:27:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/10/13 11:27:30 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/10/13 11:27:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/10/13 11:27:28 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/10/13 11:27:28 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/10/13 11:27:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/10/13 11:27:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/10/13 11:27:18 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/10/13 11:27:18 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/10/13 11:27:18 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/10/13 11:27:18 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/10/13 11:27:17 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/10/13 11:27:17 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/10/13 11:27:16 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/10/13 11:27:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/10/13 11:27:16 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/10/13 11:27:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/10/13 11:27:15 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/10/13 11:27:15 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/10/13 11:27:13 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/10/13 11:27:13 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/10/13 11:27:12 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/10/13 11:27:12 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/10/12 19:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2012/10/12 19:54:24 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Paint.NET
[2012/10/12 17:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/10/12 17:40:24 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\BitTorrent
[2012/10/12 15:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/10/12 15:04:58 | 001,342,064 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012/10/12 15:04:58 | 000,992,368 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012/10/12 15:04:58 | 000,549,488 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012/10/12 15:04:58 | 000,248,944 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2012/10/12 15:04:58 | 000,199,280 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012/10/12 15:04:58 | 000,091,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2012/10/12 15:04:58 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012/10/12 15:04:58 | 000,083,056 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012/10/12 15:04:58 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012/10/12 15:04:27 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012/10/12 15:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012/10/12 15:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/10/12 14:46:34 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\.minecraft
[2012/10/12 14:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/10/12 14:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/10/11 23:30:03 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/10/11 23:30:03 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/10/11 23:30:03 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/10/11 23:29:54 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/10/11 23:29:54 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/10/11 23:29:54 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/10/11 23:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/10/11 23:28:13 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\.purple
[2012/10/11 23:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2012/10/11 18:32:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/10/11 18:32:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/10/11 18:09:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Notepad++
[2012/10/11 16:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/10/11 16:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/10/11 16:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/10/11 16:35:41 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Auslogics
[2012/10/11 16:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/10/11 16:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2012/10/11 16:26:00 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012/10/11 16:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/10/11 16:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/10/11 16:25:36 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\LogMeIn Hamachi
[2012/10/11 16:25:26 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/10/11 16:25:26 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/10/11 16:25:26 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/10/11 16:25:26 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/10/11 16:25:26 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/10/11 16:25:26 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/10/11 16:25:26 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012/10/11 16:25:25 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/10/11 16:23:00 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/11 16:22:59 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/11 16:22:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/11 16:22:59 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/11 16:22:59 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/11 16:22:59 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/11 16:22:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/11 16:22:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/11 16:22:59 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/11 16:22:59 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/11 16:22:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/11 16:22:59 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/11 16:22:59 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/11 16:22:59 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/11 16:22:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/11 16:22:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/11 16:22:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/11 16:22:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/11 16:22:59 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/11 16:22:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/11 16:22:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/11 16:22:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/11 16:22:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/11 16:22:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/11 16:22:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/11 16:22:58 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/11 16:22:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/11 16:22:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/11 16:22:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/11 16:22:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/11 16:22:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/11 16:22:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/11 16:22:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/11 16:22:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/11 16:22:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/11 16:22:57 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/11 16:22:57 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/11 16:22:57 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/11 16:22:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/11 16:22:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/11 16:22:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/11 16:22:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/11 16:22:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/11 16:22:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/11 16:22:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/11 16:22:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/11 16:22:57 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/11 16:22:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/11 16:22:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/11 16:22:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/11 16:22:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/11 16:22:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/11 16:22:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/11 16:22:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/11 16:22:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/11 16:22:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/11 16:22:56 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/11 16:22:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/11 16:22:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/11 16:22:56 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/11 16:22:56 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/11 16:22:56 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/11 16:22:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/11 16:22:56 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/11 16:22:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/11 16:22:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/11 16:22:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/11 16:22:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/11 16:22:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/11 16:22:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/11 16:22:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/11 16:22:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/11 15:57:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/10/11 15:57:42 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/10/11 15:52:33 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/10/11 15:52:33 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/10/11 15:52:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/10/11 15:52:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/10/11 15:52:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/10/11 15:52:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/10/11 15:52:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/10/11 15:52:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/10/11 15:52:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/10/11 15:52:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/10/11 15:52:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/10/11 15:52:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/10/11 15:52:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/11 15:52:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/11 15:52:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/10/11 15:52:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/10/11 15:52:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/11 15:52:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/11 15:52:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/11 15:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/10/11 15:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/10/11 15:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/10/11 15:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/10/11 15:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/10/11 15:52:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/10/11 15:52:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/10/11 15:51:55 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/10/11 15:51:55 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012/10/11 15:51:54 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/10/11 15:51:53 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012/10/11 15:51:53 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/10/11 15:51:53 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/10/11 15:51:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/10/11 15:51:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/10/11 15:51:52 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/10/11 15:51:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/10/11 15:51:52 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/10/11 15:51:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/10/11 15:51:51 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/10/11 15:51:47 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/10/11 15:51:46 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/10/11 15:51:46 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/10/11 15:51:46 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/10/11 15:51:45 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/10/11 15:51:45 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/10/11 15:51:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/10/11 15:51:45 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/10/11 15:51:44 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/10/11 15:51:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/10/11 15:51:44 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/10/11 15:51:44 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/10/11 15:51:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/10/11 15:51:39 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012/10/11 15:51:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/10/11 15:51:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012/10/11 15:51:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012/10/11 15:51:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/10/11 15:51:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012/10/11 15:51:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/10/11 15:51:35 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/10/11 15:51:35 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/10/11 15:51:31 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012/10/11 15:51:27 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2012/10/11 15:51:27 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012/10/11 15:51:26 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2012/10/11 15:51:26 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012/10/11 15:51:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2012/10/11 15:51:26 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2012/10/11 15:51:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2012/10/11 15:51:25 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012/10/11 15:51:25 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012/10/11 15:51:25 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2012/10/11 15:51:25 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012/10/11 15:51:25 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012/10/11 15:51:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2012/10/11 15:51:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2012/10/11 15:51:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012/10/11 15:51:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012/10/11 15:51:12 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/10/11 15:51:11 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/10/11 15:51:10 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/10/11 15:51:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/10/11 15:51:07 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/10/11 15:51:06 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/10/11 15:51:05 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/10/11 15:51:03 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/10/11 15:51:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/10/11 15:51:02 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/10/11 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\thq
[2012/10/11 15:47:27 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/10/11 15:47:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/10/11 15:47:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/10/11 15:47:07 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/10/11 15:47:06 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/10/11 15:47:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/10/11 15:43:04 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\AMD
[2012/10/11 15:42:33 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\ATI
[2012/10/11 15:42:33 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\ATI
[2012/10/11 15:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/10/11 15:26:58 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/10/11 15:26:57 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/10/11 15:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/10/11 15:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/10/11 15:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/10/11 15:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/10/11 15:17:05 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Malwarebytes
[2012/10/11 15:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/11 15:16:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/11 15:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/11 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Macromedia
[2012/10/11 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Macromedia
[2012/10/11 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Adobe
[2012/10/11 15:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/11 15:15:42 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/11 15:15:42 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/11 15:15:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/10/11 15:15:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/10/11 15:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/10/11 15:14:21 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/10/11 15:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/10/11 15:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2012/10/11 15:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/10/11 15:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/10/11 15:11:58 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/10/11 15:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/11 14:42:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/10/11 14:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/10/11 14:41:36 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Skype
[2012/10/11 14:41:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/10/11 14:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/10/11 14:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/10/11 14:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/10/11 14:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012/10/11 14:40:48 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2012/10/11 14:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/10/11 14:39:09 | 000,000,000 | ---D | C] -- C:\AMD
[2012/10/11 14:36:32 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/10/11 14:35:32 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Dropbox
[2012/10/11 14:27:45 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/10/11 14:27:44 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/10/11 14:27:44 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/10/11 14:27:43 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/10/11 14:27:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/10/11 14:27:41 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/10/11 14:27:41 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/10/11 14:27:41 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/10/11 14:27:41 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/10/11 14:27:41 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/10/11 14:27:41 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/10/11 14:27:39 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/10/11 14:27:39 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/10/11 14:27:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/10/11 14:27:39 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/10/11 14:27:39 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012/10/11 14:27:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/10/11 14:27:38 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012/10/11 14:27:37 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012/10/11 14:27:35 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/10/11 14:27:35 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/10/11 14:27:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/10/11 14:27:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/10/11 14:27:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/10/11 14:27:24 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/10/11 14:27:24 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/10/11 14:27:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/10/11 14:27:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/10/11 14:27:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/10/11 14:27:23 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/10/11 14:27:23 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/10/11 14:27:23 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/10/11 14:27:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/10/11 14:27:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/10/11 14:27:23 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/10/11 14:27:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/10/11 14:27:22 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/10/11 14:27:22 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/10/11 14:27:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/10/11 14:27:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/10/11 14:27:11 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/10/11 14:27:11 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/10/11 14:27:10 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/10/11 14:27:10 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/10/11 14:27:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/10/11 14:27:07 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/10/11 14:27:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/10/11 14:27:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/10/11 14:27:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/10/11 14:27:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/10/11 14:27:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/10/11 14:27:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/10/11 14:27:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/10/11 14:27:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/10/11 14:27:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/10/11 14:26:44 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012/10/11 14:26:44 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012/10/11 14:26:44 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/10/11 14:26:44 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012/10/11 14:26:44 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012/10/11 14:26:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/10/11 14:26:44 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012/10/11 14:26:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/10/11 14:26:39 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012/10/11 14:26:39 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/10/11 14:26:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/10/11 14:26:31 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/10/11 14:26:29 | 005,505,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/11 14:26:29 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/10/11 14:26:28 | 003,902,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/10/11 14:26:25 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012/10/11 14:26:24 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/10/11 14:26:24 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/10/11 14:26:24 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/10/11 14:26:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/10/11 14:26:23 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/10/11 14:26:20 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/10/11 14:25:57 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/11 14:25:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/10/11 14:25:57 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/10/11 14:25:50 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/10/11 14:25:50 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/10/11 14:25:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/10/11 14:25:50 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/10/11 14:25:50 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/10/11 14:25:50 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/10/11 14:25:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/10/11 14:25:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/10/11 14:25:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/10/11 14:25:50 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/10/11 14:25:40 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/10/11 14:25:40 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/10/11 14:25:40 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/10/11 14:25:40 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/10/11 14:25:40 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/10/11 14:25:40 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/10/11 14:25:40 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/10/11 14:25:38 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/10/11 14:25:38 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/10/11 14:25:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012/10/11 14:25:34 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/10/11 14:25:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/10/11 14:25:33 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/10/11 14:25:33 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/10/11 14:25:33 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/10/11 14:25:33 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/10/11 14:25:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/10/11 14:25:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/10/11 14:25:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/10/11 14:25:25 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/10/11 14:25:24 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/10/11 14:25:23 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/10/11 14:25:22 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/10/11 14:25:21 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/10/11 14:25:21 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/10/11 14:25:20 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/10/11 14:25:20 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/10/11 14:25:14 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/10/11 14:25:14 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/10/11 14:25:13 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/10/11 14:25:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/10/11 14:25:10 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/11 14:25:09 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/11 14:22:35 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Mozilla
[2012/10/11 14:22:35 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Mozilla
[2012/10/11 14:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/10/11 14:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/10/11 14:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/10/11 14:06:38 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Documents\My Games
[2012/10/11 14:05:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/10/11 14:05:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/10/11 14:04:18 | 006,368,256 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2012/10/11 14:04:18 | 000,420,864 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2012/10/11 14:04:18 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2012/10/11 14:04:18 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2012/10/11 14:04:18 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012/10/11 14:04:18 | 000,116,736 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2012/10/11 14:04:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/10/11 14:04:17 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2012/10/11 14:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/10/11 14:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/10/11 14:01:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/10/11 14:01:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/10/11 13:43:52 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Dropbox
[2012/10/11 13:43:52 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Data
[2012/10/11 13:42:13 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/10/11 13:42:13 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/10/11 13:42:13 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/10/11 13:41:59 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/10/11 13:41:59 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/10/11 13:41:59 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/10/11 13:41:36 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/10/11 13:41:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/10/11 13:41:35 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/10/11 13:41:35 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Searches
[2012/10/11 13:41:35 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/10/11 13:41:35 | 000,000,000 | -H-D | C] -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/10/11 13:41:17 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Identities
[2012/10/11 13:41:13 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Contacts
[2012/10/11 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\VirtualStore
[2012/10/11 13:41:03 | 000,000,000 | --SD | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Videos
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Saved Games
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Pictures
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Music
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Links
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Favorites
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Downloads
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Documents
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Desktop
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\AppData\Local\Temporary Internet Files
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Templates
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Start Menu
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\SendTo
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Recent
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\PrintHood
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\NetHood
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Documents\My Videos
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Documents\My Pictures
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Documents\My Music
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\My Documents
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Local Settings
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\AppData\Local\History
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Cookies
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Application Data
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\AppData\Local\Application Data
[2012/10/11 13:41:03 | 000,000,000 | -H-D | C] -- C:\Users\Weeny\AppData
[2012/10/11 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Temp
[2012/10/11 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Microsoft
[2012/10/11 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Media Center Programs
[2012/10/11 13:40:51 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/10/11 05:51:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/10/11 05:49:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/09/21 18:21:09 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Documents\NBGI
[2012/09/21 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAMCO BANDAI Games

========== Files - Modified Within 30 Days ==========

[2012/10/16 04:02:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Weeny\Desktop\OTL.exe
[2012/10/16 03:56:58 | 000,147,456 | ---- | M] () -- C:\Users\Weeny\Desktop\catchme.exe
[2012/10/15 03:24:06 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/15 03:24:06 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/15 03:23:55 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/15 03:23:55 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/15 03:23:55 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/15 03:16:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/15 03:16:41 | 1945,505,791 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/14 18:19:01 | 000,001,085 | ---- | M] () -- C:\Users\Weeny\Desktop\Cheat Engine.lnk
[2012/10/13 03:25:26 | 000,007,599 | ---- | M] () -- C:\Users\Weeny\AppData\Local\Resmon.ResmonCfg
[2012/10/12 19:55:31 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/10/12 17:41:00 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/10/11 23:29:41 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/10/11 23:29:39 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/10/11 23:29:39 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/10/11 23:29:39 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/10/11 23:29:38 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/10/11 23:29:38 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/10/11 23:27:31 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2012/10/11 18:37:40 | 000,001,437 | ---- | M] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/11 18:35:06 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/11 16:35:27 | 000,001,246 | ---- | M] () -- C:\Users\Weeny\Desktop\Auslogics Disk Defrag.lnk
[2012/10/11 16:25:58 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/10/11 16:23:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/11 16:22:59 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/11 16:22:59 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/11 16:22:59 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/11 16:22:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/11 16:22:59 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/11 16:22:59 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/11 16:22:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/11 16:22:59 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/11 16:22:59 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/11 16:22:59 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/11 16:22:59 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/11 16:22:59 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/11 16:22:59 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/11 16:22:59 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/11 16:22:59 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/11 16:22:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/11 16:22:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/11 16:22:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/11 16:22:59 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/11 16:22:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/11 16:22:59 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/11 16:22:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/11 16:22:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/11 16:22:59 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/11 16:22:59 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/11 16:22:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/11 16:22:58 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/11 16:22:58 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/11 16:22:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/11 16:22:58 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/11 16:22:58 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/11 16:22:58 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/11 16:22:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/11 16:22:58 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/11 16:22:58 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/11 16:22:57 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/11 16:22:57 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/11 16:22:57 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/11 16:22:57 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/11 16:22:57 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/11 16:22:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/11 16:22:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/11 16:22:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/11 16:22:57 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/11 16:22:57 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/11 16:22:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/11 16:22:57 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/11 16:22:57 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/11 16:22:57 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/11 16:22:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/11 16:22:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/11 16:22:57 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/11 16:22:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/11 16:22:57 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/11 16:22:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/11 16:22:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/11 16:22:56 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/11 16:22:56 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/11 16:22:56 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/11 16:22:56 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/11 16:22:56 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/11 16:22:56 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/11 16:22:56 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/11 16:22:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/11 16:22:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/11 16:22:56 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/11 16:22:56 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/11 16:22:56 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/11 16:22:56 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/11 16:22:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/11 16:22:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/11 16:22:56 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/11 16:22:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/11 15:41:13 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/10/11 15:17:47 | 000,001,258 | ---- | M] () -- C:\Users\Weeny\Desktop\Spybot - Search & Destroy.lnk
[2012/10/11 15:16:26 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/11 15:15:55 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/11 15:15:42 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/11 15:15:42 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/11 15:14:21 | 000,001,053 | ---- | M] () -- C:\Users\Weeny\Desktop\Notepad++.lnk
[2012/10/11 15:13:04 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/10/11 15:00:25 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/11 14:42:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/10/11 14:41:30 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/10/11 14:38:10 | 000,001,043 | ---- | M] () -- C:\Users\Weeny\Desktop\Dropbox.lnk
[2012/10/11 14:36:43 | 000,001,053 | ---- | M] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/11 14:30:20 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/10/11 14:01:43 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012/10/11 14:01:20 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2012/10/11 14:01:18 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2012/10/11 14:01:00 | 000,274,432 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2012/10/11 14:00:58 | 000,420,864 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2012/10/11 14:00:58 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2012/10/11 14:00:56 | 006,368,256 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2012/10/11 14:00:45 | 000,118,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012/10/11 05:52:36 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/10/11 05:52:36 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/10/11 05:50:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2012/10/16 03:56:55 | 000,147,456 | ---- | C] () -- C:\Users\Weeny\Desktop\catchme.exe
[2012/10/14 18:19:01 | 000,001,085 | ---- | C] () -- C:\Users\Weeny\Desktop\Cheat Engine.lnk
[2012/10/12 19:55:31 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2012/10/12 19:55:31 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/10/12 17:41:00 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/10/12 15:05:18 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012/10/12 01:05:51 | 000,007,599 | ---- | C] () -- C:\Users\Weeny\AppData\Local\Resmon.ResmonCfg
[2012/10/11 23:27:31 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2012/10/11 16:35:27 | 000,001,246 | ---- | C] () -- C:\Users\Weeny\Desktop\Auslogics Disk Defrag.lnk
[2012/10/11 16:25:14 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/10/11 16:22:59 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/11 16:22:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/11 15:41:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/10/11 15:17:47 | 000,001,258 | ---- | C] () -- C:\Users\Weeny\Desktop\Spybot - Search & Destroy.lnk
[2012/10/11 15:16:26 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/11 15:15:55 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/11 15:14:21 | 000,001,053 | ---- | C] () -- C:\Users\Weeny\Desktop\Notepad++.lnk
[2012/10/11 15:13:04 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/10/11 15:12:48 | 000,002,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/10/11 15:00:25 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/11 14:41:30 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/10/11 14:38:10 | 000,001,043 | ---- | C] () -- C:\Users\Weeny\Desktop\Dropbox.lnk
[2012/10/11 14:36:43 | 000,001,053 | ---- | C] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/11 14:21:59 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/10/11 14:15:42 | 000,001,437 | ---- | C] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/11 14:01:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/10/11 13:41:50 | 000,001,409 | ---- | C] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/10/11 13:41:37 | 000,001,443 | ---- | C] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/10/11 13:41:03 | 000,000,290 | ---- | C] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/10/11 13:41:03 | 000,000,272 | ---- | C] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/10/11 05:52:22 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/10/11 05:52:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/10/11 05:50:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/10/05 22:55:36 | 001,048,576 | ---- | C] () -- C:\M4A78LT-M-ASUS-CG1330-0403.ROM
[2012/10/05 22:55:36 | 001,048,576 | ---- | C] () -- C:\M4A78LT-M-ASUS-CG1330-0402.ROM
[2012/07/27 19:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/27 19:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/12 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 19:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/12 23:34:16 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\.minecraft
[2012/10/16 03:55:09 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\.purple
[2012/10/11 16:35:41 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\Auslogics
[2012/10/16 03:54:23 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\BitTorrent
[2012/10/16 03:04:40 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\Dropbox
[2012/10/11 18:25:57 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\Notepad++

========== Purity Check ==========



< End of report >














OTL Extras logfile created on: 16/10/2012 4:03:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Weeny\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.75 Gb Total Physical Memory | 5.23 Gb Available Physical Memory | 67.55% Memory free
15.50 Gb Paging File | 12.50 Gb Available in Paging File | 80.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.33 Gb Total Space | 610.26 Gb Free Space | 66.53% Space Free | Partition Type: NTFS

Computer Name: WEENY-PC | User Name: Weeny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0530ED65-FC67-48F7-83AC-8A2A746E3237}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{190F523E-3675-415E-9EF3-18BFD8BE7370}" = rport=137 | protocol=17 | dir=out | app=system |
"{1CD7088D-7102-42D3-8992-2CF64F7F5104}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2FC487D7-BE73-4980-AA3A-B8CA752F934A}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C4B0AAB-1FC8-4E19-B202-FB895C3B12EC}" = lport=445 | protocol=6 | dir=in | app=system |
"{792D9785-A76F-4556-BEBB-BEE085150605}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A67C218-9640-4259-A884-ED2A8A4EA0CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C1B52A7-C3DA-4896-8B01-373EE8E97530}" = rport=445 | protocol=6 | dir=out | app=system |
"{8728A9E0-162F-43A0-9534-B5C683E85459}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F53BE7A-1224-481F-9846-605EF119E5EE}" = rport=138 | protocol=17 | dir=out | app=system |
"{9E192A63-DB17-40C0-AF98-3D27FD54F72E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3666F7B-5E07-4B33-BD7B-79C35E822703}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6D2049E-2BE4-4BA9-B26B-10F96A4A01E0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B5362ED4-E2A4-4872-B8B6-69EA10180A13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B558EB43-BEC0-436D-91E7-D2E1C81784D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB58BE78-3D14-4E77-99A2-16DFEAC0122A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0C103AF-4D18-4E0B-8837-6BE631F7D49C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2F3E3D8-6CDD-4732-9B15-099FDE6B93FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D60F4DF1-51F1-4786-B807-59FFA894F381}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D80AF036-9F3D-4C0E-AE97-AFC84895FE8A}" = lport=137 | protocol=17 | dir=in | app=system |
"{E4B303EA-3ED7-46E2-942F-08FDAC0C1DEC}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040DEA40-6EA0-4992-8867-D026C9E5E5B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe |
"{06463744-7667-453B-93A7-14F843CB6C3D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A9A3148-33EF-4D23-8528-43749F8DD44F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0C91493C-8344-4029-9114-8DA3C5F4F3C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1226506A-50BD-48D7-8ED2-E1ACDD38111B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lightfish\lightfish.exe |
"{16926B75-C4FA-40BD-9F57-55475D195E1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{16B79DB9-3EF8-44A7-B2B5-50CDA4D89A66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{20F97097-6539-46D7-976B-1CF5E9CBB4D3}" = protocol=17 | dir=in | app=c:\users\weeny\appdata\roaming\dropbox\bin\dropbox.exe |
"{2249BDF5-7E86-4706-B9A2-059282DDDDA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{22F2D2FF-92A4-4EB8-B83B-E51B232DD232}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{25CE2E1B-7919-4501-B7B8-6EC7E210F736}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{2C0DBB75-7595-41E3-98BB-5AB7DCE88ABB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2D376E1A-C4A4-498B-9F2A-6D9B5C06675A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3561ABD9-1643-42C9-81DD-099D40060A49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{358BF4EA-2C4F-43E6-8FC2-CC28F49D8112}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{3685CCB4-663C-4372-BA23-6280702DBB27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row 2\sr2_pc.exe |
"{460197E8-D89A-4048-B7CD-9FD7B8E9202A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48F13990-E8CE-40BD-B63D-671CB0FFF9E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5074DB08-A6BD-4984-8D55-5594786B73BB}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{532E60B5-7A69-4F73-988D-E9E989025312}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{537A172B-6D5E-4394-BEFF-9F1AE7A000AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{5543C598-6087-4A1C-90B8-D5E4F113ED86}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{55A6D888-27EE-498B-89B7-B20804A2C799}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row 2\sr2_pc.exe |
"{5940D79A-7400-4A0E-98C3-27102BFBE492}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{5BA5E835-F835-414C-9EDA-79C19E695342}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supreme commander 2\bin\supremecommander2.exe |
"{5C981AE1-A788-4ED3-8DC5-F9DECEBB8283}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{5DC51F16-6F42-440F-A292-372C5772B1B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6EA9F414-A17F-4984-A5F8-3B7D93060209}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{701C8EC6-3ED5-47A2-BB93-B241DDE49CB5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{71FB4C59-AE16-48E4-8F44-F8B17ABF9E84}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{766E7E5C-620D-4227-8CAD-6FCF4F1396FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ai war fleet command\aiwar.exe |
"{7709EA79-E94E-4113-A786-2DE9D61B2BB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{782C164A-1289-4874-8533-243D411E1A9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79B631BE-02EF-4F01-AFEA-E5205B8C9B65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A92C2C8-6402-4440-A314-0F0AB3A771D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{7BD04769-33DC-44DF-AB2A-567774C16577}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{803698CB-025F-4915-8411-CD94CFCCEFA5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{811B33D0-4B1E-44EB-92C0-258F58C9DA39}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{90856585-710A-4999-A6A4-AEB121794EBC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{A2EE59F5-C1C6-43BB-A588-82F70076CFB9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A373A828-9C99-49DC-A619-CC2A8B6100D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A4D0D7C5-17F7-4A18-8FF6-A73010E3D922}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ai war fleet command\aiwar.exe |
"{A57AA411-D624-44AD-B81D-FEE0C7F81AB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supreme commander 2\bin\supremecommander2.exe |
"{A848A3EA-BF17-4CB9-BEB5-0CD0128B6EFD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{AA341DAE-AA03-4611-83DB-CB7EB2F45257}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AEF63236-AB70-4393-9F9A-B1DC76AA72B9}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B21EE641-F6DC-401E-81D6-5D8E98D32D8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{B41626CD-28EE-469B-935D-6CD5FB7CAB8B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B44D91EC-50D2-4663-A365-36D1F632DA4A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7C45682-3299-40EF-805B-388BF2C69723}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{B896945A-ACB3-49DB-A2CE-E061034DA705}" = protocol=6 | dir=in | app=c:\users\weeny\appdata\roaming\dropbox\bin\dropbox.exe |
"{BB11E6C8-94B0-4437-AB69-1169F8A6AC1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{C149ED45-7ED6-4E11-83DF-54B8D1B2E53F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C81ED410-86E6-414A-884D-1F1CDBEAE60B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{C8820258-4C39-48E9-A1EC-815DD1BDCF89}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9F2C5AC-EB78-4ACD-AD65-7C3D439A03B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CC080840-F205-46C2-88EA-014EF500308B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe |
"{CFDE67BA-E8B4-4E49-9D94-C9E23803AA16}" = protocol=6 | dir=out | app=system |
"{D08FC903-4539-472A-935A-62C0E93E64F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{D33D5F19-93C4-4DDD-A3CB-3727974AA756}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{DCA80AF3-2B45-48DE-946E-EA5D73303F48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0D76CCA-C997-4A79-962A-95FF0599D59A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E17F2164-992C-4FC3-8163-E55FFF3AD31E}" = protocol=58 | dir=in | app=system |
"{E474B17C-5199-474E-A3E9-1B65ABAC744A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{E6069FE4-5B34-4ED7-A6B0-207D7ED1DC43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E80DD688-2315-4F28-9903-1D53F9E2C67E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E8F351E1-148C-4B25-A34C-9A38BE222F56}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F2C42454-8C3D-4B98-9E04-716C16376137}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{F77322FF-5024-4B65-8929-F36AFF5905A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{F95D0C2E-ED42-4C82-A977-95DE3604F8F9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lightfish\lightfish.exe |
"{F9B031A6-C216-446D-91C5-4CEE5741B757}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{FFED6BB6-43BB-4C18-979B-E223EF8428F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"TCP Query User{A30AE72B-4094-4B98-B5E8-BA83B85515CE}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"TCP Query User{B21CAD4C-3F90-4621-A30E-1588436A1D92}C:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe |
"TCP Query User{F796AE60-35A9-45AC-B5BA-80DE5B18CD12}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{FA7F5CC9-A142-4D9E-B6B2-AD4EF1D478A9}C:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=c:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe |
"UDP Query User{4755096B-B121-413C-A749-268FC43D63E6}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4929169B-03A5-42F2-9304-E64C80DDD244}C:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe |
"UDP Query User{57420629-F5B1-4575-9BBC-4106F359D3DA}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"UDP Query User{FC88A84C-9422-45F7-B12F-94A63EFD6A2C}C:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=c:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9387E5ED-7D5D-A744-6BDC-8F6CB26DE09A}" = AMD Fuel
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = AMD VISION Engine Control Center
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"Notepad++" = Notepad++
"Pidgin" = Pidgin
"Steam App 212160" = Vindictus

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/10/2012 4:56:40 PM | Computer Name = Weeny-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.1.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 4c8 Start
Time: 01cda7f01989bdb4 Termination Time: 10 Application Path: C:\Windows\explorer.exe

Report
Id: 21877c86-13e6-11e2-8d9c-485b39cf36c9

Error - 11/10/2012 6:04:37 PM | Computer Name = Weeny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbamscheduler.exe, version: 1.65.0.0, time
stamp: 0x504a0456 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x75346a34 Faulting process id: 0x6dc Faulting application
start time: 0x01cda7fc45e17484 Faulting application path: C:\Program Files (x86)\Malwarebytes'
Anti-Malware\mbamscheduler.exe Faulting module path: unknown Report Id: a51f26fb-13ef-11e2-b1fa-485b39cf36c9

Error - 11/10/2012 6:04:40 PM | Computer Name = Weeny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbamservice.exe, version: 1.65.0.0, time
stamp: 0x504a044a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x75346a34 Faulting process id: 0x73c Faulting application
start time: 0x01cda7fc476c98f2 Faulting application path: C:\Program Files (x86)\Malwarebytes'
Anti-Malware\mbamservice.exe Faulting module path: unknown Report Id: a6ce000c-13ef-11e2-b1fa-485b39cf36c9

Error - 11/10/2012 6:04:45 PM | Computer Name = Weeny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Updater.exe, version: 5.10.1.44067, time
stamp: 0x5000146c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x75346a34 Faulting process id: 0x774 Faulting application
start time: 0x01cda7fc48133945 Faulting application path: C:\Program Files (x86)\Skype\Updater\Updater.exe
Faulting
module path: unknown Report Id: a9bbd182-13ef-11e2-b1fa-485b39cf36c9

Error - 11/10/2012 7:09:31 PM | Computer Name = Weeny-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 11/10/2012 8:27:14 PM | Computer Name = Weeny-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 12/10/2012 10:09:44 AM | Computer Name = Weeny-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 13/10/2012 6:00:31 AM | Computer Name = Weeny-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 15/10/2012 8:08:38 AM | Computer Name = Weeny-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

[ System Events ]
Error - 12/10/2012 7:23:52 AM | Computer Name = Weeny-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 12/10/2012 5:01:43 PM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 12/10/2012 11:07:39 PM | Computer Name = Weeny-PC | Source = bowser | ID = 8003
Description =

Error - 13/10/2012 12:26:16 AM | Computer Name = Weeny-PC | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 5.212.200.72. The computer with the IP address 5.99.107.16 did not
allow the name to be claimed by this computer.

Error - 13/10/2012 2:49:21 AM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 13/10/2012 4:58:32 AM | Computer Name = Weeny-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 13/10/2012 1:44:10 PM | Computer Name = Weeny-PC | Source = bowser | ID = 8003
Description =

Error - 14/10/2012 2:33:45 AM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Modules Installer service to connect.

Error - 14/10/2012 2:33:45 AM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Modules Installer service failed to start due to the following
error: %%1053

Error - 14/10/2012 2:33:56 AM | Computer Name = Weeny-PC | Source = DCOM | ID = 10005
Description =


< End of report >

Attached Files



BC AdBot (Login to Remove)

 


#2 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 16 October 2012 - 05:34 AM

And here's my OTL log (Sorry if this doubleposts, it wasn't showing up!)

OTL logfile created on: 16/10/2012 4:03:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Weeny\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.75 Gb Total Physical Memory | 5.23 Gb Available Physical Memory | 67.55% Memory free
15.50 Gb Paging File | 12.50 Gb Available in Paging File | 80.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.33 Gb Total Space | 610.26 Gb Free Space | 66.53% Space Free | Partition Type: NTFS

Computer Name: WEENY-PC | User Name: Weeny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Weeny\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\mssvoice.asi ()
MOD - C:\Program Files (x86)\Steam\bin\mssmp3.asi ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.1) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 7D C8 33 F3 A7 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: redirectbypasser@moonlight21.com:1.6.3
FF - prefs.js..extensions.enabledAddons: {77d2ed30-4cd2-11e0-b8af-0800200c9a66}:4.8.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/11 15:00:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/10/11 14:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Extensions
[2012/10/14 18:10:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions
[2012/10/11 14:25:03 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2012/10/14 18:10:31 | 000,000,000 | ---D | M] (RedirectBypasser) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\redirectbypasser@moonlight21.com
[2012/10/11 15:01:31 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Weeny\AppData\Roaming\Mozilla\Firefox\Profiles\2my9qpuv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/11 15:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/11 15:00:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/10 19:06:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/10 19:05:38 | 000,001,607 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2012/10/10 19:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/10 19:05:38 | 000,001,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2012/10/10 19:05:38 | 000,003,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012/10/10 19:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/10/10 19:05:38 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2012/10/10 19:05:38 | 000,001,309 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - Startup: C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.153.176.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F40EBE39-39C2-425B-8BBE-F8E183DF8010}: DhcpNameServer = 192.168.1.254 75.153.176.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/16 04:02:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Weeny\Desktop\OTL.exe
[2012/10/15 03:27:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/10/15 03:26:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/10/15 03:00:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/10/14 18:19:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Documents\My Cheat Tables
[2012/10/14 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2012/10/14 17:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/10/13 11:28:54 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\FLT
[2012/10/13 11:28:13 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/10/13 11:28:13 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/10/13 11:28:13 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/10/13 11:28:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/10/13 11:28:13 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/10/13 11:28:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/10/13 11:28:12 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/10/13 11:28:12 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/10/13 11:28:12 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/10/13 11:28:12 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/10/13 11:28:12 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/10/13 11:28:12 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/10/13 11:28:11 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/10/13 11:28:11 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/10/13 11:28:11 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/10/13 11:28:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/10/13 11:28:10 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/10/13 11:28:10 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/10/13 11:28:10 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/10/13 11:28:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/10/13 11:28:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/10/13 11:28:09 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/10/13 11:28:09 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/10/13 11:28:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/10/13 11:28:08 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/10/13 11:28:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/10/13 11:28:07 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/10/13 11:28:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/10/13 11:28:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/10/13 11:28:07 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/10/13 11:28:06 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/10/13 11:28:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/10/13 11:28:06 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/10/13 11:28:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/10/13 11:28:05 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/10/13 11:28:05 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/10/13 11:28:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/10/13 11:28:05 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/10/13 11:28:05 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/10/13 11:28:05 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/10/13 11:28:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/10/13 11:28:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/10/13 11:28:04 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/10/13 11:28:04 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/10/13 11:28:03 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/10/13 11:28:03 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/10/13 11:28:03 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/10/13 11:28:03 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/10/13 11:28:03 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/10/13 11:28:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/10/13 11:28:03 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/10/13 11:28:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/10/13 11:28:02 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/10/13 11:28:02 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/10/13 11:28:02 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/10/13 11:28:02 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/10/13 11:28:01 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/10/13 11:28:01 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/10/13 11:28:01 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/10/13 11:28:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/10/13 11:28:01 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/10/13 11:28:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/10/13 11:28:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/10/13 11:28:00 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/10/13 11:28:00 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/10/13 11:28:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/10/13 11:27:59 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/10/13 11:27:59 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/10/13 11:27:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/10/13 11:27:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/10/13 11:27:59 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/10/13 11:27:59 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/10/13 11:27:58 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/10/13 11:27:58 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/10/13 11:27:58 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/10/13 11:27:58 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/10/13 11:27:58 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/10/13 11:27:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/10/13 11:27:57 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/10/13 11:27:57 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/10/13 11:27:57 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/10/13 11:27:57 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/10/13 11:27:56 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/10/13 11:27:56 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/10/13 11:27:56 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/10/13 11:27:56 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/10/13 11:27:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/10/13 11:27:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/10/13 11:27:56 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/10/13 11:27:56 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/10/13 11:27:55 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/10/13 11:27:55 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/10/13 11:27:54 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/10/13 11:27:54 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/10/13 11:27:53 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/10/13 11:27:53 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/10/13 11:27:53 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/10/13 11:27:53 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/10/13 11:27:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/10/13 11:27:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/10/13 11:27:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/10/13 11:27:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/10/13 11:27:52 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/10/13 11:27:52 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/10/13 11:27:51 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/10/13 11:27:51 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/10/13 11:27:50 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/10/13 11:27:50 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/10/13 11:27:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/10/13 11:27:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/10/13 11:27:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/10/13 11:27:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/10/13 11:27:46 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/10/13 11:27:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/10/13 11:27:45 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/10/13 11:27:45 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/10/13 11:27:45 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/10/13 11:27:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/10/13 11:27:45 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/10/13 11:27:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/10/13 11:27:43 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/10/13 11:27:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/10/13 11:27:43 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/10/13 11:27:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/10/13 11:27:43 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/10/13 11:27:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/10/13 11:27:43 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/10/13 11:27:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/10/13 11:27:42 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/10/13 11:27:42 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/10/13 11:27:41 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/10/13 11:27:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/10/13 11:27:40 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/10/13 11:27:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/10/13 11:27:39 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/10/13 11:27:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/10/13 11:27:39 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/10/13 11:27:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/10/13 11:27:39 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/10/13 11:27:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/10/13 11:27:37 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/10/13 11:27:37 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/10/13 11:27:35 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/10/13 11:27:35 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/10/13 11:27:35 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/10/13 11:27:35 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/10/13 11:27:34 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/10/13 11:27:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/10/13 11:27:33 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/10/13 11:27:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/10/13 11:27:33 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/10/13 11:27:33 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/10/13 11:27:32 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/10/13 11:27:32 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/10/13 11:27:32 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/10/13 11:27:32 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/10/13 11:27:31 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/10/13 11:27:31 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/10/13 11:27:30 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/10/13 11:27:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/10/13 11:27:30 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/10/13 11:27:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/10/13 11:27:28 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/10/13 11:27:28 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/10/13 11:27:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/10/13 11:27:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/10/13 11:27:18 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/10/13 11:27:18 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/10/13 11:27:18 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/10/13 11:27:18 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/10/13 11:27:17 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/10/13 11:27:17 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/10/13 11:27:16 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/10/13 11:27:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/10/13 11:27:16 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/10/13 11:27:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/10/13 11:27:15 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/10/13 11:27:15 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/10/13 11:27:13 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/10/13 11:27:13 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/10/13 11:27:12 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/10/13 11:27:12 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/10/12 19:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2012/10/12 19:54:24 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Paint.NET
[2012/10/12 17:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/10/12 17:40:24 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\BitTorrent
[2012/10/12 15:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/10/12 15:04:58 | 001,342,064 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012/10/12 15:04:58 | 000,992,368 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012/10/12 15:04:58 | 000,549,488 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012/10/12 15:04:58 | 000,248,944 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2012/10/12 15:04:58 | 000,199,280 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012/10/12 15:04:58 | 000,091,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2012/10/12 15:04:58 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012/10/12 15:04:58 | 000,083,056 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012/10/12 15:04:58 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012/10/12 15:04:27 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012/10/12 15:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012/10/12 15:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/10/12 14:46:34 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\.minecraft
[2012/10/12 14:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/10/12 14:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/10/11 23:30:03 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/10/11 23:30:03 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/10/11 23:30:03 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/10/11 23:29:54 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/10/11 23:29:54 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/10/11 23:29:54 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/10/11 23:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/10/11 23:28:13 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\.purple
[2012/10/11 23:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2012/10/11 18:32:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/10/11 18:32:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/10/11 18:09:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Notepad++
[2012/10/11 16:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/10/11 16:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/10/11 16:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/10/11 16:35:41 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Auslogics
[2012/10/11 16:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/10/11 16:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2012/10/11 16:26:00 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012/10/11 16:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/10/11 16:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/10/11 16:25:36 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\LogMeIn Hamachi
[2012/10/11 16:25:26 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/10/11 16:25:26 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/10/11 16:25:26 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/10/11 16:25:26 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/10/11 16:25:26 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/10/11 16:25:26 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/10/11 16:25:26 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012/10/11 16:25:25 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/10/11 16:23:00 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/11 16:22:59 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/11 16:22:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/11 16:22:59 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/11 16:22:59 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/11 16:22:59 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/11 16:22:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/11 16:22:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/11 16:22:59 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/11 16:22:59 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/11 16:22:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/11 16:22:59 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/11 16:22:59 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/11 16:22:59 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/11 16:22:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/11 16:22:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/11 16:22:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/11 16:22:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/11 16:22:59 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/11 16:22:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/11 16:22:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/11 16:22:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/11 16:22:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/11 16:22:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/11 16:22:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/11 16:22:58 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/11 16:22:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/11 16:22:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/11 16:22:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/11 16:22:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/11 16:22:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/11 16:22:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/11 16:22:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/11 16:22:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/11 16:22:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/11 16:22:57 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/11 16:22:57 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/11 16:22:57 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/11 16:22:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/11 16:22:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/11 16:22:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/11 16:22:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/11 16:22:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/11 16:22:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/11 16:22:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/11 16:22:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/11 16:22:57 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/11 16:22:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/11 16:22:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/11 16:22:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/11 16:22:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/11 16:22:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/11 16:22:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/11 16:22:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/11 16:22:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/11 16:22:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/11 16:22:56 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/11 16:22:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/11 16:22:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/11 16:22:56 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/11 16:22:56 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/11 16:22:56 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/11 16:22:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/11 16:22:56 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/11 16:22:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/11 16:22:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/11 16:22:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/11 16:22:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/11 16:22:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/11 16:22:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/11 16:22:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/11 16:22:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/11 15:57:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/10/11 15:57:42 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/10/11 15:52:33 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/10/11 15:52:33 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/10/11 15:52:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/10/11 15:52:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/10/11 15:52:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/10/11 15:52:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/10/11 15:52:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/10/11 15:52:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/10/11 15:52:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/10/11 15:52:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/10/11 15:52:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/10/11 15:52:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/10/11 15:52:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/11 15:52:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/11 15:52:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/10/11 15:52:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/10/11 15:52:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/11 15:52:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/10/11 15:52:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/11 15:52:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/11 15:52:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/11 15:52:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/11 15:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/10/11 15:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/10/11 15:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/10/11 15:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/10/11 15:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/10/11 15:52:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/10/11 15:52:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/10/11 15:51:55 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/10/11 15:51:55 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012/10/11 15:51:54 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/10/11 15:51:53 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012/10/11 15:51:53 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/10/11 15:51:53 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/10/11 15:51:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/10/11 15:51:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/10/11 15:51:52 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/10/11 15:51:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/10/11 15:51:52 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/10/11 15:51:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/10/11 15:51:51 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/10/11 15:51:47 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/10/11 15:51:46 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/10/11 15:51:46 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/10/11 15:51:46 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/10/11 15:51:45 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/10/11 15:51:45 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/10/11 15:51:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/10/11 15:51:45 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/10/11 15:51:44 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/10/11 15:51:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/10/11 15:51:44 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/10/11 15:51:44 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/10/11 15:51:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/10/11 15:51:39 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012/10/11 15:51:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/10/11 15:51:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012/10/11 15:51:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012/10/11 15:51:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/10/11 15:51:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012/10/11 15:51:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/10/11 15:51:35 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/10/11 15:51:35 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/10/11 15:51:31 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012/10/11 15:51:27 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2012/10/11 15:51:27 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012/10/11 15:51:26 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2012/10/11 15:51:26 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012/10/11 15:51:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2012/10/11 15:51:26 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2012/10/11 15:51:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2012/10/11 15:51:25 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012/10/11 15:51:25 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012/10/11 15:51:25 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2012/10/11 15:51:25 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012/10/11 15:51:25 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012/10/11 15:51:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2012/10/11 15:51:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2012/10/11 15:51:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012/10/11 15:51:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012/10/11 15:51:12 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/10/11 15:51:11 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/10/11 15:51:10 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/10/11 15:51:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/10/11 15:51:07 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/10/11 15:51:06 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/10/11 15:51:05 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/10/11 15:51:03 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/10/11 15:51:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/10/11 15:51:02 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/10/11 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\thq
[2012/10/11 15:47:27 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/10/11 15:47:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/10/11 15:47:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/10/11 15:47:07 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/10/11 15:47:06 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/10/11 15:47:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/10/11 15:43:04 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\AMD
[2012/10/11 15:42:33 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\ATI
[2012/10/11 15:42:33 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\ATI
[2012/10/11 15:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/10/11 15:26:58 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/10/11 15:26:57 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/10/11 15:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/10/11 15:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/10/11 15:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/10/11 15:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/10/11 15:17:05 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Malwarebytes
[2012/10/11 15:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/11 15:16:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/11 15:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/11 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Macromedia
[2012/10/11 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Macromedia
[2012/10/11 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Adobe
[2012/10/11 15:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/11 15:15:42 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/11 15:15:42 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/11 15:15:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/10/11 15:15:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/10/11 15:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/10/11 15:14:21 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/10/11 15:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/10/11 15:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2012/10/11 15:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/10/11 15:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/10/11 15:11:58 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/10/11 15:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/11 14:42:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/10/11 14:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/10/11 14:41:36 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Skype
[2012/10/11 14:41:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/10/11 14:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/10/11 14:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/10/11 14:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/10/11 14:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012/10/11 14:40:48 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2012/10/11 14:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/10/11 14:39:09 | 000,000,000 | ---D | C] -- C:\AMD
[2012/10/11 14:36:32 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/10/11 14:35:32 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Dropbox
[2012/10/11 14:27:45 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/10/11 14:27:44 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/10/11 14:27:44 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/10/11 14:27:43 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/10/11 14:27:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/10/11 14:27:41 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/10/11 14:27:41 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/10/11 14:27:41 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/10/11 14:27:41 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/10/11 14:27:41 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/10/11 14:27:41 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/10/11 14:27:39 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/10/11 14:27:39 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/10/11 14:27:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/10/11 14:27:39 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/10/11 14:27:39 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012/10/11 14:27:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/10/11 14:27:38 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012/10/11 14:27:37 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012/10/11 14:27:35 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/10/11 14:27:35 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/10/11 14:27:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/10/11 14:27:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/10/11 14:27:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/10/11 14:27:24 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/10/11 14:27:24 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/10/11 14:27:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/10/11 14:27:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/10/11 14:27:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/10/11 14:27:23 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/10/11 14:27:23 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/10/11 14:27:23 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/10/11 14:27:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/10/11 14:27:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/10/11 14:27:23 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/10/11 14:27:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/10/11 14:27:22 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/10/11 14:27:22 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/10/11 14:27:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/10/11 14:27:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/10/11 14:27:11 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/10/11 14:27:11 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/10/11 14:27:10 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/10/11 14:27:10 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/10/11 14:27:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/10/11 14:27:07 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/10/11 14:27:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/10/11 14:27:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/10/11 14:27:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/10/11 14:27:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/10/11 14:27:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/10/11 14:27:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/10/11 14:27:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/10/11 14:27:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/10/11 14:27:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/10/11 14:26:44 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012/10/11 14:26:44 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012/10/11 14:26:44 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/10/11 14:26:44 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012/10/11 14:26:44 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012/10/11 14:26:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/10/11 14:26:44 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012/10/11 14:26:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/10/11 14:26:39 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012/10/11 14:26:39 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/10/11 14:26:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/10/11 14:26:31 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/10/11 14:26:29 | 005,505,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/11 14:26:29 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/10/11 14:26:28 | 003,902,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/10/11 14:26:25 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012/10/11 14:26:24 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/10/11 14:26:24 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/10/11 14:26:24 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/10/11 14:26:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/10/11 14:26:23 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/10/11 14:26:20 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/10/11 14:25:57 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/11 14:25:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/10/11 14:25:57 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/10/11 14:25:50 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/10/11 14:25:50 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/10/11 14:25:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/10/11 14:25:50 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/10/11 14:25:50 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/10/11 14:25:50 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/10/11 14:25:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/10/11 14:25:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/10/11 14:25:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/10/11 14:25:50 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/10/11 14:25:40 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/10/11 14:25:40 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/10/11 14:25:40 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/10/11 14:25:40 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/10/11 14:25:40 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/10/11 14:25:40 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/10/11 14:25:40 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/10/11 14:25:38 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/10/11 14:25:38 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/10/11 14:25:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012/10/11 14:25:34 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/10/11 14:25:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/10/11 14:25:33 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/10/11 14:25:33 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/10/11 14:25:33 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/10/11 14:25:33 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/10/11 14:25:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/10/11 14:25:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/10/11 14:25:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/10/11 14:25:25 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/10/11 14:25:24 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/10/11 14:25:23 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/10/11 14:25:22 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/10/11 14:25:21 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/10/11 14:25:21 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/10/11 14:25:20 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/10/11 14:25:20 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/10/11 14:25:14 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/10/11 14:25:14 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/10/11 14:25:13 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/10/11 14:25:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/10/11 14:25:10 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/11 14:25:09 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/11 14:22:35 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Mozilla
[2012/10/11 14:22:35 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Mozilla
[2012/10/11 14:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/10/11 14:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/10/11 14:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/10/11 14:06:38 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Documents\My Games
[2012/10/11 14:05:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/10/11 14:05:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/10/11 14:04:18 | 006,368,256 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2012/10/11 14:04:18 | 000,420,864 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2012/10/11 14:04:18 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2012/10/11 14:04:18 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2012/10/11 14:04:18 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012/10/11 14:04:18 | 000,116,736 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2012/10/11 14:04:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/10/11 14:04:17 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2012/10/11 14:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/10/11 14:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/10/11 14:01:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/10/11 14:01:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/10/11 13:43:52 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Dropbox
[2012/10/11 13:43:52 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Data
[2012/10/11 13:42:13 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/10/11 13:42:13 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/10/11 13:42:13 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/10/11 13:41:59 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/10/11 13:41:59 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/10/11 13:41:59 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/10/11 13:41:36 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/10/11 13:41:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/10/11 13:41:35 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/10/11 13:41:35 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Searches
[2012/10/11 13:41:35 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/10/11 13:41:35 | 000,000,000 | -H-D | C] -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/10/11 13:41:17 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Identities
[2012/10/11 13:41:13 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Contacts
[2012/10/11 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\VirtualStore
[2012/10/11 13:41:03 | 000,000,000 | --SD | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Videos
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Saved Games
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Pictures
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Music
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Links
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Favorites
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Downloads
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Documents
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\Desktop
[2012/10/11 13:41:03 | 000,000,000 | R--D | C] -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\AppData\Local\Temporary Internet Files
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Templates
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Start Menu
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\SendTo
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Recent
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\PrintHood
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\NetHood
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Documents\My Videos
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Documents\My Pictures
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Documents\My Music
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\My Documents
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Local Settings
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\AppData\Local\History
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Cookies
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\Application Data
[2012/10/11 13:41:03 | 000,000,000 | -HSD | C] -- C:\Users\Weeny\AppData\Local\Application Data
[2012/10/11 13:41:03 | 000,000,000 | -H-D | C] -- C:\Users\Weeny\AppData
[2012/10/11 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Temp
[2012/10/11 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Local\Microsoft
[2012/10/11 13:41:03 | 000,000,000 | ---D | C] -- C:\Users\Weeny\AppData\Roaming\Media Center Programs
[2012/10/11 13:40:51 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/10/11 05:51:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/10/11 05:49:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/09/21 18:21:09 | 000,000,000 | ---D | C] -- C:\Users\Weeny\Documents\NBGI
[2012/09/21 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAMCO BANDAI Games

========== Files - Modified Within 30 Days ==========

[2012/10/16 04:02:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Weeny\Desktop\OTL.exe
[2012/10/16 03:56:58 | 000,147,456 | ---- | M] () -- C:\Users\Weeny\Desktop\catchme.exe
[2012/10/15 03:24:06 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/15 03:24:06 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/15 03:23:55 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/15 03:23:55 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/15 03:23:55 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/15 03:16:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/15 03:16:41 | 1945,505,791 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/14 18:19:01 | 000,001,085 | ---- | M] () -- C:\Users\Weeny\Desktop\Cheat Engine.lnk
[2012/10/13 03:25:26 | 000,007,599 | ---- | M] () -- C:\Users\Weeny\AppData\Local\Resmon.ResmonCfg
[2012/10/12 19:55:31 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/10/12 17:41:00 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/10/11 23:29:41 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/10/11 23:29:39 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/10/11 23:29:39 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/10/11 23:29:39 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/10/11 23:29:38 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/10/11 23:29:38 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/10/11 23:27:31 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2012/10/11 18:37:40 | 000,001,437 | ---- | M] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/11 18:35:06 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/11 16:35:27 | 000,001,246 | ---- | M] () -- C:\Users\Weeny\Desktop\Auslogics Disk Defrag.lnk
[2012/10/11 16:25:58 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/10/11 16:23:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/11 16:22:59 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/11 16:22:59 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/11 16:22:59 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/11 16:22:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/11 16:22:59 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/11 16:22:59 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/11 16:22:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/11 16:22:59 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/11 16:22:59 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/11 16:22:59 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/11 16:22:59 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/11 16:22:59 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/11 16:22:59 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/11 16:22:59 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/11 16:22:59 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/11 16:22:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/11 16:22:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/11 16:22:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/11 16:22:59 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/11 16:22:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/11 16:22:59 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/11 16:22:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/11 16:22:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/11 16:22:59 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/11 16:22:59 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/11 16:22:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/11 16:22:58 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/11 16:22:58 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/11 16:22:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/11 16:22:58 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/11 16:22:58 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/11 16:22:58 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/11 16:22:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/11 16:22:58 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/11 16:22:58 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/11 16:22:57 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/11 16:22:57 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/11 16:22:57 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/11 16:22:57 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/11 16:22:57 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/11 16:22:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/11 16:22:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/11 16:22:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/11 16:22:57 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/11 16:22:57 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/11 16:22:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/11 16:22:57 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/11 16:22:57 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/11 16:22:57 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/11 16:22:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/11 16:22:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/11 16:22:57 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/11 16:22:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/11 16:22:57 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/11 16:22:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/11 16:22:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/11 16:22:56 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/11 16:22:56 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/11 16:22:56 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/11 16:22:56 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/11 16:22:56 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/11 16:22:56 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/11 16:22:56 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/11 16:22:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/11 16:22:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/11 16:22:56 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/11 16:22:56 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/11 16:22:56 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/11 16:22:56 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/11 16:22:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/11 16:22:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/11 16:22:56 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/11 16:22:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/11 15:41:13 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/10/11 15:17:47 | 000,001,258 | ---- | M] () -- C:\Users\Weeny\Desktop\Spybot - Search & Destroy.lnk
[2012/10/11 15:16:26 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/11 15:15:55 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/11 15:15:42 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/11 15:15:42 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/11 15:14:21 | 000,001,053 | ---- | M] () -- C:\Users\Weeny\Desktop\Notepad++.lnk
[2012/10/11 15:13:04 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/10/11 15:00:25 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/11 14:42:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/10/11 14:41:30 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/10/11 14:38:10 | 000,001,043 | ---- | M] () -- C:\Users\Weeny\Desktop\Dropbox.lnk
[2012/10/11 14:36:43 | 000,001,053 | ---- | M] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/11 14:30:20 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/10/11 14:01:43 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012/10/11 14:01:20 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2012/10/11 14:01:18 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2012/10/11 14:01:00 | 000,274,432 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2012/10/11 14:00:58 | 000,420,864 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2012/10/11 14:00:58 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2012/10/11 14:00:56 | 006,368,256 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2012/10/11 14:00:45 | 000,118,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012/10/11 05:52:36 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/10/11 05:52:36 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/10/11 05:50:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2012/10/16 03:56:55 | 000,147,456 | ---- | C] () -- C:\Users\Weeny\Desktop\catchme.exe
[2012/10/14 18:19:01 | 000,001,085 | ---- | C] () -- C:\Users\Weeny\Desktop\Cheat Engine.lnk
[2012/10/12 19:55:31 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2012/10/12 19:55:31 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/10/12 17:41:00 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/10/12 15:05:18 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012/10/12 01:05:51 | 000,007,599 | ---- | C] () -- C:\Users\Weeny\AppData\Local\Resmon.ResmonCfg
[2012/10/11 23:27:31 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2012/10/11 16:35:27 | 000,001,246 | ---- | C] () -- C:\Users\Weeny\Desktop\Auslogics Disk Defrag.lnk
[2012/10/11 16:25:14 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/10/11 16:22:59 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/11 16:22:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/11 15:41:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/10/11 15:17:47 | 000,001,258 | ---- | C] () -- C:\Users\Weeny\Desktop\Spybot - Search & Destroy.lnk
[2012/10/11 15:16:26 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/11 15:15:55 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/11 15:14:21 | 000,001,053 | ---- | C] () -- C:\Users\Weeny\Desktop\Notepad++.lnk
[2012/10/11 15:13:04 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/10/11 15:12:48 | 000,002,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/10/11 15:00:25 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/11 14:41:30 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/10/11 14:38:10 | 000,001,043 | ---- | C] () -- C:\Users\Weeny\Desktop\Dropbox.lnk
[2012/10/11 14:36:43 | 000,001,053 | ---- | C] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/10/11 14:21:59 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/10/11 14:15:42 | 000,001,437 | ---- | C] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/11 14:01:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/10/11 13:41:50 | 000,001,409 | ---- | C] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/10/11 13:41:37 | 000,001,443 | ---- | C] () -- C:\Users\Weeny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/10/11 13:41:03 | 000,000,290 | ---- | C] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/10/11 13:41:03 | 000,000,272 | ---- | C] () -- C:\Users\Weeny\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/10/11 05:52:22 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/10/11 05:52:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/10/11 05:50:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/10/05 22:55:36 | 001,048,576 | ---- | C] () -- C:\M4A78LT-M-ASUS-CG1330-0403.ROM
[2012/10/05 22:55:36 | 001,048,576 | ---- | C] () -- C:\M4A78LT-M-ASUS-CG1330-0402.ROM
[2012/07/27 19:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/27 19:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/12 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 19:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/12 23:34:16 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\.minecraft
[2012/10/16 03:55:09 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\.purple
[2012/10/11 16:35:41 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\Auslogics
[2012/10/16 03:54:23 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\BitTorrent
[2012/10/16 03:04:40 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\Dropbox
[2012/10/11 18:25:57 | 000,000,000 | ---D | M] -- C:\Users\Weeny\AppData\Roaming\Notepad++

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 16/10/2012 4:03:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Weeny\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.75 Gb Total Physical Memory | 5.23 Gb Available Physical Memory | 67.55% Memory free
15.50 Gb Paging File | 12.50 Gb Available in Paging File | 80.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.33 Gb Total Space | 610.26 Gb Free Space | 66.53% Space Free | Partition Type: NTFS

Computer Name: WEENY-PC | User Name: Weeny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0530ED65-FC67-48F7-83AC-8A2A746E3237}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{190F523E-3675-415E-9EF3-18BFD8BE7370}" = rport=137 | protocol=17 | dir=out | app=system |
"{1CD7088D-7102-42D3-8992-2CF64F7F5104}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2FC487D7-BE73-4980-AA3A-B8CA752F934A}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C4B0AAB-1FC8-4E19-B202-FB895C3B12EC}" = lport=445 | protocol=6 | dir=in | app=system |
"{792D9785-A76F-4556-BEBB-BEE085150605}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A67C218-9640-4259-A884-ED2A8A4EA0CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C1B52A7-C3DA-4896-8B01-373EE8E97530}" = rport=445 | protocol=6 | dir=out | app=system |
"{8728A9E0-162F-43A0-9534-B5C683E85459}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F53BE7A-1224-481F-9846-605EF119E5EE}" = rport=138 | protocol=17 | dir=out | app=system |
"{9E192A63-DB17-40C0-AF98-3D27FD54F72E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3666F7B-5E07-4B33-BD7B-79C35E822703}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6D2049E-2BE4-4BA9-B26B-10F96A4A01E0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B5362ED4-E2A4-4872-B8B6-69EA10180A13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B558EB43-BEC0-436D-91E7-D2E1C81784D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB58BE78-3D14-4E77-99A2-16DFEAC0122A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0C103AF-4D18-4E0B-8837-6BE631F7D49C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2F3E3D8-6CDD-4732-9B15-099FDE6B93FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D60F4DF1-51F1-4786-B807-59FFA894F381}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D80AF036-9F3D-4C0E-AE97-AFC84895FE8A}" = lport=137 | protocol=17 | dir=in | app=system |
"{E4B303EA-3ED7-46E2-942F-08FDAC0C1DEC}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040DEA40-6EA0-4992-8867-D026C9E5E5B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe |
"{06463744-7667-453B-93A7-14F843CB6C3D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A9A3148-33EF-4D23-8528-43749F8DD44F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0C91493C-8344-4029-9114-8DA3C5F4F3C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1226506A-50BD-48D7-8ED2-E1ACDD38111B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lightfish\lightfish.exe |
"{16926B75-C4FA-40BD-9F57-55475D195E1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{16B79DB9-3EF8-44A7-B2B5-50CDA4D89A66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{20F97097-6539-46D7-976B-1CF5E9CBB4D3}" = protocol=17 | dir=in | app=c:\users\weeny\appdata\roaming\dropbox\bin\dropbox.exe |
"{2249BDF5-7E86-4706-B9A2-059282DDDDA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{22F2D2FF-92A4-4EB8-B83B-E51B232DD232}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{25CE2E1B-7919-4501-B7B8-6EC7E210F736}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{2C0DBB75-7595-41E3-98BB-5AB7DCE88ABB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2D376E1A-C4A4-498B-9F2A-6D9B5C06675A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3561ABD9-1643-42C9-81DD-099D40060A49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{358BF4EA-2C4F-43E6-8FC2-CC28F49D8112}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{3685CCB4-663C-4372-BA23-6280702DBB27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row 2\sr2_pc.exe |
"{460197E8-D89A-4048-B7CD-9FD7B8E9202A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48F13990-E8CE-40BD-B63D-671CB0FFF9E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5074DB08-A6BD-4984-8D55-5594786B73BB}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{532E60B5-7A69-4F73-988D-E9E989025312}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{537A172B-6D5E-4394-BEFF-9F1AE7A000AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{5543C598-6087-4A1C-90B8-D5E4F113ED86}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{55A6D888-27EE-498B-89B7-B20804A2C799}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row 2\sr2_pc.exe |
"{5940D79A-7400-4A0E-98C3-27102BFBE492}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{5BA5E835-F835-414C-9EDA-79C19E695342}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supreme commander 2\bin\supremecommander2.exe |
"{5C981AE1-A788-4ED3-8DC5-F9DECEBB8283}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{5DC51F16-6F42-440F-A292-372C5772B1B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6EA9F414-A17F-4984-A5F8-3B7D93060209}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{701C8EC6-3ED5-47A2-BB93-B241DDE49CB5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{71FB4C59-AE16-48E4-8F44-F8B17ABF9E84}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{766E7E5C-620D-4227-8CAD-6FCF4F1396FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ai war fleet command\aiwar.exe |
"{7709EA79-E94E-4113-A786-2DE9D61B2BB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{782C164A-1289-4874-8533-243D411E1A9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79B631BE-02EF-4F01-AFEA-E5205B8C9B65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A92C2C8-6402-4440-A314-0F0AB3A771D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{7BD04769-33DC-44DF-AB2A-567774C16577}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{803698CB-025F-4915-8411-CD94CFCCEFA5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{811B33D0-4B1E-44EB-92C0-258F58C9DA39}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{90856585-710A-4999-A6A4-AEB121794EBC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{A2EE59F5-C1C6-43BB-A588-82F70076CFB9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A373A828-9C99-49DC-A619-CC2A8B6100D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A4D0D7C5-17F7-4A18-8FF6-A73010E3D922}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ai war fleet command\aiwar.exe |
"{A57AA411-D624-44AD-B81D-FEE0C7F81AB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supreme commander 2\bin\supremecommander2.exe |
"{A848A3EA-BF17-4CB9-BEB5-0CD0128B6EFD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{AA341DAE-AA03-4611-83DB-CB7EB2F45257}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AEF63236-AB70-4393-9F9A-B1DC76AA72B9}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B21EE641-F6DC-401E-81D6-5D8E98D32D8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{B41626CD-28EE-469B-935D-6CD5FB7CAB8B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B44D91EC-50D2-4663-A365-36D1F632DA4A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7C45682-3299-40EF-805B-388BF2C69723}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{B896945A-ACB3-49DB-A2CE-E061034DA705}" = protocol=6 | dir=in | app=c:\users\weeny\appdata\roaming\dropbox\bin\dropbox.exe |
"{BB11E6C8-94B0-4437-AB69-1169F8A6AC1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{C149ED45-7ED6-4E11-83DF-54B8D1B2E53F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C81ED410-86E6-414A-884D-1F1CDBEAE60B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{C8820258-4C39-48E9-A1EC-815DD1BDCF89}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9F2C5AC-EB78-4ACD-AD65-7C3D439A03B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CC080840-F205-46C2-88EA-014EF500308B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe |
"{CFDE67BA-E8B4-4E49-9D94-C9E23803AA16}" = protocol=6 | dir=out | app=system |
"{D08FC903-4539-472A-935A-62C0E93E64F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{D33D5F19-93C4-4DDD-A3CB-3727974AA756}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{DCA80AF3-2B45-48DE-946E-EA5D73303F48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0D76CCA-C997-4A79-962A-95FF0599D59A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E17F2164-992C-4FC3-8163-E55FFF3AD31E}" = protocol=58 | dir=in | app=system |
"{E474B17C-5199-474E-A3E9-1B65ABAC744A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{E6069FE4-5B34-4ED7-A6B0-207D7ED1DC43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E80DD688-2315-4F28-9903-1D53F9E2C67E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E8F351E1-148C-4B25-A34C-9A38BE222F56}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F2C42454-8C3D-4B98-9E04-716C16376137}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{F77322FF-5024-4B65-8929-F36AFF5905A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{F95D0C2E-ED42-4C82-A977-95DE3604F8F9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lightfish\lightfish.exe |
"{F9B031A6-C216-446D-91C5-4CEE5741B757}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{FFED6BB6-43BB-4C18-979B-E223EF8428F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"TCP Query User{A30AE72B-4094-4B98-B5E8-BA83B85515CE}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"TCP Query User{B21CAD4C-3F90-4621-A30E-1588436A1D92}C:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe |
"TCP Query User{F796AE60-35A9-45AC-B5BA-80DE5B18CD12}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{FA7F5CC9-A142-4D9E-B6B2-AD4EF1D478A9}C:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=c:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe |
"UDP Query User{4755096B-B121-413C-A749-268FC43D63E6}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4929169B-03A5-42F2-9304-E64C80DDD244}C:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\activationx\garrysmod\hl2.exe |
"UDP Query User{57420629-F5B1-4575-9BBC-4106F359D3DA}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"UDP Query User{FC88A84C-9422-45F7-B12F-94A63EFD6A2C}C:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=c:\users\weeny\downloads\recieved files\xcom\xcom enemy unkonwn\binaries\win32\xcomgame.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9387E5ED-7D5D-A744-6BDC-8F6CB26DE09A}" = AMD Fuel
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = AMD VISION Engine Control Center
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"Notepad++" = Notepad++
"Pidgin" = Pidgin
"Steam App 212160" = Vindictus

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/10/2012 4:56:40 PM | Computer Name = Weeny-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.1.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 4c8 Start
Time: 01cda7f01989bdb4 Termination Time: 10 Application Path: C:\Windows\explorer.exe

Report
Id: 21877c86-13e6-11e2-8d9c-485b39cf36c9

Error - 11/10/2012 6:04:37 PM | Computer Name = Weeny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbamscheduler.exe, version: 1.65.0.0, time
stamp: 0x504a0456 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x75346a34 Faulting process id: 0x6dc Faulting application
start time: 0x01cda7fc45e17484 Faulting application path: C:\Program Files (x86)\Malwarebytes'
Anti-Malware\mbamscheduler.exe Faulting module path: unknown Report Id: a51f26fb-13ef-11e2-b1fa-485b39cf36c9

Error - 11/10/2012 6:04:40 PM | Computer Name = Weeny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbamservice.exe, version: 1.65.0.0, time
stamp: 0x504a044a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x75346a34 Faulting process id: 0x73c Faulting application
start time: 0x01cda7fc476c98f2 Faulting application path: C:\Program Files (x86)\Malwarebytes'
Anti-Malware\mbamservice.exe Faulting module path: unknown Report Id: a6ce000c-13ef-11e2-b1fa-485b39cf36c9

Error - 11/10/2012 6:04:45 PM | Computer Name = Weeny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Updater.exe, version: 5.10.1.44067, time
stamp: 0x5000146c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x75346a34 Faulting process id: 0x774 Faulting application
start time: 0x01cda7fc48133945 Faulting application path: C:\Program Files (x86)\Skype\Updater\Updater.exe
Faulting
module path: unknown Report Id: a9bbd182-13ef-11e2-b1fa-485b39cf36c9

Error - 11/10/2012 7:09:31 PM | Computer Name = Weeny-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 11/10/2012 8:27:14 PM | Computer Name = Weeny-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 12/10/2012 10:09:44 AM | Computer Name = Weeny-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 13/10/2012 6:00:31 AM | Computer Name = Weeny-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 15/10/2012 8:08:38 AM | Computer Name = Weeny-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

[ System Events ]
Error - 12/10/2012 7:23:52 AM | Computer Name = Weeny-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 12/10/2012 5:01:43 PM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 12/10/2012 11:07:39 PM | Computer Name = Weeny-PC | Source = bowser | ID = 8003
Description =

Error - 13/10/2012 12:26:16 AM | Computer Name = Weeny-PC | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 5.212.200.72. The computer with the IP address 5.99.107.16 did not
allow the name to be claimed by this computer.

Error - 13/10/2012 2:49:21 AM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 13/10/2012 4:58:32 AM | Computer Name = Weeny-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 13/10/2012 1:44:10 PM | Computer Name = Weeny-PC | Source = bowser | ID = 8003
Description =

Error - 14/10/2012 2:33:45 AM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Modules Installer service to connect.

Error - 14/10/2012 2:33:45 AM | Computer Name = Weeny-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Modules Installer service failed to start due to the following
error: %%1053

Error - 14/10/2012 2:33:56 AM | Computer Name = Weeny-PC | Source = DCOM | ID = 10005
Description =


< End of report >

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,672 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:24 AM

Posted 17 October 2012 - 09:03 AM

Greetings Kairyn and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary. If you would allow me to call you by your first name I would prefer to do that. :thumbup2:


===================================================


Ground Rules:

  • First, I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided. In the meantime I would like you to run this program for me please.


===================================================


Farbar's Recovery Scan Tool

--------------------

I would like you to run Farbar's Recovery Scan Tool to check your Master Boot Record (MBR). For this you will need a USB flash drive and start on a clean computer.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC and we will enter the System Recovery Options one of the two following ways:

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • FRST.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 17 October 2012 - 06:15 PM

It should be noted that I had to run a system recovery shortly before your reply as my computer was no longer able to boot. It shouldn't have any effects on the logs you've read so far as I believe I 'recovered' to a point just after I had done those scans.

Here's my log, thanks for the help Gary... No need to ask me to use my first name either, it's the same as my user so you're already using it. :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2012
Ran by SYSTEM at 17-10-2012 16:57:21
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [1996200 2012-08-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [2472048 2010-08-11] (VIA)
HKU\Weeny\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1353080 2012-10-11] (Valve Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.1
Startup: C:\Users\Weeny\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-07] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-07] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-10-17] ()

==================== Drivers (Whitelisted) =====================

2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-07] (Malwarebytes Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-28] ()
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-10-17 16:55 - 2012-10-17 16:55 - 00000000 ____D C:\FRST
2012-10-17 03:58 - 2012-10-17 03:58 - 00003205 ____A C:\Users\Weeny\Desktop\Sophos Virus Removal Tool.lnk
2012-10-17 03:58 - 2012-10-17 03:58 - 00000000 ____D C:\Users\All Users\Sophos
2012-10-17 03:58 - 2012-10-17 03:58 - 00000000 ____D C:\Program Files (x86)\Sophos
2012-10-17 03:52 - 2012-10-17 03:52 - 02213464 ____A (Kaspersky Lab ZAO) C:\Users\Weeny\Desktop\tdsskiller.exe
2012-10-17 03:33 - 2012-10-17 03:33 - 00001812 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-17 03:33 - 2012-10-17 03:33 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\SUPERAntiSpyware.com
2012-10-17 03:33 - 2012-10-17 03:33 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-10-17 03:33 - 2012-10-17 03:33 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-10-17 03:30 - 2012-10-17 03:30 - 00000000 ____D C:\Program Files (x86)\ESET
2012-10-17 03:01 - 2012-10-17 03:01 - 00298016 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-10-17 03:01 - 2012-10-17 03:01 - 00000000 ____D C:\Users\Weeny\AppData\Local\PunkBuster
2012-10-17 02:59 - 2012-10-17 02:59 - 00763706 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-10-17 02:57 - 2012-10-17 03:01 - 00298016 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-10-17 02:57 - 2012-10-17 02:57 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-10-17 02:56 - 2012-10-17 03:01 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-10-17 02:56 - 2012-10-17 02:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-10-17 02:56 - 2012-07-11 21:58 - 03130440 ____A C:\Windows\SysWOW64\pbsvc_blr.exe
2012-10-17 02:38 - 2012-10-17 02:37 - 02607188 ____A C:\Users\Weeny\Desktop\CBS.log
2012-10-14 16:19 - 2012-10-14 16:19 - 00001085 ____A C:\Users\Weeny\Desktop\Cheat Engine.lnk
2012-10-14 16:19 - 2012-10-14 16:19 - 00000000 ____D C:\Users\Weeny\Documents\My Cheat Tables
2012-10-14 16:18 - 2012-10-14 16:19 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2012-10-13 09:28 - 2012-10-13 09:28 - 00000000 ____D C:\Users\Weeny\AppData\Local\FLT
2012-10-13 09:28 - 2010-06-02 02:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2012-10-13 09:28 - 2010-06-02 02:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2012-10-13 09:28 - 2010-06-02 02:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2012-10-13 09:28 - 2010-06-02 02:55 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2012-10-13 09:28 - 2010-06-02 02:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2012-10-13 09:28 - 2010-06-02 02:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 02401112 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 01907552 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 00511328 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2012-10-13 09:28 - 2010-05-26 09:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00530776 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00078680 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2012-10-13 09:28 - 2010-02-04 08:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-10-13 09:28 - 2009-09-04 15:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2012-10-13 09:28 - 2009-09-04 15:44 - 00515416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2012-10-13 09:28 - 2009-09-04 15:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2012-10-13 09:28 - 2009-09-04 15:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2012-10-13 09:28 - 2009-09-04 15:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2012-10-13 09:28 - 2009-09-04 15:44 - 00069464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2012-10-13 09:28 - 2009-09-04 15:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2012-10-13 09:28 - 2009-03-16 12:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2012-10-13 09:28 - 2009-03-16 12:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2012-10-13 09:28 - 2009-03-16 12:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2012-10-13 09:28 - 2009-03-16 12:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2012-10-13 09:28 - 2009-03-16 12:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2012-10-13 09:28 - 2009-03-16 12:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-10-13 09:28 - 2009-03-09 13:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2012-10-13 09:28 - 2009-03-09 13:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2012-10-13 09:28 - 2009-03-09 13:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2012-10-13 09:28 - 2009-03-09 13:27 - 01846632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2012-10-13 09:28 - 2009-03-09 13:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2012-10-13 09:28 - 2009-03-09 13:27 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00235856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00025936 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2012-10-13 09:28 - 2008-10-27 08:04 - 00023376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-10-13 09:28 - 2008-10-15 04:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2012-10-13 09:28 - 2008-10-15 04:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2012-10-13 09:28 - 2008-10-15 04:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2012-10-13 09:28 - 2008-10-15 04:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-10-13 09:28 - 2008-10-15 04:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2012-10-13 09:28 - 2008-10-15 04:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2012-10-13 09:27 - 2008-07-31 08:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2012-10-13 09:27 - 2008-07-31 08:41 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2012-10-13 09:27 - 2008-07-31 08:41 - 00072200 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2012-10-13 09:27 - 2008-07-31 08:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-10-13 09:27 - 2008-07-31 08:40 - 00513544 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2012-10-13 09:27 - 2008-07-31 08:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2012-10-13 09:27 - 2008-07-10 09:01 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2012-10-13 09:27 - 2008-07-10 09:00 - 04992520 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2012-10-13 09:27 - 2008-07-10 09:00 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2012-10-13 09:27 - 2008-07-10 09:00 - 01942552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2012-10-13 09:27 - 2008-07-10 09:00 - 01493528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-10-13 09:27 - 2008-07-10 09:00 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2012-10-13 09:27 - 2008-05-30 12:19 - 00511496 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2012-10-13 09:27 - 2008-05-30 12:19 - 00507400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2012-10-13 09:27 - 2008-05-30 12:18 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2012-10-13 09:27 - 2008-05-30 12:18 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2012-10-13 09:27 - 2008-05-30 12:17 - 00068104 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2012-10-13 09:27 - 2008-05-30 12:17 - 00065032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-10-13 09:27 - 2008-05-30 12:17 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-10-13 09:27 - 2008-05-30 12:16 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2012-10-13 09:27 - 2008-05-30 12:11 - 04991496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2012-10-13 09:27 - 2008-05-30 12:11 - 03850760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2012-10-13 09:27 - 2008-05-30 12:11 - 01941528 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2012-10-13 09:27 - 2008-05-30 12:11 - 01491992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-10-13 09:27 - 2008-05-30 12:11 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2012-10-13 09:27 - 2008-05-30 12:11 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2012-10-13 09:27 - 2008-03-05 14:04 - 00489480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2012-10-13 09:27 - 2008-03-05 14:03 - 00479752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2012-10-13 09:27 - 2008-03-05 14:03 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2012-10-13 09:27 - 2008-03-05 14:03 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2012-10-13 09:27 - 2008-03-05 14:00 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2012-10-13 09:27 - 2008-03-05 14:00 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-10-13 09:27 - 2008-03-05 13:56 - 04910088 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2012-10-13 09:27 - 2008-03-05 13:56 - 03786760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2012-10-13 09:27 - 2008-03-05 13:56 - 01860120 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2012-10-13 09:27 - 2008-03-05 13:56 - 01420824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-10-13 09:27 - 2008-02-05 21:07 - 00529424 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2012-10-13 09:27 - 2008-02-05 21:07 - 00462864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2012-10-13 09:27 - 2007-10-22 01:40 - 00411656 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2012-10-13 09:27 - 2007-10-22 01:39 - 00267272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2012-10-13 09:27 - 2007-10-22 01:37 - 00021000 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2012-10-13 09:27 - 2007-10-22 01:37 - 00017928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-10-13 09:27 - 2007-10-12 13:14 - 05081608 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2012-10-13 09:27 - 2007-10-12 13:14 - 03734536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2012-10-13 09:27 - 2007-10-12 13:14 - 02006552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2012-10-13 09:27 - 2007-10-12 13:14 - 01374232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-10-13 09:27 - 2007-10-02 07:56 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2012-10-13 09:27 - 2007-10-02 07:56 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2012-10-13 09:27 - 2007-07-19 22:57 - 00411496 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2012-10-13 09:27 - 2007-07-19 22:57 - 00267112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2012-10-13 09:27 - 2007-07-19 16:14 - 05073256 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2012-10-13 09:27 - 2007-07-19 16:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2012-10-13 09:27 - 2007-07-19 16:14 - 01985904 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2012-10-13 09:27 - 2007-07-19 16:14 - 01358192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-10-13 09:27 - 2007-07-19 16:14 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2012-10-13 09:27 - 2007-07-19 16:14 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2012-10-13 09:27 - 2007-06-20 18:49 - 00409960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2012-10-13 09:27 - 2007-06-20 18:46 - 00266088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2012-10-13 09:27 - 2007-05-16 14:45 - 04496232 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2012-10-13 09:27 - 2007-05-16 14:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2012-10-13 09:27 - 2007-05-16 14:45 - 01401200 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2012-10-13 09:27 - 2007-05-16 14:45 - 01124720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-10-13 09:27 - 2007-05-16 14:45 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2012-10-13 09:27 - 2007-05-16 14:45 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2012-10-13 09:27 - 2007-04-04 16:55 - 00403304 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2012-10-13 09:27 - 2007-04-04 16:55 - 00261480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2012-10-13 09:27 - 2007-04-04 16:54 - 00107368 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2012-10-13 09:27 - 2007-04-04 16:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2012-10-13 09:27 - 2007-03-15 14:57 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2012-10-13 09:27 - 2007-03-15 14:57 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2012-10-13 09:27 - 2007-03-12 14:42 - 04494184 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2012-10-13 09:27 - 2007-03-12 14:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2012-10-13 09:27 - 2007-03-12 14:42 - 01400176 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2012-10-13 09:27 - 2007-03-12 14:42 - 01123696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-10-13 09:27 - 2007-03-05 10:42 - 00017688 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2012-10-13 09:27 - 2007-03-05 10:42 - 00015128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2012-10-13 09:27 - 2007-01-24 13:27 - 00393576 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2012-10-13 09:27 - 2007-01-24 13:27 - 00255848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2012-10-13 09:27 - 2006-12-08 10:02 - 00251672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2012-10-13 09:27 - 2006-12-08 10:00 - 00390424 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2012-10-13 09:27 - 2006-11-29 11:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2012-10-13 09:27 - 2006-11-29 11:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2012-10-13 09:27 - 2006-11-29 11:06 - 00469264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2012-10-13 09:27 - 2006-11-29 11:06 - 00440080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2012-10-13 09:27 - 2006-09-28 14:05 - 03977496 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2012-10-13 09:27 - 2006-09-28 14:05 - 02414360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2012-10-13 09:27 - 2006-09-28 14:05 - 00237848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2012-10-13 09:27 - 2006-09-28 14:04 - 00364824 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2012-10-13 09:27 - 2006-07-28 07:31 - 00083736 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2012-10-13 09:27 - 2006-07-28 07:30 - 00363288 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2012-10-13 09:27 - 2006-07-28 07:30 - 00236824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2012-10-13 09:27 - 2006-07-28 07:30 - 00062744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2012-10-13 09:27 - 2006-05-31 05:24 - 00230168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2012-10-13 09:27 - 2006-05-31 05:22 - 00354072 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2012-10-13 09:27 - 2006-03-31 10:41 - 03927248 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2012-10-13 09:27 - 2006-03-31 10:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2012-10-13 09:27 - 2006-03-31 10:40 - 00352464 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2012-10-13 09:27 - 2006-03-31 10:39 - 00229584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2012-10-13 09:27 - 2006-03-31 10:39 - 00083664 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2012-10-13 09:27 - 2006-03-31 10:39 - 00062672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2012-10-13 09:27 - 2006-02-03 06:43 - 03830992 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2012-10-13 09:27 - 2006-02-03 06:43 - 02332368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2012-10-13 09:27 - 2006-02-03 06:42 - 00355536 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2012-10-13 09:27 - 2006-02-03 06:42 - 00230096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2012-10-13 09:27 - 2006-02-03 06:41 - 00016592 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2012-10-13 09:27 - 2006-02-03 06:41 - 00014032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2012-10-13 09:27 - 2005-12-05 16:09 - 03815120 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2012-10-13 09:27 - 2005-12-05 16:09 - 02323664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2012-10-13 09:27 - 2005-07-22 17:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2012-10-13 09:27 - 2005-07-22 17:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2012-10-13 09:27 - 2005-05-26 13:34 - 03767504 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2012-10-13 09:27 - 2005-05-26 13:34 - 02297552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2012-10-13 09:27 - 2005-03-18 15:19 - 03823312 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2012-10-13 09:27 - 2005-03-18 15:19 - 02337488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2012-10-13 09:27 - 2005-02-05 17:45 - 03544272 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2012-10-13 09:27 - 2005-02-05 17:45 - 02222800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2012-10-12 17:55 - 2012-10-12 17:55 - 00001180 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2012-10-12 17:54 - 2012-10-16 18:24 - 00000000 ____D C:\Users\Weeny\AppData\Local\Paint.NET
2012-10-12 17:54 - 2012-10-12 17:54 - 00000000 ____D C:\Program Files\Paint.NET
2012-10-12 15:40 - 2012-10-17 03:59 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\BitTorrent
2012-10-12 15:40 - 2012-10-12 15:40 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2012-10-12 13:05 - 2012-10-12 13:05 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2012-10-12 13:04 - 2012-10-12 13:05 - 00000000 ____D C:\Program Files (x86)\VIA
2012-10-12 13:04 - 2010-08-04 19:17 - 01342064 ____A (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viahduaa.sys
2012-10-12 13:04 - 2010-08-04 19:17 - 00992368 ____A (VIA Technologies, Inc.) C:\Windows\System32\VIAPropPageExt.dll
2012-10-12 13:04 - 2010-08-04 19:17 - 00549488 ____A (VIA Technologies, Inc.) C:\Windows\System32\VIASysFx.dll
2012-10-12 13:04 - 2010-08-04 19:17 - 00248944 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\Dts2APO.dll
2012-10-12 13:04 - 2010-08-04 19:17 - 00199280 ____A (VIA Technologies, Inc.) C:\Windows\System32\ViaMicArrayAPO.dll
2012-10-12 13:04 - 2010-08-04 19:17 - 00091760 ____A (VIA Technologies, Inc.) C:\Windows\System32\Dts2PropPageExt.dll
2012-10-12 13:04 - 2010-08-04 19:17 - 00083056 ____A (VIA Technologies,Inc.) C:\Windows\System32\ViaMicArrayPropPageExt.dll
2012-10-12 13:04 - 2007-12-04 09:28 - 00086016 ____A (QSound Labs, Inc.) C:\Windows\System32\nQPropPageExt.dll
2012-10-12 13:04 - 2007-12-04 09:28 - 00082432 ____A (QSound Labs, Inc.) C:\Windows\System32\nQAPO.dll
2012-10-12 13:04 - 2007-04-11 13:35 - 00414632 ____N (Microsoft Corporation) C:\Windows\difxapi.dll
2012-10-12 12:46 - 2012-10-12 21:34 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\.minecraft
2012-10-12 12:39 - 2012-10-12 12:39 - 00000000 ____D C:\Users\All Users\Nexon
2012-10-12 12:37 - 2012-10-12 12:37 - 00000000 ____D C:\Users\All Users\NexonUS
2012-10-11 23:05 - 2012-10-17 00:57 - 00007600 ____A C:\Users\Weeny\AppData\Local\Resmon.ResmonCfg
2012-10-11 21:30 - 2012-10-11 21:29 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-10-11 21:30 - 2012-10-11 21:29 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-10-11 21:30 - 2012-10-11 21:29 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-10-11 21:29 - 2012-10-11 21:29 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-10-11 21:29 - 2012-10-11 21:29 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-10-11 21:29 - 2012-10-11 21:29 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-11 21:29 - 2012-10-11 21:29 - 00000000 ____D C:\Program Files\Java
2012-10-11 21:28 - 2012-10-17 03:53 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\.purple
2012-10-11 21:27 - 2012-10-11 21:27 - 00000979 ____A C:\Users\Public\Desktop\Pidgin.lnk
2012-10-11 21:27 - 2012-10-11 21:27 - 00000000 ____D C:\Program Files (x86)\Pidgin
2012-10-11 16:09 - 2012-10-11 16:25 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Notepad++
2012-10-11 15:28 - 2010-09-13 22:45 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2012-10-11 15:28 - 2010-09-13 22:07 - 00276992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2012-10-11 15:21 - 2012-09-27 22:18 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-11 14:52 - 2012-10-11 14:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-10-11 14:52 - 2012-10-11 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-10-11 14:50 - 2009-09-09 22:28 - 00311808 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2012-10-11 14:50 - 2009-09-09 21:52 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2012-10-11 14:39 - 2009-10-09 19:17 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2012-10-11 14:35 - 2012-10-11 14:35 - 00001246 ____A C:\Users\Weeny\Desktop\Auslogics Disk Defrag.lnk
2012-10-11 14:35 - 2012-10-11 14:35 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Auslogics
2012-10-11 14:35 - 2012-10-11 14:35 - 00000000 ____D C:\Program Files (x86)\Auslogics
2012-10-11 14:26 - 2009-03-18 15:35 - 00033856 ___AH (LogMeIn, Inc.) C:\Windows\System32\hamachi.sys
2012-10-11 14:25 - 2012-10-17 13:11 - 00000000 ____D C:\Users\Weeny\AppData\Local\LogMeIn Hamachi
2012-10-11 14:25 - 2012-10-11 14:25 - 00000930 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2012-10-11 14:25 - 2012-10-11 14:25 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2012-10-11 14:25 - 2009-11-25 10:47 - 01942856 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 01130824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 00444752 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 00320352 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2012-10-11 14:25 - 2009-11-25 10:47 - 00297808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 00295264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2012-10-11 14:25 - 2009-11-25 10:47 - 00109912 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 00099176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 00049472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2012-10-11 14:25 - 2009-11-25 10:47 - 00048960 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-10-11 14:23 - 2012-10-11 14:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-10-11 14:22 - 2012-10-11 14:22 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-10-11 14:22 - 2012-10-11 14:22 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-10-11 14:22 - 2012-10-11 14:22 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-10-11 14:22 - 2012-10-11 14:22 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-10-11 14:22 - 2012-10-11 14:22 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-10-11 14:22 - 2012-10-11 14:22 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-10-11 14:22 - 2012-10-11 14:22 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-10-11 14:22 - 2012-10-11 14:22 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-10-11 14:22 - 2012-10-11 14:22 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-10-11 14:22 - 2012-10-11 14:22 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-10-11 13:57 - 2012-02-29 22:54 - 00022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-10-11 13:57 - 2012-02-29 22:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-10-11 13:57 - 2012-02-29 22:35 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-10-11 13:57 - 2012-02-29 21:45 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-10-11 13:57 - 2012-02-29 21:40 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-10-11 13:54 - 2010-03-03 20:32 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2012-10-11 13:52 - 2012-08-18 07:43 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-11 13:52 - 2012-08-18 07:43 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-11 13:52 - 2012-08-18 07:43 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-11 13:52 - 2012-08-18 07:42 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-11 13:52 - 2012-08-18 07:40 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-11 13:52 - 2012-08-18 07:37 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-11 13:52 - 2012-08-18 07:37 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-11 13:52 - 2012-08-18 07:34 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-11 13:52 - 2012-08-18 07:22 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:22 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-11 13:52 - 2012-08-18 03:19 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-11 13:52 - 2012-08-18 03:17 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-11 13:52 - 2012-08-18 03:17 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-11 13:52 - 2012-08-18 03:17 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 01:12 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-11 13:52 - 2012-08-18 01:12 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-11 13:52 - 2012-08-18 01:07 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 01:07 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 01:07 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 13:52 - 2012-08-18 01:07 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-11 13:52 - 2012-01-04 01:58 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-10-11 13:52 - 2012-01-04 01:03 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-10-11 13:51 - 2012-08-31 10:02 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-11 13:51 - 2012-08-02 09:55 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-10-11 13:51 - 2012-08-02 09:05 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-10-11 13:51 - 2012-04-07 04:18 - 03213824 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-10-11 13:51 - 2012-04-07 03:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-10-11 13:51 - 2012-01-02 22:24 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-10-11 13:51 - 2012-01-02 21:44 - 00478208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-10-11 13:51 - 2011-06-15 21:31 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2012-10-11 13:51 - 2011-06-15 20:35 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2012-10-11 13:51 - 2011-05-03 21:30 - 02326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2012-10-11 13:51 - 2011-05-03 21:28 - 02228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2012-10-11 13:51 - 2011-05-03 21:28 - 00779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2012-10-11 13:51 - 2011-05-03 21:28 - 00491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2012-10-11 13:51 - 2011-05-03 21:28 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2012-10-11 13:51 - 2011-05-03 21:28 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2012-10-11 13:51 - 2011-05-03 21:24 - 00593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2012-10-11 13:51 - 2011-05-03 21:24 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2012-10-11 13:51 - 2011-05-03 21:24 - 00113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2012-10-11 13:51 - 2011-05-03 20:53 - 01553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2012-10-11 13:51 - 2011-05-03 20:52 - 01401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2012-10-11 13:51 - 2011-05-03 20:52 - 00666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2012-10-11 13:51 - 2011-05-03 20:52 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2012-10-11 13:51 - 2011-05-03 20:52 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2012-10-11 13:51 - 2011-05-03 20:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2012-10-11 13:51 - 2011-05-03 20:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2012-10-11 13:51 - 2011-05-03 20:52 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2012-10-11 13:51 - 2011-05-03 20:52 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2012-10-11 13:51 - 2011-04-22 12:18 - 00027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2012-10-11 13:51 - 2011-03-12 04:03 - 00662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2012-10-11 13:51 - 2011-03-12 03:31 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2012-10-11 13:51 - 2011-02-25 22:23 - 02870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2012-10-11 13:51 - 2011-02-25 21:33 - 02614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2012-10-11 13:51 - 2011-02-23 22:30 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2012-10-11 13:51 - 2011-02-23 21:32 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2012-10-11 13:51 - 2011-02-18 22:37 - 01135104 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-10-11 13:51 - 2011-01-25 22:53 - 00982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2012-10-11 13:51 - 2011-01-25 22:53 - 00265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2012-10-11 13:51 - 2011-01-25 22:31 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2012-10-11 13:51 - 2010-12-20 22:16 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2012-10-11 13:51 - 2010-12-20 22:16 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2012-10-11 13:51 - 2010-12-20 22:16 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2012-10-11 13:51 - 2010-12-20 22:16 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2012-10-11 13:51 - 2010-12-20 22:15 - 00264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2012-10-11 13:51 - 2010-12-20 22:15 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-10-11 13:51 - 2010-12-20 22:10 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2012-10-11 13:51 - 2010-12-20 21:38 - 00350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2012-10-11 13:51 - 2010-12-20 21:38 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2012-10-11 13:51 - 2010-12-20 21:38 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2012-10-11 13:51 - 2010-12-20 21:38 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2012-10-11 13:51 - 2010-12-20 21:38 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2012-10-11 13:51 - 2010-12-20 21:34 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2012-10-11 13:51 - 2010-11-01 21:18 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2012-10-11 13:51 - 2010-11-01 20:41 - 00135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2012-10-11 13:51 - 2010-08-03 23:07 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll
2012-10-11 13:51 - 2010-06-25 21:31 - 01863680 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2012-10-11 13:51 - 2010-06-25 21:14 - 01495040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2012-10-11 13:51 - 2010-05-23 02:15 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2012-10-11 13:51 - 2010-05-23 02:11 - 03181568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2012-10-11 13:51 - 2010-05-23 02:11 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2012-10-11 13:51 - 2010-05-23 00:37 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2012-10-11 13:51 - 2010-05-23 00:35 - 04068864 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2012-10-11 13:51 - 2010-05-23 00:35 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2012-10-11 13:51 - 2010-05-23 00:35 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2012-10-11 13:51 - 2010-01-19 01:05 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2012-10-11 13:51 - 2010-01-19 01:05 - 00422912 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2012-10-11 13:51 - 2010-01-19 01:05 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2012-10-11 13:51 - 2010-01-19 01:05 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2012-10-11 13:51 - 2010-01-19 01:00 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2012-10-11 13:51 - 2010-01-19 01:00 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2012-10-11 13:51 - 2010-01-19 01:00 - 00306688 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2012-10-11 13:51 - 2010-01-19 01:00 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2012-10-11 13:51 - 2010-01-18 15:29 - 00369152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2012-10-11 13:51 - 2010-01-18 15:29 - 00365568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2012-10-11 13:51 - 2010-01-18 15:29 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2012-10-11 13:51 - 2010-01-18 15:29 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2012-10-11 13:51 - 2010-01-18 15:28 - 00324608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2012-10-11 13:51 - 2010-01-18 15:28 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2012-10-11 13:51 - 2010-01-18 15:28 - 00280064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2012-10-11 13:51 - 2010-01-18 15:28 - 00277504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2012-10-11 13:51 - 2009-09-25 22:20 - 00223448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2012-10-11 13:50 - 2012-05-01 21:32 - 00208896 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-10-11 13:47 - 2012-10-11 13:47 - 00000000 ____D C:\Users\Weeny\AppData\Local\thq
2012-10-11 13:47 - 2012-05-05 00:30 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-10-11 13:47 - 2012-05-04 23:44 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-10-11 13:47 - 2012-02-10 22:36 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-10-11 13:47 - 2012-02-10 22:29 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-10-11 13:47 - 2012-02-10 22:29 - 00067584 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-10-11 13:47 - 2012-02-10 21:44 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-10-11 13:47 - 2011-02-17 22:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2012-10-11 13:47 - 2011-02-17 21:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2012-10-11 13:43 - 2012-10-11 13:43 - 00000000 ____D C:\Users\Weeny\AppData\Local\AMD
2012-10-11 13:42 - 2012-10-11 13:42 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\ATI
2012-10-11 13:42 - 2012-10-11 13:42 - 00000000 ____D C:\Users\Weeny\AppData\Local\ATI
2012-10-11 13:42 - 2012-10-11 13:42 - 00000000 ____D C:\Users\All Users\ATI
2012-10-11 13:41 - 2012-10-11 13:41 - 00000000 ____A C:\Windows\ativpsrm.bin
2012-10-11 13:26 - 2012-02-14 22:27 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-10-11 13:26 - 2012-02-14 21:44 - 00826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-10-11 13:26 - 2012-02-14 20:46 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-10-11 13:25 - 2012-10-11 13:25 - 00000000 ____D C:\Program Files\7-Zip
2012-10-11 13:17 - 2012-10-17 03:58 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-10-11 13:17 - 2012-10-11 13:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-10-11 13:17 - 2012-10-11 13:17 - 00001258 ____A C:\Users\Weeny\Desktop\Spybot - Search & Destroy.lnk
2012-10-11 13:17 - 2012-10-11 13:17 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Malwarebytes
2012-10-11 13:16 - 2012-10-11 13:16 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-10-11 13:16 - 2012-10-11 13:16 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Macromedia
2012-10-11 13:16 - 2012-10-11 13:16 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Adobe
2012-10-11 13:16 - 2012-10-11 13:16 - 00000000 ____D C:\Users\Weeny\AppData\Local\Macromedia
2012-10-11 13:16 - 2012-10-11 13:16 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-10-11 13:16 - 2012-10-11 13:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-11 13:16 - 2012-09-07 15:04 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-10-11 13:15 - 2012-10-11 13:16 - 00000000 ____D C:\Users\All Users\Adobe
2012-10-11 13:15 - 2012-10-11 13:15 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-11 13:15 - 2012-10-11 13:15 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-11 13:15 - 2012-10-11 13:15 - 00000826 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-10-11 13:15 - 2012-10-11 13:15 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-10-11 13:15 - 2012-10-11 13:15 - 00000000 ____D C:\Windows\System32\Macromed
2012-10-11 13:15 - 2012-10-11 13:15 - 00000000 ____D C:\Program Files\CCleaner
2012-10-11 13:14 - 2012-10-11 13:14 - 00000000 ____D C:\Program Files (x86)\Notepad++
2012-10-11 13:13 - 2012-10-11 13:13 - 00002154 ____A C:\Windows\epplauncher.mif
2012-10-11 13:12 - 2012-10-11 13:12 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-10-11 13:12 - 2012-10-11 13:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-10-11 13:11 - 2010-04-09 03:06 - 00374664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-10-11 13:00 - 2012-10-11 13:00 - 00001147 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-10-11 13:00 - 2012-10-11 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-11 12:42 - 2012-10-15 14:28 - 00000000 ____D C:\Windows\Panther
2012-10-11 12:41 - 2012-10-17 14:41 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Skype
2012-10-11 12:41 - 2012-10-11 12:41 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-10-11 12:41 - 2012-10-11 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-10-11 12:41 - 2012-10-11 12:41 - 00000000 ____D C:\Users\All Users\Skype
2012-10-11 12:40 - 2012-10-11 12:40 - 00000000 ____D C:\Users\All Users\AMD
2012-10-11 12:40 - 2012-10-11 12:40 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2012-10-11 12:40 - 2010-02-18 07:18 - 00046136 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdiox64.sys
2012-10-11 12:39 - 2012-10-11 12:39 - 00000000 ____D C:\AMD
2012-10-11 12:38 - 2012-10-11 12:38 - 00001043 ____A C:\Users\Weeny\Desktop\Dropbox.lnk
2012-10-11 12:37 - 2012-10-11 12:37 - 00057560 ____A C:\Users\Weeny\AppData\Local\GDIPFONTCACHEV1.DAT
2012-10-11 12:35 - 2012-10-17 03:25 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Dropbox
2012-10-11 12:27 - 2012-08-10 16:53 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-11 12:27 - 2012-08-10 15:54 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-11 12:27 - 2012-07-18 09:31 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-10-11 12:27 - 2012-06-08 21:30 - 14165504 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-10-11 12:27 - 2012-06-08 20:46 - 12868608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-10-11 12:27 - 2012-06-05 21:50 - 02003968 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-10-11 12:27 - 2012-06-05 21:50 - 01880064 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-10-11 12:27 - 2012-06-05 21:09 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-10-11 12:27 - 2012-06-05 21:09 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-10-11 12:27 - 2012-06-01 21:38 - 00152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-10-11 12:27 - 2012-06-01 21:38 - 00095088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-10-11 12:27 - 2012-06-01 21:37 - 00459216 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-10-11 12:27 - 2012-06-01 21:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-10-11 12:27 - 2012-06-01 21:27 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-10-11 12:27 - 2012-06-01 20:48 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-10-11 12:27 - 2012-06-01 20:48 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-10-11 12:27 - 2012-06-01 20:47 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-10-11 12:27 - 2012-06-01 20:42 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-10-11 12:27 - 2012-04-25 21:34 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-10-11 12:27 - 2012-04-25 21:34 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-10-11 12:27 - 2012-04-25 21:28 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-10-11 12:27 - 2012-03-16 23:55 - 00075632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-10-11 12:27 - 2012-03-02 22:29 - 01837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-10-11 12:27 - 2012-03-02 22:29 - 01541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-10-11 12:27 - 2012-03-02 22:29 - 00902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-10-11 12:27 - 2012-03-02 22:29 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-10-11 12:27 - 2012-03-02 22:29 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-10-11 12:27 - 2012-03-02 21:40 - 01170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-10-11 12:27 - 2012-03-02 21:40 - 01074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-10-11 12:27 - 2012-03-02 21:40 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-10-11 12:27 - 2012-03-02 21:40 - 00218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-10-11 12:27 - 2012-03-02 21:40 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-10-11 12:27 - 2011-11-16 23:12 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-10-11 12:27 - 2011-11-16 23:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-10-11 12:27 - 2011-11-16 23:11 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-10-11 12:27 - 2011-11-16 23:11 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-10-11 12:27 - 2011-11-16 23:08 - 01446912 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-10-11 12:27 - 2011-11-16 23:05 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-10-11 12:27 - 2011-11-16 21:39 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2012-10-11 12:27 - 2011-10-25 21:22 - 01572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-10-11 12:27 - 2011-10-25 21:22 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-10-11 12:27 - 2011-10-25 20:28 - 01328640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2012-10-11 12:27 - 2011-10-25 20:28 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-10-11 12:27 - 2011-06-15 01:58 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2012-10-11 12:27 - 2011-06-15 01:58 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2012-10-11 12:27 - 2011-06-15 01:58 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2012-10-11 12:27 - 2011-06-15 01:58 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2012-10-11 12:27 - 2011-06-15 01:04 - 00319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2012-10-11 12:27 - 2011-06-15 01:04 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2012-10-11 12:27 - 2011-06-15 01:04 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2012-10-11 12:27 - 2011-06-15 01:04 - 00086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2012-10-11 12:27 - 2011-06-15 01:04 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2012-10-11 12:27 - 2011-04-26 18:57 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2012-10-11 12:27 - 2011-04-08 22:58 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-10-11 12:27 - 2011-04-08 21:56 - 00123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2012-10-11 12:27 - 2011-03-02 22:17 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2012-10-11 12:27 - 2011-03-02 22:17 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2012-10-11 12:27 - 2011-03-02 22:14 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2012-10-11 12:27 - 2011-03-02 21:29 - 00269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2012-10-11 12:27 - 2011-03-02 21:27 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2012-10-11 12:27 - 2011-02-22 21:15 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2012-10-11 12:27 - 2011-02-18 22:36 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-10-11 12:27 - 2011-02-18 21:32 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-10-11 12:27 - 2011-02-18 20:13 - 00367104 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-10-11 12:27 - 2011-02-18 19:37 - 00294912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-10-11 12:27 - 2010-12-22 22:07 - 01118720 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2012-10-11 12:27 - 2010-12-22 22:07 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2012-10-11 12:27 - 2010-12-22 22:02 - 00259072 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2012-10-11 12:27 - 2010-12-22 21:28 - 00850432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2012-10-11 12:27 - 2010-12-22 21:28 - 00642048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2012-10-11 12:27 - 2010-12-22 21:24 - 00199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2012-10-11 12:27 - 2010-08-31 21:21 - 14627840 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2012-10-11 12:27 - 2010-08-31 21:12 - 12625920 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2012-10-11 12:27 - 2010-08-31 20:29 - 11406848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2012-10-11 12:27 - 2010-08-31 20:23 - 12625408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2012-10-11 12:27 - 2010-08-25 21:27 - 00148992 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2012-10-11 12:27 - 2010-08-25 20:39 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2012-10-11 12:27 - 2010-08-20 22:38 - 01024512 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2012-10-11 12:27 - 2010-08-20 21:36 - 00738816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2012-10-11 12:27 - 2010-06-28 21:39 - 02085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2012-10-11 12:27 - 2010-06-28 21:02 - 01413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2012-10-11 12:27 - 2010-05-04 23:37 - 00483840 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2012-10-11 12:27 - 2010-05-04 22:46 - 00363520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2012-10-11 12:27 - 2010-03-04 23:52 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2012-10-11 12:27 - 2010-03-04 23:42 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2012-10-11 12:27 - 2009-10-19 06:46 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2012-10-11 12:27 - 2009-10-19 06:10 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2012-10-11 12:26 - 2012-08-30 10:11 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-11 12:26 - 2012-08-30 09:18 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-11 12:26 - 2012-08-30 09:18 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-11 12:26 - 2011-10-25 21:19 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2012-10-11 12:26 - 2011-07-08 18:44 - 00287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2012-10-11 12:26 - 2011-05-03 18:51 - 00157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2012-10-11 12:26 - 2011-05-03 18:51 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-10-11 12:26 - 2011-03-10 22:19 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2012-10-11 12:26 - 2011-03-10 22:19 - 01359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2012-10-11 12:26 - 2011-03-10 21:40 - 01164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2012-10-11 12:26 - 2011-03-10 21:40 - 01137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2012-10-11 12:26 - 2010-11-01 21:18 - 00524288 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll
2012-10-11 12:26 - 2010-11-01 21:17 - 01169408 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2012-10-11 12:26 - 2010-11-01 21:17 - 00473600 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2012-10-11 12:26 - 2010-11-01 21:16 - 01114624 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2012-10-11 12:26 - 2010-11-01 21:10 - 00464384 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2012-10-11 12:26 - 2010-11-01 21:10 - 00285696 ____A (Microsoft Corporation) C:\Windows\System32\schtasks.exe
2012-10-11 12:26 - 2010-11-01 20:40 - 00496128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2012-10-11 12:26 - 2010-11-01 20:40 - 00305152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2012-10-11 12:26 - 2010-11-01 20:34 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2012-10-11 12:26 - 2010-11-01 20:34 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2012-10-11 12:26 - 2010-08-20 22:31 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2012-10-11 12:26 - 2010-08-20 21:33 - 00530432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2012-10-11 12:26 - 2010-07-28 22:30 - 00082944 ____A (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2012-10-11 12:26 - 2010-06-18 22:53 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2012-10-11 12:26 - 2010-06-18 22:23 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2012-10-11 12:26 - 2009-10-27 22:24 - 00389632 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2012-10-11 12:26 - 2009-09-02 23:36 - 01975296 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2012-10-11 12:26 - 2009-09-02 23:04 - 01320960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2012-10-11 12:25 - 2012-09-14 11:23 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-11 12:25 - 2012-09-14 10:30 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-11 12:25 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-11 12:25 - 2012-08-24 09:10 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-11 12:25 - 2012-07-04 14:04 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-10-11 12:25 - 2012-07-04 14:01 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-10-11 12:25 - 2012-07-04 14:01 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-10-11 12:25 - 2012-07-04 13:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-10-11 12:25 - 2012-07-04 13:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-10-11 12:25 - 2012-06-01 21:25 - 01462784 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-11 12:25 - 2012-06-01 21:25 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-11 12:25 - 2012-06-01 21:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-11 12:25 - 2012-06-01 20:45 - 01157632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-11 12:25 - 2012-06-01 20:45 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-11 12:25 - 2012-06-01 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-11 12:25 - 2012-05-13 21:20 - 00956416 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-10-11 12:25 - 2012-04-27 19:50 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-10-11 12:25 - 2012-03-30 03:09 - 01895280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-10-11 12:25 - 2011-12-27 19:59 - 00499200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-10-11 12:25 - 2011-12-16 00:42 - 00634368 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-10-11 12:25 - 2011-12-15 23:59 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-10-11 12:25 - 2011-11-16 23:14 - 01739160 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-10-11 12:25 - 2011-11-16 21:41 - 01292592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-10-11 12:25 - 2011-10-14 22:25 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2012-10-11 12:25 - 2011-10-14 21:48 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2012-10-11 12:25 - 2011-08-26 21:40 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2012-10-11 12:25 - 2011-08-26 21:40 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2012-10-11 12:25 - 2011-08-26 20:43 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2012-10-11 12:25 - 2011-08-26 20:43 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2012-10-11 12:25 - 2011-08-16 21:32 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2012-10-11 12:25 - 2011-08-16 21:27 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2012-10-11 12:25 - 2011-08-16 21:27 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2012-10-11 12:25 - 2011-08-16 21:27 - 00104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2012-10-11 12:25 - 2011-08-16 21:27 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2012-10-11 12:25 - 2011-08-16 20:26 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2012-10-11 12:25 - 2011-08-16 20:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2012-10-11 12:25 - 2011-08-16 20:22 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2012-10-11 12:25 - 2011-08-16 20:22 - 00072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2012-10-11 12:25 - 2011-08-16 20:22 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2012-10-11 12:25 - 2011-05-24 03:21 - 00404992 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2012-10-11 12:25 - 2011-05-24 02:34 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2012-10-11 12:25 - 2011-05-24 02:34 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2012-10-11 12:25 - 2011-05-24 02:34 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2012-10-11 12:25 - 2011-05-24 02:32 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2012-10-11 12:25 - 2011-05-02 21:21 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-10-11 12:25 - 2011-05-02 20:50 - 00740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2012-10-11 12:25 - 2011-04-28 19:13 - 00461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2012-10-11 12:25 - 2011-04-28 19:12 - 00399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2012-10-11 12:25 - 2011-04-28 19:12 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-10-11 12:25 - 2011-02-11 22:14 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2012-10-11 12:25 - 2011-02-05 04:41 - 00640896 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2012-10-11 12:25 - 2011-02-05 04:41 - 00556928 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2012-10-11 12:25 - 2011-02-05 04:41 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2012-10-11 12:25 - 2011-02-05 04:41 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2012-10-11 12:25 - 2011-02-05 04:41 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2012-10-11 12:25 - 2011-02-05 04:39 - 00603976 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2012-10-11 12:25 - 2011-02-05 04:39 - 00518160 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2012-10-11 12:25 - 2010-12-17 22:12 - 03138048 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-10-11 12:25 - 2010-12-17 22:08 - 01097216 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-10-11 12:25 - 2010-12-17 21:30 - 02690560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2012-10-11 12:25 - 2010-12-17 21:26 - 01034240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2012-10-11 12:25 - 2010-10-15 21:23 - 00112000 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2012-10-11 12:25 - 2010-10-15 21:17 - 00720896 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2012-10-11 12:25 - 2010-10-15 20:34 - 00573440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2012-10-11 12:25 - 2010-08-30 20:32 - 00954752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2012-10-11 12:25 - 2010-08-30 20:32 - 00954288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2012-10-11 12:25 - 2010-08-26 22:14 - 00236032 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2012-10-11 12:25 - 2010-08-26 21:46 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2012-10-11 12:25 - 2009-12-19 01:50 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2012-10-11 12:25 - 2009-12-19 01:47 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2012-10-11 12:25 - 2009-12-19 01:47 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2012-10-11 12:25 - 2009-12-19 01:47 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2012-10-11 12:25 - 2009-12-19 01:46 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00091648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00050176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2012-10-11 12:25 - 2009-12-19 01:02 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2012-10-11 12:25 - 2009-08-28 23:50 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2012-10-11 12:25 - 2009-08-28 22:57 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2012-10-11 12:22 - 2012-10-17 03:53 - 00000000 ____D C:\Users\Weeny\AppData\Local\Mozilla
2012-10-11 12:22 - 2012-10-11 12:22 - 00000000 ____D C:\Users\Weeny\AppData\Roaming\Mozilla
2012-10-11 12:21 - 2012-10-17 03:59 - 00000000 ____D C:\Program Files (x86)\Steam
2012-10-11 12:21 - 2012-10-11 12:30 - 00000921 ____A C:\Users\Public\Desktop\Steam.lnk
2012-10-11 12:06 - 2012-10-13 09:28 - 00000000 ____D C:\Users\Weeny\Documents\My Games
2012-10-11 12:05 - 2011-11-19 07:07 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-10-11 12:05 - 2011-11-19 06:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2012-10-11 12:04 - 2012-10-11 12:04 - 00000000 ____D C:\Program Files\ATI
2012-10-11 12:04 - 2012-10-11 12:01 - 00274432 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\Oemdspif.dll
2012-10-11 12:04 - 2012-10-11 12:01 - 00116736 ____A (ATI Technologies, Inc.) C:\Windows\System32\Drivers\AtiHdmi.sys
2012-10-11 12:04 - 2012-10-11 12:01 - 00016440 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\Drivers\AtiPcie.sys
2012-10-11 12:04 - 2012-10-11 12:00 - 06368256 ____A (ATI Technologies Inc.) C:\Windows\System32\Drivers\atipmdag.sys
2012-10-11 12:04 - 2012-10-11 12:00 - 00420864 ____A (ATI Technologies, Inc.) C:\Windows\System32\atipdl64.dll
2012-10-11 12:04 - 2012-10-11 12:00 - 00356352 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
2012-10-11 12:04 - 2012-10-11 12:00 - 00118784 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
2012-10-11 12:03 - 2012-10-11 12:41 - 00000000 ____D C:\Program Files\ATI Technologies
2012-10-11 12:01 - 2012-10-11 12:01 - 00001769 ____A C:\Windows\Language_trs.ini
2012-10-11 12:01 - 2012-01-31 04:44 - 00279656 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-10-11 12:01 - 2010-01-08 23:19 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2012-10-11 12:01 - 2010-01-08 22:52 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2012-10-11 11:43 - 2012-10-17 03:25 - 00000000 ___RD C:\Users\Weeny\Dropbox
2012-10-11 11:43 - 2011-08-20 06:57 - 00000000 ____D C:\Users\Weeny\Data
2012-10-11 11:42 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-10-11 11:42 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-10-11 11:42 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-10-11 11:42 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-10-11 11:41 - 2012-10-17 02:07 - 00000000 ____D C:\users\Weeny
2012-10-11 11:41 - 2012-10-11 11:41 - 00000020 ___SH C:\Users\Weeny\ntuser.ini
2012-10-11 11:41 - 2012-10-11 11:41 - 00000000 ____D C:\Users\Weeny\AppData\Local\VirtualStore
2012-10-11 11:41 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-10-11 11:41 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-10-11 11:41 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-10-11 11:41 - 2012-06-02 13:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-10-11 11:41 - 2012-06-02 13:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-10-11 11:40 - 2012-10-11 11:40 - 00000000 __SHD C:\Recovery
2012-10-11 03:51 - 2012-10-17 14:50 - 01995411 ____A C:\Windows\WindowsUpdate.log
2012-10-11 03:50 - 2012-10-11 03:50 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-10-09 21:19 - 2012-10-09 21:19 - 00152384 ____A C:\Users\Weeny\Downloads\nsSGv1.sol
2012-10-05 20:55 - 2010-07-16 12:45 - 01048576 ____A C:\M4A78LT-M-ASUS-CG1330-0403.ROM
2012-10-05 20:55 - 2010-06-12 08:48 - 01048576 ____A C:\M4A78LT-M-ASUS-CG1330-0402.ROM
2012-09-21 16:21 - 2012-09-21 16:21 - 00000000 ____D C:\Users\Weeny\Documents\NBGI
2012-09-21 16:06 - 2012-09-21 16:06 - 00000000 ____D C:\Program Files (x86)\NAMCO BANDAI Games

==================== 3 Months Modified Files ==================

2012-10-17 14:50 - 2012-10-11 03:51 - 01995411 ____A C:\Windows\WindowsUpdate.log
2012-10-17 03:58 - 2012-10-17 03:58 - 00003205 ____A C:\Users\Weeny\Desktop\Sophos Virus Removal Tool.lnk
2012-10-17 03:52 - 2012-10-17 03:52 - 02213464 ____A (Kaspersky Lab ZAO) C:\Users\Weeny\Desktop\tdsskiller.exe
2012-10-17 03:33 - 2012-10-17 03:33 - 00001812 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-17 03:32 - 2009-07-13 20:45 - 00015504 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-17 03:32 - 2009-07-13 20:45 - 00015504 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-17 03:31 - 2009-07-13 21:13 - 00778150 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-17 03:24 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-17 03:01 - 2012-10-17 03:01 - 00298016 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-10-17 03:01 - 2012-10-17 02:57 - 00298016 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-10-17 03:01 - 2012-10-17 02:56 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-10-17 02:59 - 2012-10-17 02:59 - 00763706 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-10-17 02:57 - 2012-10-17 02:57 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-10-17 02:37 - 2012-10-17 02:38 - 02607188 ____A C:\Users\Weeny\Desktop\CBS.log
2012-10-17 00:57 - 2012-10-11 23:05 - 00007600 ____A C:\Users\Weeny\AppData\Local\Resmon.ResmonCfg
2012-10-14 16:19 - 2012-10-14 16:19 - 00001085 ____A C:\Users\Weeny\Desktop\Cheat Engine.lnk
2012-10-12 17:55 - 2012-10-12 17:55 - 00001180 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2012-10-11 21:29 - 2012-10-11 21:30 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-10-11 21:29 - 2012-10-11 21:30 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-10-11 21:29 - 2012-10-11 21:30 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-10-11 21:29 - 2012-10-11 21:29 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-10-11 21:29 - 2012-10-11 21:29 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-10-11 21:29 - 2012-10-11 21:29 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-11 21:27 - 2012-10-11 21:27 - 00000979 ____A C:\Users\Public\Desktop\Pidgin.lnk
2012-10-11 16:35 - 2009-07-13 20:45 - 00274320 ____A C:\Windows\System32\FNTCACHE.DAT
2012-10-11 14:35 - 2012-10-11 14:35 - 00001246 ____A C:\Users\Weeny\Desktop\Auslogics Disk Defrag.lnk
2012-10-11 14:25 - 2012-10-11 14:25 - 00000930 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2012-10-11 14:23 - 2012-10-11 14:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-10-11 14:23 - 2012-10-11 14:23 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-10-11 14:23 - 2012-10-11 14:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-10-11 14:22 - 2012-10-11 14:22 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-10-11 14:22 - 2012-10-11 14:22 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-10-11 14:22 - 2012-10-11 14:22 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-10-11 14:22 - 2012-10-11 14:22 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-10-11 14:22 - 2012-10-11 14:22 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-10-11 14:22 - 2012-10-11 14:22 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-10-11 14:22 - 2012-10-11 14:22 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-10-11 14:22 - 2012-10-11 14:22 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-10-11 14:22 - 2012-10-11 14:22 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-10-11 14:22 - 2012-10-11 14:22 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-10-11 14:22 - 2012-10-11 14:22 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-10-11 14:22 - 2012-10-11 14:22 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-10-11 13:41 - 2012-10-11 13:41 - 00000000 ____A C:\Windows\ativpsrm.bin
2012-10-11 13:17 - 2012-10-11 13:17 - 00001258 ____A C:\Users\Weeny\Desktop\Spybot - Search & Destroy.lnk
2012-10-11 13:16 - 2012-10-11 13:16 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-10-11 13:15 - 2012-10-11 13:15 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-11 13:15 - 2012-10-11 13:15 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-11 13:15 - 2012-10-11 13:15 - 00000826 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-10-11 13:13 - 2012-10-11 13:13 - 00002154 ____A C:\Windows\epplauncher.mif
2012-10-11 13:00 - 2012-10-11 13:00 - 00001147 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-10-11 12:42 - 2009-08-05 10:13 - 00008192 _RASH C:\BOOTSECT.BAK
2012-10-11 12:42 - 2009-07-13 21:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2012-10-11 12:42 - 2009-07-13 21:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2012-10-11 12:41 - 2012-10-11 12:41 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-10-11 12:38 - 2012-10-11 12:38 - 00001043 ____A C:\Users\Weeny\Desktop\Dropbox.lnk
2012-10-11 12:37 - 2012-10-11 12:37 - 00057560 ____A C:\Users\Weeny\AppData\Local\GDIPFONTCACHEV1.DAT
2012-10-11 12:30 - 2012-10-11 12:21 - 00000921 ____A C:\Users\Public\Desktop\Steam.lnk
2012-10-11 12:01 - 2012-10-11 12:04 - 00274432 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\Oemdspif.dll
2012-10-11 12:01 - 2012-10-11 12:04 - 00116736 ____A (ATI Technologies, Inc.) C:\Windows\System32\Drivers\AtiHdmi.sys
2012-10-11 12:01 - 2012-10-11 12:04 - 00016440 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\Drivers\AtiPcie.sys
2012-10-11 12:01 - 2012-10-11 12:01 - 00001769 ____A C:\Windows\Language_trs.ini
2012-10-11 12:00 - 2012-10-11 12:04 - 06368256 ____A (ATI Technologies Inc.) C:\Windows\System32\Drivers\atipmdag.sys
2012-10-11 12:00 - 2012-10-11 12:04 - 00420864 ____A (ATI Technologies, Inc.) C:\Windows\System32\atipdl64.dll
2012-10-11 12:00 - 2012-10-11 12:04 - 00356352 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
2012-10-11 12:00 - 2012-10-11 12:04 - 00118784 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
2012-10-11 11:41 - 2012-10-11 11:41 - 00000020 ___SH C:\Users\Weeny\ntuser.ini
2012-10-11 03:50 - 2012-10-11 03:50 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-10-09 21:19 - 2012-10-09 21:19 - 00152384 ____A C:\Users\Weeny\Downloads\nsSGv1.sol
2012-09-27 22:18 - 2012-10-11 15:21 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-09-14 11:23 - 2012-10-11 12:25 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:30 - 2012-10-11 12:25 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-07 15:04 - 2012-10-11 13:16 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-08-31 10:02 - 2012-10-11 13:51 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 20:03 - 2012-08-30 20:03 - 00228768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-08-30 20:03 - 2012-08-30 20:03 - 00128456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-08-30 10:11 - 2012-10-11 12:26 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:18 - 2012-10-11 12:26 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:18 - 2012-10-11 12:26 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-24 10:05 - 2012-10-11 12:25 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 09:10 - 2012-10-11 12:25 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-18 07:43 - 2012-10-11 13:52 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-18 07:43 - 2012-10-11 13:52 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-18 07:43 - 2012-10-11 13:52 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-18 07:42 - 2012-10-11 13:52 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-18 07:40 - 2012-10-11 13:52 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-18 07:37 - 2012-10-11 13:52 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-18 07:37 - 2012-10-11 13:52 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-18 07:34 - 2012-10-11 13:52 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-18 07:22 - 2012-10-11 13:52 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 07:22 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-18 03:22 - 2012-10-11 13:52 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-18 03:19 - 2012-10-11 13:52 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-18 03:17 - 2012-10-11 13:52 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-18 03:17 - 2012-10-11 13:52 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-18 03:17 - 2012-10-11 13:52 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 03:09 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-18 01:12 - 2012-10-11 13:52 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-18 01:12 - 2012-10-11 13:52 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-18 01:07 - 2012-10-11 13:52 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 01:07 - 2012-10-11 13:52 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 01:07 - 2012-10-11 13:52 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 01:07 - 2012-10-11 13:52 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-10 16:53 - 2012-10-11 12:27 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:54 - 2012-10-11 12:27 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-02 09:55 - 2012-10-11 13:51 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-08-02 09:05 - 2012-10-11 13:51 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-07-27 20:09 - 2012-07-27 20:09 - 05538984 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2012-07-27 20:07 - 2012-07-27 20:07 - 10278912 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2012-07-27 19:43 - 2012-07-27 19:43 - 00070144 ____A (AMD) C:\Windows\System32\coinst_8.982.dll
2012-07-27 19:19 - 2012-07-27 19:19 - 24935424 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2012-07-27 18:50 - 2012-07-27 18:50 - 20546560 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2012-07-27 18:17 - 2012-07-27 18:17 - 00268728 ____A C:\Windows\SysWOW64\atiapfxx.blb
2012-07-27 18:17 - 2012-07-27 18:17 - 00268728 ____A C:\Windows\System32\atiapfxx.blb
2012-07-27 18:15 - 2012-07-27 18:15 - 00931328 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2012-07-27 18:15 - 2012-07-27 18:15 - 00163840 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2012-07-27 18:13 - 2012-07-27 18:13 - 01100288 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll
2012-07-27 18:10 - 2012-07-27 18:10 - 00534528 ____A (AMD) C:\Windows\System32\atieclxx.exe
2012-07-27 18:10 - 2012-07-27 18:10 - 00442368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2012-07-27 18:09 - 2012-07-27 18:09 - 00239616 ____A (AMD) C:\Windows\System32\atiesrxx.exe
2012-07-27 18:08 - 2012-07-27 18:08 - 00120320 ____A (AMD) C:\Windows\System32\atitmm64.dll
2012-07-27 18:08 - 2012-07-27 18:08 - 00021504 ____A (AMD) C:\Windows\System32\atimuixx.dll
2012-07-27 18:07 - 2012-07-27 18:07 - 06430208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2012-07-27 18:07 - 2012-07-27 18:07 - 00059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2012-07-27 18:07 - 2012-07-27 18:07 - 00043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2012-07-27 17:51 - 2012-07-27 17:51 - 07052288 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll
2012-07-27 17:41 - 2012-07-27 17:41 - 04266496 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2012-07-27 17:39 - 2012-07-27 17:39 - 03150560 ____A C:\Windows\System32\atiumd6a.cap
2012-07-27 17:39 - 2012-07-27 17:39 - 00204952 ____A C:\Windows\SysWOW64\ativvsvl.dat
2012-07-27 17:39 - 2012-07-27 17:39 - 00204952 ____A C:\Windows\System32\ativvsvl.dat
2012-07-27 17:39 - 2012-07-27 17:39 - 00157144 ____A C:\Windows\SysWOW64\ativvsva.dat
2012-07-27 17:39 - 2012-07-27 17:39 - 00157144 ____A C:\Windows\System32\ativvsva.dat
2012-07-27 17:35 - 2012-07-27 17:35 - 00051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2012-07-27 17:35 - 2012-07-27 17:35 - 00046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2012-07-27 17:35 - 2012-07-27 17:35 - 00044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2012-07-27 17:35 - 2012-07-27 17:35 - 00044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2012-07-27 17:34 - 2012-07-27 17:34 - 16034304 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2012-07-27 17:32 - 2012-07-27 17:32 - 04751872 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2012-07-27 17:30 - 2012-07-27 17:30 - 13605888 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2012-07-27 17:30 - 2012-07-27 17:30 - 03187136 ____A C:\Windows\SysWOW64\atiumdva.cap
2012-07-27 17:25 - 2012-07-27 17:25 - 06676480 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2012-07-27 17:15 - 2012-07-27 17:15 - 00540160 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2012-07-27 17:15 - 2012-07-27 17:15 - 00368640 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2012-07-27 17:15 - 2012-07-27 17:15 - 00041984 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2012-07-27 17:15 - 2012-07-27 17:15 - 00017920 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2012-07-27 17:15 - 2012-07-27 17:15 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2012-07-27 17:15 - 2012-07-27 17:15 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2012-07-27 17:14 - 2012-07-27 17:14 - 00368640 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2012-07-27 17:14 - 2012-07-27 17:14 - 00033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2012-07-27 17:13 - 2012-07-27 17:13 - 00129536 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2012-07-27 17:13 - 2012-07-27 17:13 - 00109568 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2012-07-27 17:13 - 2012-07-27 17:13 - 00103936 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2012-07-27 17:13 - 2012-07-27 17:13 - 00083456 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2012-07-27 17:12 - 2012-07-27 17:12 - 00053248 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2012-07-27 17:08 - 2012-07-27 17:08 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2012-07-27 17:08 - 2012-07-27 17:08 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2012-07-27 17:08 - 2012-07-27 17:08 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2012-07-27 17:08 - 2012-07-27 17:08 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-16 01:08:14
Restore point made on: 2012-10-17 02:56:33
Restore point made on: 2012-10-17 03:57:52

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 7935.18 MB
Available physical RAM: 7138.2 MB
Total Pagefile: 7933.32 MB
Available Pagefile: 7144.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (WIN7) (Fixed) (Total:917.33 GB) (Free:608.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive f: () (Removable) (Total:7.48 GB) (Free:4.39 GB) NTFS
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 7663 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 14 GB 1024 KB
Partition 2 Primary 917 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : 1B
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C WIN7 NTFS Partition 917 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7655 MB 22 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Removable 7655 MB Healthy

=========================================================

Last Boot: 2012-10-17 07:28

==================== End Of Log =============================

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,672 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:24 AM

Posted 17 October 2012 - 07:14 PM

Hi Kairyn,

Figured this was your first name but just wanted to be sure!

I know you ran TDSSKiller before but I would like to run it again as instructed below. In addition, I would like to caution you about a couple of issues.


===================================================


Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and even prevent disinfection of malware by those tools.

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

Please go to Start > Control Panel > Add/Remove Programs (or Programs and Features) and delete the program.

Reboot your computer prior to the next step.


===================================================


P2P Warning

--------------------

Going over your logs I noticed that you have Bit Torrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Bit Torrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.


===================================================


Running TDSSKiller with Changed Parameters

--------------------

Please delete any existing TDSSKiller program

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    Posted Image

  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • Click OK


    Posted Image

  • Click Start Scan and allow the scan process to run


    Posted Image

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    Posted Image

  • Click Reboot computer
  • Please copy and paste the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 17 October 2012 - 10:18 PM

I only use 'trusted' sites that I'm aware of and files uploaded by authors who are well-known when using P2P programs. Additionally I have all advertisements, pop-ups, and most forms of tracking blocked on my browser, (even on YouTube. :3) so that's not much of an issue for me. I started having the issue during a period where my BitTorrent hadn't been run for well-over a week. It is also disabled on startup, has all of it's addons disabled and is only ever 'on' when I am downloading... I'm fairly careful about the risks of P2P and in over 8 years of use I've never had any serious problems because of it before...

It also helps that I'm in Canada and we don't legally 'accept' international copyright claims. Generally speaking, I'm a person who will make a purchase on the software once able to legitimately obtain it. (I'm poor, haha.)
Thanks for the concern though. :)

I uninstalled Spybot S&D (Which is a shame because it was my go-to product for a long time) and I didn't have Tea-Timer installed in the first place so that's of no concern. :)

Here's the TDSS log, which doesn't come up with any infections... It should be of note that I am also experiencing mild file corruption in some applications (Namely a select few games which I legitimately purchased and downloaded from an internationally trusted vendor...) during any 'hangs'. I am also starting to get progressively longer boot times.

21:08:25.0836 1476 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
21:08:26.0242 1476 ============================================================
21:08:26.0242 1476 Current date / time: 2012/10/17 21:08:26.0242
21:08:26.0242 1476 SystemInfo:
21:08:26.0242 1476
21:08:26.0242 1476 OS Version: 6.1.7600 ServicePack: 0.0
21:08:26.0242 1476 Product type: Workstation
21:08:26.0242 1476 ComputerName: WEENY-PC
21:08:26.0242 1476 UserName: Weeny
21:08:26.0242 1476 Windows directory: C:\Windows
21:08:26.0242 1476 System windows directory: C:\Windows
21:08:26.0242 1476 Running under WOW64
21:08:26.0242 1476 Processor architecture: Intel x64
21:08:26.0242 1476 Number of processors: 6
21:08:26.0242 1476 Page size: 0x1000
21:08:26.0242 1476 Boot type: Normal boot
21:08:26.0242 1476 ============================================================
21:08:28.0472 1476 BG loaded
21:08:29.0486 1476 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:08:29.0580 1476 ============================================================
21:08:29.0580 1476 \Device\Harddisk0\DR0:
21:08:29.0580 1476 MBR partitions:
21:08:29.0580 1476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x72AA7800
21:08:29.0580 1476 ============================================================
21:08:29.0596 1476 C: <-> \Device\Harddisk0\DR0\Partition1
21:08:29.0596 1476 ============================================================
21:08:29.0596 1476 Initialize success
21:08:29.0596 1476 ============================================================
21:08:40.0464 4040 ============================================================
21:08:40.0464 4040 Scan started
21:08:40.0464 4040 Mode: Manual; SigCheck; TDLFS;
21:08:40.0464 4040 ============================================================
21:08:42.0134 4040 ================ Scan system memory ========================
21:08:42.0134 4040 System memory - ok
21:08:42.0134 4040 ================ Scan services =============================
21:08:42.0227 4040 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:08:43.0116 4040 !SASCORE - ok
21:08:43.0366 4040 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:08:43.0428 4040 1394ohci - ok
21:08:43.0444 4040 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:08:43.0460 4040 ACPI - ok
21:08:43.0491 4040 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:08:43.0647 4040 AcpiPmi - ok
21:08:43.0850 4040 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:08:43.0881 4040 adp94xx - ok
21:08:43.0959 4040 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:08:44.0021 4040 adpahci - ok
21:08:44.0052 4040 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:08:44.0084 4040 adpu320 - ok
21:08:44.0130 4040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:08:44.0240 4040 AeLookupSvc - ok
21:08:44.0302 4040 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
21:08:44.0489 4040 AFD - ok
21:08:44.0630 4040 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:08:44.0676 4040 agp440 - ok
21:08:44.0879 4040 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:08:44.0988 4040 ALG - ok
21:08:45.0020 4040 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:08:45.0051 4040 aliide - ok
21:08:45.0098 4040 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:08:45.0363 4040 AMD External Events Utility - ok
21:08:45.0441 4040 AMD FUEL Service - ok
21:08:45.0456 4040 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:08:45.0488 4040 amdide - ok
21:08:45.0503 4040 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:08:45.0566 4040 amdiox64 - ok
21:08:46.0385 4040 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:08:46.0541 4040 AmdK8 - ok
21:08:48.0928 4040 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:08:49.0162 4040 amdkmdag - ok
21:08:49.0318 4040 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:08:49.0380 4040 amdkmdap - ok
21:08:49.0505 4040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:08:49.0661 4040 AmdPPM - ok
21:08:49.0801 4040 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:08:49.0833 4040 amdsata - ok
21:08:49.0911 4040 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:08:49.0973 4040 amdsbs - ok
21:08:49.0989 4040 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
21:08:50.0004 4040 amdxata - ok
21:08:50.0051 4040 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:08:50.0082 4040 AODDriver4.1 - ok
21:08:50.0129 4040 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:08:50.0379 4040 AppID - ok
21:08:50.0410 4040 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:08:50.0503 4040 AppIDSvc - ok
21:08:50.0628 4040 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:08:50.0737 4040 Appinfo - ok
21:08:51.0112 4040 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:08:51.0174 4040 arc - ok
21:08:51.0221 4040 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:08:51.0252 4040 arcsas - ok
21:08:51.0580 4040 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:08:51.0658 4040 aspnet_state - ok
21:08:51.0751 4040 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:08:51.0892 4040 AsyncMac - ok
21:08:51.0939 4040 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:08:51.0970 4040 atapi - ok
21:08:52.0157 4040 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:08:52.0173 4040 AtiHDAudioService - ok
21:08:52.0251 4040 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:08:52.0469 4040 AtiHdmiService - ok
21:08:54.0903 4040 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:08:54.0981 4040 atikmdag - ok
21:08:55.0043 4040 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:08:55.0121 4040 AtiPcie - ok
21:08:55.0371 4040 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:08:55.0480 4040 AudioEndpointBuilder - ok
21:08:55.0558 4040 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:08:55.0620 4040 AudioSrv - ok
21:08:55.0698 4040 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:08:56.0135 4040 AxInstSV - ok
21:08:56.0244 4040 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:08:56.0400 4040 b06bdrv - ok
21:08:56.0509 4040 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:08:56.0556 4040 b57nd60a - ok
21:08:56.0821 4040 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:08:56.0884 4040 BCM43XX - ok
21:08:56.0993 4040 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:08:57.0087 4040 BDESVC - ok
21:08:57.0258 4040 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:08:57.0367 4040 Beep - ok
21:08:57.0679 4040 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:08:57.0835 4040 BFE - ok
21:08:58.0132 4040 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:08:58.0553 4040 BITS - ok
21:08:58.0740 4040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:08:58.0803 4040 blbdrive - ok
21:08:58.0959 4040 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:08:59.0099 4040 bowser - ok
21:08:59.0161 4040 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:08:59.0255 4040 BrFiltLo - ok
21:08:59.0286 4040 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:08:59.0317 4040 BrFiltUp - ok
21:08:59.0458 4040 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
21:08:59.0598 4040 Browser - ok
21:09:00.0082 4040 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:09:00.0846 4040 Brserid - ok
21:09:00.0893 4040 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:09:00.0987 4040 BrSerWdm - ok
21:09:01.0096 4040 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:09:01.0127 4040 BrUsbMdm - ok
21:09:01.0143 4040 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:09:02.0032 4040 BrUsbSer - ok
21:09:02.0079 4040 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:09:02.0110 4040 BTHMODEM - ok
21:09:02.0172 4040 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:09:02.0313 4040 bthserv - ok
21:09:02.0375 4040 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:09:02.0531 4040 cdfs - ok
21:09:02.0609 4040 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:09:02.0687 4040 cdrom - ok
21:09:02.0796 4040 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:09:02.0890 4040 CertPropSvc - ok
21:09:02.0937 4040 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:09:02.0968 4040 circlass - ok
21:09:03.0015 4040 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:09:03.0030 4040 CLFS - ok
21:09:03.0124 4040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:09:03.0139 4040 clr_optimization_v2.0.50727_32 - ok
21:09:03.0217 4040 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:09:03.0233 4040 clr_optimization_v2.0.50727_64 - ok
21:09:03.0295 4040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:09:03.0358 4040 clr_optimization_v4.0.30319_32 - ok
21:09:03.0373 4040 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:09:03.0389 4040 clr_optimization_v4.0.30319_64 - ok
21:09:03.0420 4040 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:09:03.0436 4040 CmBatt - ok
21:09:03.0451 4040 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:09:03.0467 4040 cmdide - ok
21:09:03.0483 4040 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
21:09:03.0514 4040 CNG - ok
21:09:03.0529 4040 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:09:03.0561 4040 Compbatt - ok
21:09:03.0607 4040 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:09:03.0685 4040 CompositeBus - ok
21:09:03.0732 4040 COMSysApp - ok
21:09:03.0810 4040 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:09:03.0841 4040 crcdisk - ok
21:09:03.0904 4040 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:09:03.0997 4040 CryptSvc - ok
21:09:04.0107 4040 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:09:04.0169 4040 DcomLaunch - ok
21:09:04.0200 4040 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:09:04.0263 4040 defragsvc - ok
21:09:04.0294 4040 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:09:04.0356 4040 DfsC - ok
21:09:04.0387 4040 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:09:04.0497 4040 Dhcp - ok
21:09:04.0543 4040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:09:04.0590 4040 discache - ok
21:09:04.0606 4040 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:09:04.0621 4040 Disk - ok
21:09:04.0637 4040 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:09:04.0684 4040 Dnscache - ok
21:09:04.0699 4040 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:09:04.0777 4040 dot3svc - ok
21:09:04.0793 4040 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:09:04.0871 4040 DPS - ok
21:09:04.0918 4040 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:09:04.0933 4040 drmkaud - ok
21:09:04.0980 4040 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:09:04.0996 4040 DXGKrnl - ok
21:09:05.0043 4040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:09:05.0167 4040 EapHost - ok
21:09:05.0729 4040 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:09:05.0916 4040 ebdrv - ok
21:09:06.0041 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
21:09:06.0150 4040 EFS - ok
21:09:06.0525 4040 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:09:06.0805 4040 ehRecvr - ok
21:09:06.0883 4040 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:09:06.0961 4040 ehSched - ok
21:09:07.0024 4040 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:09:07.0086 4040 elxstor - ok
21:09:07.0117 4040 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:09:07.0242 4040 ErrDev - ok
21:09:07.0320 4040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:09:07.0398 4040 EventSystem - ok
21:09:07.0414 4040 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:09:07.0445 4040 exfat - ok
21:09:07.0554 4040 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:09:07.0648 4040 fastfat - ok
21:09:07.0835 4040 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:09:07.0913 4040 Fax - ok
21:09:07.0929 4040 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:09:07.0975 4040 fdc - ok
21:09:08.0053 4040 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:09:08.0100 4040 fdPHost - ok
21:09:08.0116 4040 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:09:08.0163 4040 FDResPub - ok
21:09:08.0209 4040 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:09:08.0225 4040 FileInfo - ok
21:09:08.0287 4040 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:09:08.0334 4040 Filetrace - ok
21:09:08.0350 4040 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:09:08.0381 4040 flpydisk - ok
21:09:08.0490 4040 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:09:08.0521 4040 FltMgr - ok
21:09:08.0662 4040 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
21:09:08.0771 4040 FontCache - ok
21:09:08.0896 4040 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:09:08.0927 4040 FontCache3.0.0.0 - ok
21:09:08.0989 4040 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:09:09.0036 4040 FsDepends - ok
21:09:09.0099 4040 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:09:09.0130 4040 Fs_Rec - ok
21:09:09.0192 4040 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:09:09.0208 4040 fvevol - ok
21:09:09.0317 4040 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:09:09.0317 4040 gagp30kx - ok
21:09:09.0395 4040 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:09:09.0473 4040 gpsvc - ok
21:09:09.0567 4040 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:09:09.0567 4040 hamachi - ok
21:09:10.0159 4040 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:09:10.0191 4040 Hamachi2Svc - ok
21:09:10.0362 4040 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:09:11.0002 4040 hcw85cir - ok
21:09:11.0173 4040 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:09:11.0439 4040 HdAudAddService - ok
21:09:11.0532 4040 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:09:11.0579 4040 HDAudBus - ok
21:09:11.0641 4040 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:09:11.0673 4040 HidBatt - ok
21:09:11.0719 4040 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:09:11.0782 4040 HidBth - ok
21:09:11.0829 4040 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:09:11.0922 4040 HidIr - ok
21:09:11.0969 4040 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:09:12.0031 4040 hidserv - ok
21:09:12.0265 4040 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:09:12.0343 4040 HidUsb - ok
21:09:12.0499 4040 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:09:12.0655 4040 hkmsvc - ok
21:09:12.0780 4040 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:09:12.0952 4040 HomeGroupListener - ok
21:09:13.0014 4040 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:09:13.0061 4040 HomeGroupProvider - ok
21:09:13.0092 4040 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:09:13.0326 4040 HpSAMD - ok
21:09:13.0451 4040 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:09:13.0498 4040 HTTP - ok
21:09:13.0529 4040 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:09:13.0576 4040 hwpolicy - ok
21:09:13.0654 4040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:09:13.0716 4040 i8042prt - ok
21:09:13.0841 4040 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
21:09:13.0888 4040 iaStorV - ok
21:09:14.0153 4040 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:09:14.0340 4040 idsvc - ok
21:09:14.0387 4040 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:09:14.0434 4040 iirsp - ok
21:09:14.0668 4040 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:09:15.0042 4040 IKEEXT - ok
21:09:15.0073 4040 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:09:15.0089 4040 intelide - ok
21:09:15.0167 4040 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:09:15.0229 4040 intelppm - ok
21:09:15.0307 4040 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:09:15.0432 4040 IPBusEnum - ok
21:09:15.0448 4040 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:09:15.0557 4040 IpFilterDriver - ok
21:09:15.0635 4040 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:09:15.0682 4040 iphlpsvc - ok
21:09:15.0713 4040 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:09:15.0838 4040 IPMIDRV - ok
21:09:15.0900 4040 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:09:16.0009 4040 IPNAT - ok
21:09:16.0134 4040 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:09:16.0259 4040 IRENUM - ok
21:09:16.0306 4040 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:09:16.0337 4040 isapnp - ok
21:09:16.0415 4040 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:09:16.0446 4040 iScsiPrt - ok
21:09:16.0524 4040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:09:16.0524 4040 kbdclass - ok
21:09:16.0711 4040 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:09:16.0867 4040 kbdhid - ok
21:09:16.0883 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
21:09:16.0899 4040 KeyIso - ok
21:09:16.0945 4040 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:09:16.0992 4040 KSecDD - ok
21:09:17.0023 4040 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:09:17.0039 4040 KSecPkg - ok
21:09:17.0117 4040 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:09:17.0164 4040 ksthunk - ok
21:09:17.0242 4040 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:09:17.0320 4040 KtmRm - ok
21:09:17.0367 4040 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:09:17.0445 4040 LanmanServer - ok
21:09:17.0491 4040 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:09:17.0554 4040 LanmanWorkstation - ok
21:09:17.0647 4040 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:09:17.0710 4040 lltdio - ok
21:09:17.0772 4040 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:09:17.0803 4040 lltdsvc - ok
21:09:17.0835 4040 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:09:17.0866 4040 lmhosts - ok
21:09:17.0944 4040 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:09:17.0959 4040 LSI_FC - ok
21:09:17.0975 4040 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:09:17.0991 4040 LSI_SAS - ok
21:09:18.0037 4040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:09:18.0053 4040 LSI_SAS2 - ok
21:09:18.0084 4040 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:09:18.0100 4040 LSI_SCSI - ok
21:09:18.0147 4040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:09:18.0209 4040 luafv - ok
21:09:18.0256 4040 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:09:18.0271 4040 MBAMProtector - ok
21:09:18.0365 4040 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:09:18.0381 4040 MBAMScheduler - ok
21:09:18.0459 4040 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:09:18.0474 4040 MBAMService - ok
21:09:18.0505 4040 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:09:18.0599 4040 Mcx2Svc - ok
21:09:18.0615 4040 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:09:18.0615 4040 megasas - ok
21:09:18.0677 4040 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:09:18.0693 4040 MegaSR - ok
21:09:18.0724 4040 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:09:18.0755 4040 MMCSS - ok
21:09:18.0786 4040 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:09:18.0833 4040 Modem - ok
21:09:18.0880 4040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:09:18.0911 4040 monitor - ok
21:09:18.0942 4040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:09:18.0958 4040 mouclass - ok
21:09:19.0067 4040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:09:19.0114 4040 mouhid - ok
21:09:19.0161 4040 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:09:19.0176 4040 mountmgr - ok
21:09:19.0254 4040 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:09:19.0254 4040 MpFilter - ok
21:09:19.0317 4040 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:09:19.0348 4040 mpio - ok
21:09:19.0395 4040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:09:19.0426 4040 mpsdrv - ok
21:09:19.0597 4040 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:09:19.0675 4040 MpsSvc - ok
21:09:19.0722 4040 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:09:19.0816 4040 MRxDAV - ok
21:09:19.0847 4040 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:09:19.0863 4040 mrxsmb - ok
21:09:19.0878 4040 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:09:19.0909 4040 mrxsmb10 - ok
21:09:19.0972 4040 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:09:20.0003 4040 mrxsmb20 - ok
21:09:20.0019 4040 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:09:20.0034 4040 msahci - ok
21:09:20.0065 4040 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:09:20.0097 4040 msdsm - ok
21:09:20.0143 4040 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:09:20.0175 4040 MSDTC - ok
21:09:20.0237 4040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:09:20.0268 4040 Msfs - ok
21:09:20.0299 4040 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:09:20.0362 4040 mshidkmdf - ok
21:09:20.0377 4040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:09:20.0393 4040 msisadrv - ok
21:09:20.0471 4040 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:09:20.0549 4040 MSiSCSI - ok
21:09:20.0565 4040 msiserver - ok
21:09:20.0580 4040 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:09:20.0674 4040 MSKSSRV - ok
21:09:20.0721 4040 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:09:20.0721 4040 MsMpSvc - ok
21:09:20.0799 4040 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:09:20.0908 4040 MSPCLOCK - ok
21:09:20.0939 4040 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:09:21.0048 4040 MSPQM - ok
21:09:21.0157 4040 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:09:21.0189 4040 MsRPC - ok
21:09:21.0251 4040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:09:21.0282 4040 mssmbios - ok
21:09:21.0345 4040 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:09:21.0391 4040 MSTEE - ok
21:09:21.0423 4040 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:09:21.0469 4040 MTConfig - ok
21:09:21.0579 4040 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:09:21.0610 4040 MTsensor - ok
21:09:21.0750 4040 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:09:21.0781 4040 Mup - ok
21:09:21.0891 4040 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:09:21.0984 4040 napagent - ok
21:09:22.0140 4040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:09:22.0203 4040 NativeWifiP - ok
21:09:22.0343 4040 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:09:22.0374 4040 NDIS - ok
21:09:22.0421 4040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:09:22.0515 4040 NdisCap - ok
21:09:22.0577 4040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:09:22.0671 4040 NdisTapi - ok
21:09:22.0702 4040 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:09:22.0733 4040 Ndisuio - ok
21:09:22.0764 4040 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:09:22.0795 4040 NdisWan - ok
21:09:22.0811 4040 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:09:22.0873 4040 NDProxy - ok
21:09:22.0936 4040 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:09:23.0029 4040 NetBIOS - ok
21:09:23.0061 4040 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:09:23.0107 4040 NetBT - ok
21:09:23.0139 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
21:09:23.0154 4040 Netlogon - ok
21:09:23.0248 4040 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:09:23.0310 4040 Netman - ok
21:09:23.0357 4040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:23.0435 4040 NetMsmqActivator - ok
21:09:23.0451 4040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:23.0466 4040 NetPipeActivator - ok
21:09:23.0497 4040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:09:23.0544 4040 netprofm - ok
21:09:23.0560 4040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:23.0560 4040 NetTcpActivator - ok
21:09:23.0591 4040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:23.0591 4040 NetTcpPortSharing - ok
21:09:23.0669 4040 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:09:23.0700 4040 nfrd960 - ok
21:09:23.0778 4040 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:09:23.0809 4040 NisDrv - ok
21:09:23.0872 4040 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:09:23.0903 4040 NisSrv - ok
21:09:23.0997 4040 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:09:24.0075 4040 NlaSvc - ok
21:09:24.0121 4040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:09:24.0215 4040 Npfs - ok
21:09:24.0262 4040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:09:24.0340 4040 nsi - ok
21:09:24.0355 4040 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:09:24.0371 4040 nsiproxy - ok
21:09:24.0527 4040 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:09:24.0574 4040 Ntfs - ok
21:09:24.0636 4040 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:09:24.0714 4040 Null - ok
21:09:24.0792 4040 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
21:09:24.0839 4040 nvraid - ok
21:09:24.0886 4040 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
21:09:24.0917 4040 nvstor - ok
21:09:24.0948 4040 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:09:24.0964 4040 nv_agp - ok
21:09:24.0995 4040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:09:25.0073 4040 ohci1394 - ok
21:09:25.0260 4040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:09:25.0338 4040 p2pimsvc - ok
21:09:25.0494 4040 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:09:25.0510 4040 p2psvc - ok
21:09:25.0572 4040 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:09:25.0635 4040 Parport - ok
21:09:25.0713 4040 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:09:25.0791 4040 partmgr - ok
21:09:25.0915 4040 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:09:26.0009 4040 PcaSvc - ok
21:09:26.0040 4040 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:09:26.0165 4040 pci - ok
21:09:26.0212 4040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:09:26.0259 4040 pciide - ok
21:09:26.0352 4040 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:09:26.0415 4040 pcmcia - ok
21:09:26.0430 4040 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:09:26.0461 4040 pcw - ok
21:09:26.0508 4040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:09:26.0571 4040 PEAUTH - ok
21:09:29.0940 4040 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:09:29.0987 4040 PerfHost - ok
21:09:30.0393 4040 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:09:30.0658 4040 pla - ok
21:09:30.0783 4040 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:09:30.0970 4040 PlugPlay - ok
21:09:30.0985 4040 PnkBstrA - ok
21:09:31.0032 4040 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:09:31.0079 4040 PNRPAutoReg - ok
21:09:31.0141 4040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:09:31.0173 4040 PNRPsvc - ok
21:09:31.0219 4040 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:09:31.0282 4040 PolicyAgent - ok
21:09:31.0313 4040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:09:31.0344 4040 Power - ok
21:09:31.0438 4040 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:09:31.0500 4040 PptpMiniport - ok
21:09:31.0531 4040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:09:31.0609 4040 Processor - ok
21:09:31.0656 4040 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
21:09:31.0734 4040 ProfSvc - ok
21:09:31.0765 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:09:31.0765 4040 ProtectedStorage - ok
21:09:31.0875 4040 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:09:31.0937 4040 Psched - ok
21:09:32.0218 4040 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:09:32.0311 4040 ql2300 - ok
21:09:32.0327 4040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:09:32.0343 4040 ql40xx - ok
21:09:32.0389 4040 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:09:32.0405 4040 QWAVE - ok
21:09:32.0421 4040 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:09:32.0499 4040 QWAVEdrv - ok
21:09:32.0545 4040 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:09:32.0592 4040 RasAcd - ok
21:09:32.0655 4040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:09:32.0717 4040 RasAgileVpn - ok
21:09:32.0764 4040 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:09:32.0842 4040 RasAuto - ok
21:09:32.0889 4040 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:09:32.0998 4040 Rasl2tp - ok
21:09:33.0076 4040 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:09:33.0216 4040 RasMan - ok
21:09:33.0294 4040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:09:33.0388 4040 RasPppoe - ok
21:09:33.0403 4040 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:09:33.0481 4040 RasSstp - ok
21:09:33.0591 4040 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:09:33.0700 4040 rdbss - ok
21:09:33.0747 4040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:09:33.0793 4040 rdpbus - ok
21:09:33.0825 4040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:09:33.0871 4040 RDPCDD - ok
21:09:33.0934 4040 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:09:33.0981 4040 RDPENCDD - ok
21:09:34.0012 4040 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:09:34.0090 4040 RDPREFMP - ok
21:09:34.0121 4040 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:09:34.0199 4040 RDPWD - ok
21:09:34.0246 4040 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:09:34.0246 4040 rdyboost - ok
21:09:34.0293 4040 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:09:34.0371 4040 RemoteAccess - ok
21:09:34.0433 4040 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:09:34.0511 4040 RemoteRegistry - ok
21:09:34.0527 4040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:09:34.0573 4040 RpcEptMapper - ok
21:09:34.0620 4040 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:09:34.0963 4040 RpcLocator - ok
21:09:35.0182 4040 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:09:35.0213 4040 RpcSs - ok
21:09:35.0275 4040 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:09:35.0307 4040 rspndr - ok
21:09:35.0353 4040 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:09:35.0369 4040 RTL8167 - ok
21:09:35.0385 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
21:09:35.0385 4040 SamSs - ok
21:09:35.0463 4040 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:09:35.0525 4040 SASDIFSV - ok
21:09:35.0603 4040 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:09:35.0619 4040 SASKUTIL - ok
21:09:35.0681 4040 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:09:35.0728 4040 sbp2port - ok
21:09:35.0775 4040 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:09:35.0853 4040 SCardSvr - ok
21:09:35.0868 4040 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:09:35.0931 4040 scfilter - ok
21:09:36.0040 4040 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
21:09:36.0149 4040 Schedule - ok
21:09:36.0211 4040 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:09:36.0258 4040 SCPolicySvc - ok
21:09:36.0274 4040 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:09:36.0336 4040 SDRSVC - ok
21:09:36.0399 4040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:09:36.0461 4040 secdrv - ok
21:09:36.0508 4040 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:09:36.0601 4040 seclogon - ok
21:09:36.0648 4040 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:09:36.0711 4040 SENS - ok
21:09:36.0742 4040 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:09:36.0789 4040 SensrSvc - ok
21:09:36.0789 4040 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:09:36.0820 4040 Serenum - ok
21:09:36.0835 4040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:09:36.0851 4040 Serial - ok
21:09:36.0867 4040 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:09:36.0882 4040 sermouse - ok
21:09:36.0913 4040 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:09:36.0976 4040 SessionEnv - ok
21:09:36.0991 4040 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:09:37.0054 4040 sffdisk - ok
21:09:37.0054 4040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:09:37.0101 4040 sffp_mmc - ok
21:09:37.0101 4040 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:09:37.0116 4040 sffp_sd - ok
21:09:37.0147 4040 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:09:37.0163 4040 sfloppy - ok
21:09:37.0210 4040 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:09:37.0288 4040 SharedAccess - ok
21:09:37.0319 4040 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:09:37.0381 4040 ShellHWDetection - ok
21:09:37.0397 4040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:09:37.0397 4040 SiSRaid2 - ok
21:09:37.0444 4040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:09:37.0475 4040 SiSRaid4 - ok
21:09:37.0584 4040 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:09:37.0600 4040 SkypeUpdate - ok
21:09:37.0647 4040 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:09:37.0756 4040 Smb - ok
21:09:37.0896 4040 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:09:37.0959 4040 SNMPTRAP - ok
21:09:38.0005 4040 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:09:38.0037 4040 spldr - ok
21:09:38.0083 4040 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
21:09:38.0179 4040 Spooler - ok
21:09:38.0549 4040 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:09:38.0779 4040 sppsvc - ok
21:09:38.0829 4040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:09:38.0909 4040 sppuinotify - ok
21:09:38.0929 4040 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:09:38.0960 4040 srv - ok
21:09:38.0991 4040 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:09:39.0007 4040 srv2 - ok
21:09:39.0054 4040 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:09:39.0085 4040 srvnet - ok
21:09:39.0116 4040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:09:39.0163 4040 SSDPSRV - ok
21:09:39.0210 4040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:09:39.0272 4040 SstpSvc - ok
21:09:39.0335 4040 Steam Client Service - ok
21:09:39.0381 4040 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:09:39.0413 4040 stexstor - ok
21:09:39.0475 4040 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:09:39.0537 4040 stisvc - ok
21:09:39.0553 4040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:09:39.0569 4040 swenum - ok
21:09:39.0600 4040 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:09:39.0631 4040 swprv - ok
21:09:39.0678 4040 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:09:39.0740 4040 SysMain - ok
21:09:39.0756 4040 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:09:39.0803 4040 TabletInputService - ok
21:09:39.0818 4040 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:09:39.0881 4040 TapiSrv - ok
21:09:39.0912 4040 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:09:39.0943 4040 TBS - ok
21:09:40.0005 4040 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:09:40.0037 4040 Tcpip - ok
21:09:40.0068 4040 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:09:40.0115 4040 TCPIP6 - ok
21:09:40.0130 4040 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:09:40.0161 4040 tcpipreg - ok
21:09:40.0224 4040 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:09:40.0286 4040 TDPIPE - ok
21:09:40.0302 4040 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:09:40.0317 4040 TDTCP - ok
21:09:40.0333 4040 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:09:40.0380 4040 tdx - ok
21:09:40.0411 4040 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:09:40.0411 4040 TermDD - ok
21:09:40.0458 4040 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:09:40.0505 4040 TermService - ok
21:09:40.0551 4040 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:09:40.0583 4040 Themes - ok
21:09:40.0614 4040 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:09:40.0645 4040 THREADORDER - ok
21:09:40.0661 4040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:09:40.0707 4040 TrkWks - ok
21:09:40.0770 4040 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:09:40.0801 4040 TrustedInstaller - ok
21:09:40.0832 4040 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:09:40.0926 4040 tssecsrv - ok
21:09:40.0957 4040 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:09:41.0004 4040 tunnel - ok
21:09:41.0051 4040 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:09:41.0066 4040 uagp35 - ok
21:09:41.0082 4040 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:09:41.0113 4040 udfs - ok
21:09:41.0175 4040 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:09:41.0175 4040 UI0Detect - ok
21:09:41.0207 4040 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:09:41.0207 4040 uliagpkx - ok
21:09:41.0238 4040 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:09:41.0269 4040 umbus - ok
21:09:41.0316 4040 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:09:41.0347 4040 UmPass - ok
21:09:41.0394 4040 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:09:41.0441 4040 upnphost - ok
21:09:41.0456 4040 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:09:41.0503 4040 usbaudio - ok
21:09:41.0581 4040 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:09:41.0643 4040 usbccgp - ok
21:09:41.0675 4040 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:09:41.0706 4040 usbcir - ok
21:09:41.0737 4040 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:09:41.0753 4040 usbehci - ok
21:09:41.0784 4040 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:09:41.0799 4040 usbhub - ok
21:09:41.0815 4040 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:09:41.0831 4040 usbohci - ok
21:09:41.0862 4040 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:09:41.0862 4040 usbprint - ok
21:09:41.0877 4040 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:09:41.0924 4040 USBSTOR - ok
21:09:41.0940 4040 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:09:41.0955 4040 usbuhci - ok
21:09:41.0987 4040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:09:42.0096 4040 UxSms - ok
21:09:42.0111 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
21:09:42.0127 4040 VaultSvc - ok
21:09:42.0221 4040 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:09:42.0283 4040 vdrvroot - ok
21:09:42.0408 4040 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:09:42.0517 4040 vds - ok
21:09:42.0564 4040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:09:42.0595 4040 vga - ok
21:09:42.0611 4040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:09:42.0657 4040 VgaSave - ok
21:09:42.0751 4040 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:09:42.0767 4040 vhdmp - ok
21:09:42.0813 4040 [ 8F69C38A8BA725F891F26AAC8888696E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
21:09:42.0829 4040 VIAHdAudAddService - ok
21:09:42.0876 4040 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:09:42.0891 4040 viaide - ok
21:09:42.0923 4040 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:09:42.0969 4040 volmgr - ok
21:09:43.0110 4040 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:09:43.0125 4040 volmgrx - ok
21:09:43.0188 4040 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:09:43.0203 4040 volsnap - ok
21:09:43.0281 4040 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:09:43.0328 4040 vsmraid - ok
21:09:43.0500 4040 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:09:43.0609 4040 VSS - ok
21:09:43.0625 4040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:09:43.0656 4040 vwifibus - ok
21:09:43.0703 4040 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:09:43.0703 4040 vwififlt - ok
21:09:43.0749 4040 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:09:43.0796 4040 W32Time - ok
21:09:43.0812 4040 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:09:43.0859 4040 WacomPen - ok
21:09:43.0890 4040 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:09:43.0952 4040 WANARP - ok
21:09:43.0968 4040 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:09:43.0999 4040 Wanarpv6 - ok
21:09:44.0061 4040 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:09:44.0077 4040 WatAdminSvc - ok
21:09:44.0467 4040 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:09:44.0841 4040 wbengine - ok
21:09:44.0966 4040 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:09:45.0013 4040 WbioSrvc - ok
21:09:45.0185 4040 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:09:45.0497 4040 wcncsvc - ok
21:09:45.0637 4040 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:09:45.0824 4040 WcsPlugInService - ok
21:09:45.0902 4040 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:09:45.0980 4040 Wd - ok
21:09:46.0105 4040 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:09:46.0136 4040 Wdf01000 - ok
21:09:46.0183 4040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:09:46.0214 4040 WdiServiceHost - ok
21:09:46.0230 4040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:09:46.0245 4040 WdiSystemHost - ok
21:09:46.0339 4040 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
21:09:46.0511 4040 WebClient - ok
21:09:46.0604 4040 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:09:46.0682 4040 Wecsvc - ok
21:09:46.0713 4040 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:09:46.0807 4040 wercplsupport - ok
21:09:46.0885 4040 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:09:46.0901 4040 WerSvc - ok
21:09:47.0072 4040 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:09:47.0135 4040 WfpLwf - ok
21:09:47.0166 4040 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:09:47.0181 4040 WIMMount - ok
21:09:47.0181 4040 WinDefend - ok
21:09:47.0228 4040 WinHttpAutoProxySvc - ok
21:09:47.0447 4040 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:09:47.0556 4040 Winmgmt - ok
21:09:47.0915 4040 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:09:48.0086 4040 WinRM - ok
21:09:48.0289 4040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:09:48.0383 4040 Wlansvc - ok
21:09:48.0461 4040 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:09:48.0476 4040 WmiAcpi - ok
21:09:48.0570 4040 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:09:48.0648 4040 wmiApSrv - ok
21:09:48.0757 4040 WMPNetworkSvc - ok
21:09:48.0835 4040 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:09:48.0882 4040 WPCSvc - ok
21:09:48.0929 4040 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:09:49.0007 4040 WPDBusEnum - ok
21:09:49.0069 4040 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:09:49.0116 4040 ws2ifsl - ok
21:09:49.0163 4040 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
21:09:49.0209 4040 wscsvc - ok
21:09:49.0209 4040 WSearch - ok
21:09:49.0381 4040 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:09:49.0443 4040 wuauserv - ok
21:09:49.0537 4040 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:09:49.0646 4040 WudfPf - ok
21:09:49.0724 4040 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:09:49.0740 4040 WUDFRd - ok
21:09:49.0787 4040 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:09:49.0849 4040 wudfsvc - ok
21:09:49.0880 4040 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:09:49.0989 4040 WwanSvc - ok
21:09:50.0052 4040 ================ Scan global ===============================
21:09:50.0099 4040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:09:50.0192 4040 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
21:09:50.0301 4040 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
21:09:50.0348 4040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:09:50.0379 4040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:09:50.0379 4040 [Global] - ok
21:09:50.0379 4040 ================ Scan MBR ==================================
21:09:50.0395 4040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:09:51.0518 4040 \Device\Harddisk0\DR0 - ok
21:09:51.0534 4040 ================ Scan VBR ==================================
21:09:51.0565 4040 [ 8840650E29DFC5ABD293E39CADFCDA37 ] \Device\Harddisk0\DR0\Partition1
21:09:51.0596 4040 \Device\Harddisk0\DR0\Partition1 - ok
21:09:51.0596 4040 ================ Scan active images ========================
21:09:51.0596 4040 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
21:09:51.0596 4040 C:\Windows\System32\drivers\atapi.sys - ok
21:09:51.0596 4040 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
21:09:51.0596 4040 C:\Windows\System32\drivers\crashdmp.sys - ok
21:09:51.0596 4040 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
21:09:51.0596 4040 C:\Windows\System32\drivers\Dumpata.sys - ok
21:09:51.0612 4040 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
21:09:51.0612 4040 C:\Windows\System32\drivers\dumpfve.sys - ok
21:09:51.0612 4040 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
21:09:51.0612 4040 C:\Windows\System32\drivers\beep.sys - ok
21:09:51.0612 4040 [ 83D2D75E1EFB81B3450C18131443F7DB ] C:\Windows\System32\drivers\cdrom.sys
21:09:51.0612 4040 C:\Windows\System32\drivers\cdrom.sys - ok
21:09:51.0612 4040 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
21:09:51.0612 4040 C:\Windows\System32\drivers\null.sys - ok
21:09:51.0627 4040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
21:09:51.0627 4040 C:\Windows\System32\drivers\RDPCDD.sys - ok
21:09:51.0627 4040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
21:09:51.0627 4040 C:\Windows\System32\drivers\vga.sys - ok
21:09:51.0627 4040 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
21:09:51.0627 4040 C:\Windows\System32\drivers\videoprt.sys - ok
21:09:51.0643 4040 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
21:09:51.0643 4040 C:\Windows\System32\drivers\watchdog.sys - ok
21:09:51.0643 4040 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
21:09:51.0643 4040 C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:09:51.0643 4040 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
21:09:51.0643 4040 C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:09:51.0643 4040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
21:09:51.0643 4040 C:\Windows\System32\drivers\msfs.sys - ok
21:09:51.0659 4040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
21:09:51.0659 4040 C:\Windows\System32\drivers\npfs.sys - ok
21:09:51.0659 4040 [ 0CA6FE26ACC7FFEE1BD0463F40835F32 ] C:\Windows\System32\drivers\tdi.sys
21:09:51.0659 4040 C:\Windows\System32\drivers\tdi.sys - ok
21:09:51.0659 4040 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] C:\Windows\System32\drivers\tdx.sys
21:09:51.0659 4040 C:\Windows\System32\drivers\tdx.sys - ok
21:09:51.0659 4040 [ DB9D6C6B2CD95A9CA414D045B627422E ] C:\Windows\System32\drivers\afd.sys
21:09:51.0659 4040 C:\Windows\System32\drivers\afd.sys - ok
21:09:51.0674 4040 [ 9162B273A44AB9DCE5B44362731D062A ] C:\Windows\System32\drivers\netbt.sys
21:09:51.0674 4040 C:\Windows\System32\drivers\netbt.sys - ok
21:09:51.0674 4040 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
21:09:51.0674 4040 C:\Windows\System32\drivers\netbios.sys - ok
21:09:51.0674 4040 [ EE992183BD8EAEFD9973F352E587A299 ] C:\Windows\System32\drivers\pacer.sys
21:09:51.0674 4040 C:\Windows\System32\drivers\pacer.sys - ok
21:09:51.0690 4040 [ C448651339196C0E869A355171875522 ] C:\Windows\System32\drivers\termdd.sys
21:09:51.0690 4040 C:\Windows\System32\drivers\termdd.sys - ok
21:09:51.0690 4040 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
21:09:51.0690 4040 C:\Windows\System32\drivers\vwififlt.sys - ok
21:09:51.0690 4040 [ 47CA49400643EFFD3F1C9A27E1D69324 ] C:\Windows\System32\drivers\wanarp.sys
21:09:51.0690 4040 C:\Windows\System32\drivers\wanarp.sys - ok
21:09:51.0690 4040 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
21:09:51.0690 4040 C:\Windows\System32\drivers\wfplwf.sys - ok
21:09:51.0705 4040 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
21:09:51.0705 4040 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
21:09:51.0705 4040 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
21:09:51.0705 4040 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
21:09:51.0705 4040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
21:09:51.0705 4040 C:\Windows\System32\drivers\mssmbios.sys - ok
21:09:51.0705 4040 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
21:09:51.0705 4040 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:09:51.0721 4040 [ 3BAC8142102C15D59A87757C1D41DCE5 ] C:\Windows\System32\drivers\rdbss.sys
21:09:51.0721 4040 C:\Windows\System32\drivers\rdbss.sys - ok
21:09:51.0721 4040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
21:09:51.0721 4040 C:\Windows\System32\drivers\amdppm.sys - ok
21:09:51.0721 4040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
21:09:51.0721 4040 C:\Windows\System32\drivers\blbdrive.sys - ok
21:09:51.0721 4040 [ 9C253CE7311CA60FC11C774692A13208 ] C:\Windows\System32\drivers\dfsc.sys
21:09:51.0721 4040 C:\Windows\System32\drivers\dfsc.sys - ok
21:09:51.0737 4040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
21:09:51.0737 4040 C:\Windows\System32\drivers\discache.sys - ok
21:09:51.0737 4040 [ 3836171A2CDF3AF8EF10856DB9835A70 ] C:\Windows\System32\drivers\tunnel.sys
21:09:51.0737 4040 C:\Windows\System32\drivers\tunnel.sys - ok
21:09:51.0737 4040 [ 957A4C13E1981B1701E600EF1E823C68 ] C:\Windows\System32\drivers\atikmpag.sys
21:09:51.0737 4040 C:\Windows\System32\drivers\atikmpag.sys - ok
21:09:51.0737 4040 [ 0A49913402747A0B67DE940FB42CBDBB ] C:\Windows\System32\drivers\hdaudbus.sys
21:09:51.0737 4040 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:09:51.0752 4040 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] C:\Windows\System32\drivers\atikmdag.sys
21:09:51.0752 4040 C:\Windows\System32\drivers\atikmdag.sys - ok
21:09:51.0752 4040 [ 1633B9ABF52784A1331476397A48CBEF ] C:\Windows\System32\drivers\dxgkrnl.sys
21:09:51.0752 4040 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:09:51.0752 4040 [ 3238B9078E0766AB5E62DC737A809ADB ] C:\Windows\System32\drivers\dxgmms1.sys
21:09:51.0752 4040 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:09:51.0752 4040 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
21:09:51.0752 4040 C:\Windows\System32\drivers\Rt64win7.sys - ok
21:09:51.0768 4040 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
21:09:51.0768 4040 C:\Windows\System32\smss.exe - ok
21:09:51.0768 4040 [ 68DB778AC4FD7896CE2F153353BA15C8 ] C:\Windows\System32\ntdll.dll
21:09:51.0768 4040 C:\Windows\System32\ntdll.dll - ok
21:09:51.0768 4040 [ A91291136D1E70966645252F6B828711 ] C:\Windows\System32\drivers\usbport.sys
21:09:51.0768 4040 C:\Windows\System32\drivers\usbport.sys - ok
21:09:51.0768 4040 [ 03B7145C889603537E9FFEABB1AD1089 ] C:\Windows\System32\drivers\ASACPI.sys
21:09:51.0768 4040 C:\Windows\System32\drivers\ASACPI.sys - ok
21:09:51.0783 4040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
21:09:51.0783 4040 C:\Windows\System32\drivers\i8042prt.sys - ok
21:09:51.0783 4040 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] C:\Windows\System32\drivers\usbehci.sys
21:09:51.0783 4040 C:\Windows\System32\drivers\usbehci.sys - ok
21:09:51.0783 4040 [ 58E546BBAF87664FC57E0F6081E4F609 ] C:\Windows\System32\drivers\usbohci.sys
21:09:51.0783 4040 C:\Windows\System32\drivers\usbohci.sys - ok
21:09:51.0799 4040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
21:09:51.0799 4040 C:\Windows\System32\drivers\kbdclass.sys - ok
21:09:51.0799 4040 [ 9E84A931DBEE0292E38ED672F6293A99 ] C:\Windows\System32\drivers\BCMWL664.SYS
21:09:51.0799 4040 C:\Windows\System32\drivers\BCMWL664.SYS - ok
21:09:51.0799 4040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
21:09:51.0799 4040 C:\Windows\System32\drivers\agilevpn.sys - ok
21:09:51.0799 4040 [ F26B3A86F6FA87CA360B879581AB4123 ] C:\Windows\System32\drivers\CompositeBus.sys
21:09:51.0799 4040 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:09:51.0815 4040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
21:09:51.0815 4040 C:\Windows\System32\drivers\ndistapi.sys - ok
21:09:51.0815 4040 [ 87A6E852A22991580D6D39ADC4790463 ] C:\Windows\System32\drivers\rasl2tp.sys
21:09:51.0815 4040 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:09:51.0815 4040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
21:09:51.0815 4040 C:\Windows\System32\drivers\vwifibus.sys - ok
21:09:51.0815 4040 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
21:09:51.0815 4040 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:09:51.0830 4040 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] C:\Windows\System32\drivers\hamachi.sys
21:09:51.0830 4040 C:\Windows\System32\drivers\hamachi.sys - ok
21:09:51.0830 4040 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] C:\Windows\System32\drivers\ndiswan.sys
21:09:51.0830 4040 C:\Windows\System32\drivers\ndiswan.sys - ok
21:09:51.0830 4040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
21:09:51.0830 4040 C:\Windows\System32\drivers\raspppoe.sys - ok
21:09:51.0830 4040 [ 27CC19E81BA5E3403C48302127BDA717 ] C:\Windows\System32\drivers\raspptp.sys
21:09:51.0830 4040 C:\Windows\System32\drivers\raspptp.sys - ok
21:09:51.0846 4040 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
21:09:51.0846 4040 C:\Windows\System32\drivers\rassstp.sys - ok
21:09:51.0846 4040 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
21:09:51.0846 4040 C:\Windows\System32\drivers\amdiox64.sys - ok
21:09:51.0846 4040 [ 5C7AF4A20F5BF67042B2E613D123D111 ] C:\Windows\System32\drivers\ks.sys
21:09:51.0846 4040 C:\Windows\System32\drivers\ks.sys - ok
21:09:51.0846 4040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
21:09:51.0846 4040 C:\Windows\System32\drivers\mouclass.sys - ok
21:09:51.0861 4040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
21:09:51.0861 4040 C:\Windows\System32\drivers\swenum.sys - ok
21:09:51.0861 4040 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] C:\Windows\System32\drivers\umbus.sys
21:09:51.0861 4040 C:\Windows\System32\drivers\umbus.sys - ok
21:09:51.0861 4040 [ 8B7F8E882A649D81CEA1EDE9BBB68FFF ] C:\Windows\System32\autochk.exe
21:09:51.0861 4040 C:\Windows\System32\autochk.exe - ok
21:09:51.0861 4040 [ 4C9042B8DF86C1E8E6240C218B99B39B ] C:\Windows\System32\drivers\usbhub.sys
21:09:51.0861 4040 C:\Windows\System32\drivers\usbhub.sys - ok
21:09:51.0877 4040 [ AC8F79017C5C1FB316930EDEAD0AF517 ] C:\Windows\System32\ole32.dll
21:09:51.0877 4040 C:\Windows\System32\ole32.dll - ok
21:09:51.0877 4040 [ 48C903068B6BDAB5EF650B9CBEE85295 ] C:\Windows\System32\rpcrt4.dll
21:09:51.0877 4040 C:\Windows\System32\rpcrt4.dll - ok
21:09:51.0877 4040 [ 72D7B3EA16946E8F0CF7458150031CC6 ] C:\Windows\System32\user32.dll
21:09:51.0877 4040 C:\Windows\System32\user32.dll - ok
21:09:51.0877 4040 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
21:09:51.0877 4040 C:\Windows\System32\advapi32.dll - ok
21:09:51.0877 4040 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
21:09:51.0877 4040 C:\Windows\System32\nsi.dll - ok
21:09:51.0893 4040 [ 15BDC173EB5FA4F92B67D9FFB269A6EA ] C:\Windows\System32\shlwapi.dll
21:09:51.0893 4040 C:\Windows\System32\shlwapi.dll - ok
21:09:51.0893 4040 [ 5F2BDCA5FA0F20A6F452CF0EE2A2B18C ] C:\Windows\System32\usp10.dll
21:09:51.0893 4040 C:\Windows\System32\usp10.dll - ok
21:09:51.0893 4040 [ 659B74FB74B86228D6338D643CD3E3CF ] C:\Windows\System32\drivers\ndproxy.sys
21:09:51.0893 4040 C:\Windows\System32\drivers\ndproxy.sys - ok
21:09:51.0893 4040 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
21:09:51.0893 4040 C:\Windows\System32\drivers\drmk.sys - ok
21:09:51.0908 4040 [ B0790FF0E25B7A2674296052F2162C1A ] C:\Windows\System32\drivers\AtihdW76.sys
21:09:51.0908 4040 C:\Windows\System32\drivers\AtihdW76.sys - ok
21:09:51.0908 4040 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
21:09:51.0908 4040 C:\Windows\System32\drivers\ksthunk.sys - ok
21:09:51.0908 4040 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
21:09:51.0908 4040 C:\Windows\System32\drivers\portcls.sys - ok
21:09:51.0908 4040 [ 8F69C38A8BA725F891F26AAC8888696E ] C:\Windows\System32\drivers\viahduaa.sys
21:09:51.0908 4040 C:\Windows\System32\drivers\viahduaa.sys - ok
21:09:51.0924 4040 [ 8E7F88A62E1AA28F15C0D6784E4C78B6 ] C:\Windows\System32\kernel32.dll
21:09:51.0924 4040 C:\Windows\System32\kernel32.dll - ok
21:09:51.0924 4040 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
21:09:51.0924 4040 C:\Windows\System32\difxapi.dll - ok
21:09:51.0924 4040 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
21:09:51.0924 4040 C:\Windows\System32\wininet.dll - ok
21:09:51.0924 4040 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
21:09:51.0924 4040 C:\Windows\System32\normaliz.dll - ok
21:09:51.0924 4040 [ 2A46451EE42BCD2C842D8AA4923FAC16 ] C:\Windows\System32\oleaut32.dll
21:09:51.0924 4040 C:\Windows\System32\oleaut32.dll - ok
21:09:51.0939 4040 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
21:09:51.0939 4040 C:\Windows\System32\clbcatq.dll - ok
21:09:51.0939 4040 [ 579F6AFC6A6561951FA2202EFC3FE485 ] C:\Windows\System32\msvcrt.dll
21:09:51.0939 4040 C:\Windows\System32\msvcrt.dll - ok
21:09:51.0939 4040 [ E1B1255D3A4B3367FE4E9C71E62E3B5A ] C:\Windows\System32\gdi32.dll
21:09:51.0939 4040 C:\Windows\System32\gdi32.dll - ok
21:09:51.0939 4040 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
21:09:51.0939 4040 C:\Windows\System32\sechost.dll - ok
21:09:51.0939 4040 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
21:09:51.0939 4040 C:\Windows\System32\iertutil.dll - ok
21:09:51.0955 4040 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
21:09:51.0955 4040 C:\Windows\System32\imm32.dll - ok
21:09:51.0955 4040 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
21:09:51.0955 4040 C:\Windows\System32\urlmon.dll - ok
21:09:51.0955 4040 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
21:09:51.0955 4040 C:\Windows\System32\psapi.dll - ok
21:09:51.0955 4040 [ 48CC125A6AB6C72A13E3D3E9C39AD9D9 ] C:\Windows\System32\shell32.dll
21:09:51.0955 4040 C:\Windows\System32\shell32.dll - ok
21:09:51.0955 4040 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
21:09:51.0955 4040 C:\Windows\System32\msctf.dll - ok
21:09:51.0971 4040 [ 7083F463788CB34FCC42F565D56F89E8 ] C:\Windows\System32\ws2_32.dll
21:09:51.0971 4040 C:\Windows\System32\ws2_32.dll - ok
21:09:51.0971 4040 [ F94B8644F3AFE040EC6E1B6FBC9EFAA9 ] C:\Windows\System32\comdlg32.dll
21:09:51.0971 4040 C:\Windows\System32\comdlg32.dll - ok
21:09:51.0971 4040 [ E5CBF5F8623BBD1DB7B8148A66F6EBA4 ] C:\Windows\System32\Wldap32.dll
21:09:51.0971 4040 C:\Windows\System32\Wldap32.dll - ok
21:09:51.0971 4040 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
21:09:51.0971 4040 C:\Windows\System32\lpk.dll - ok
21:09:51.0986 4040 [ 15A54626213EBF003F7D4C9D8380A656 ] C:\Windows\System32\imagehlp.dll
21:09:51.0986 4040 C:\Windows\System32\imagehlp.dll - ok
21:09:51.0986 4040 [ 6A4EA4C29FBF78112AE20013FB71E9C1 ] C:\Windows\System32\setupapi.dll
21:09:51.0986 4040 C:\Windows\System32\setupapi.dll - ok
21:09:51.0986 4040 [ BC052EFAD10ACA1AD69545B629F50D99 ] C:\Windows\System32\comctl32.dll
21:09:51.0986 4040 C:\Windows\System32\comctl32.dll - ok
21:09:51.0986 4040 [ D256EB74BF77026FC9A3D7193861C7AD ] C:\Windows\System32\crypt32.dll
21:09:51.0986 4040 C:\Windows\System32\crypt32.dll - ok
21:09:51.0986 4040 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
21:09:51.0986 4040 C:\Windows\System32\devobj.dll - ok
21:09:52.0002 4040 [ 140A25BE1A1D2F6B17A019B305611A02 ] C:\Windows\System32\KernelBase.dll
21:09:52.0002 4040 C:\Windows\System32\KernelBase.dll - ok
21:09:52.0002 4040 [ D05E03C1B2824236531F5E37334B6A8A ] C:\Windows\System32\cfgmgr32.dll
21:09:52.0002 4040 C:\Windows\System32\cfgmgr32.dll - ok
21:09:52.0002 4040 [ 98FB7DD3B28A92E3C0E5B4BD9D63EF01 ] C:\Windows\System32\msasn1.dll
21:09:52.0002 4040 C:\Windows\System32\msasn1.dll - ok
21:09:52.0002 4040 [ 987508ED06FC097E754A91BA8A8AAD0E ] C:\Windows\System32\wintrust.dll
21:09:52.0002 4040 C:\Windows\System32\wintrust.dll - ok
21:09:52.0017 4040 [ 63C8D74BED9F80F4DD0AA7A3101EB639 ] C:\Windows\System32\drivers\usbd.sys
21:09:52.0017 4040 C:\Windows\System32\drivers\usbd.sys - ok
21:09:52.0017 4040 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
21:09:52.0017 4040 C:\Windows\SysWOW64\normaliz.dll - ok
21:09:52.0017 4040 [ B26AFB54A534D634523C4FB66765B026 ] C:\Windows\System32\drivers\usbccgp.sys
21:09:52.0017 4040 C:\Windows\System32\drivers\usbccgp.sys - ok
21:09:52.0017 4040 [ 77B01BC848298223A95D4EC23E1785A1 ] C:\Windows\System32\drivers\USBAUDIO.sys
21:09:52.0017 4040 C:\Windows\System32\drivers\USBAUDIO.sys - ok
21:09:52.0017 4040 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
21:09:52.0017 4040 C:\Windows\System32\drivers\hidparse.sys - ok
21:09:52.0033 4040 [ 685FEC2407FC121EB937CB658B3C0F35 ] C:\Windows\System32\drivers\hidclass.sys
21:09:52.0033 4040 C:\Windows\System32\drivers\hidclass.sys - ok
21:09:52.0033 4040 [ B3BF6B5B50006DEF50B66306D99FCF6F ] C:\Windows\System32\drivers\hidusb.sys
21:09:52.0033 4040 C:\Windows\System32\drivers\hidusb.sys - ok
21:09:52.0033 4040 [ 080D3820DA6C046BE82FC8B45A893E83 ] C:\Windows\System32\drivers\USBSTOR.SYS
21:09:52.0033 4040 C:\Windows\System32\drivers\USBSTOR.SYS - ok
21:09:52.0033 4040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
21:09:52.0033 4040 C:\Windows\System32\drivers\mouhid.sys - ok
21:09:52.0049 4040 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
21:09:52.0049 4040 C:\Windows\System32\drivers\dxapi.sys - ok
21:09:52.0049 4040 [ E37C71EA972AD883E7841D07BC6D5F1C ] C:\Windows\System32\win32k.sys
21:09:52.0049 4040 C:\Windows\System32\win32k.sys - ok
21:09:52.0049 4040 [ E730EADB8F176DB06A378435BEB2E823 ] C:\Windows\System32\csrsrv.dll
21:09:52.0049 4040 C:\Windows\System32\csrsrv.dll - ok
21:09:52.0049 4040 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
21:09:52.0049 4040 C:\Windows\System32\csrss.exe - ok
21:09:52.0049 4040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
21:09:52.0049 4040 C:\Windows\System32\basesrv.dll - ok
21:09:52.0064 4040 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\System32\winsrv.dll
21:09:52.0064 4040 C:\Windows\System32\winsrv.dll - ok
21:09:52.0064 4040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
21:09:52.0064 4040 C:\Windows\System32\drivers\monitor.sys - ok
21:09:52.0064 4040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
21:09:52.0064 4040 C:\Windows\System32\sxssrv.dll - ok
21:09:52.0064 4040 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
21:09:52.0064 4040 C:\Windows\System32\tsddd.dll - ok
21:09:52.0064 4040 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
21:09:52.0064 4040 C:\Windows\System32\wininit.exe - ok
21:09:52.0080 4040 [ 100BDF2F89D6056CEE900BB6156DA737 ] C:\Windows\System32\cdd.dll
21:09:52.0080 4040 C:\Windows\System32\cdd.dll - ok
21:09:52.0080 4040 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
21:09:52.0080 4040 C:\Windows\System32\KBDUK.DLL - ok
21:09:52.0080 4040 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
21:09:52.0080 4040 C:\Windows\System32\profapi.dll - ok
21:09:52.0080 4040 [ F4389DA7DBDA2E7D292D360CF8E400C7 ] C:\Windows\System32\RpcRtRemote.dll
21:09:52.0080 4040 C:\Windows\System32\RpcRtRemote.dll - ok
21:09:52.0080 4040 [ 456C92A9D8DB51B9938A6234BBC65FC9 ] C:\Windows\System32\sxs.dll
21:09:52.0080 4040 C:\Windows\System32\sxs.dll - ok
21:09:52.0095 4040 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
21:09:52.0095 4040 C:\Windows\System32\WlS0WndH.dll - ok
21:09:52.0095 4040 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
21:09:52.0095 4040 C:\Windows\System32\cryptbase.dll - ok
21:09:52.0095 4040 [ 01A465AC251BCCF6037DF2EF28AA4292 ] C:\Windows\System32\apphelp.dll
21:09:52.0095 4040 C:\Windows\System32\apphelp.dll - ok
21:09:52.0095 4040 [ BFA69408620587AFDEC2E8C12CA60492 ] C:\Windows\System32\lsasrv.dll
21:09:52.0095 4040 C:\Windows\System32\lsasrv.dll - ok
21:09:52.0111 4040 [ 156F6159457D0AA7E59B62681B56EB90 ] C:\Windows\System32\lsass.exe
21:09:52.0111 4040 C:\Windows\System32\lsass.exe - ok
21:09:52.0111 4040 [ 04FCA22B77A2E37332CC8226187AF87B ] C:\Windows\System32\lsm.exe
21:09:52.0111 4040 C:\Windows\System32\lsm.exe - ok
21:09:52.0111 4040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
21:09:52.0111 4040 C:\Windows\System32\services.exe - ok
21:09:52.0111 4040 [ 1F582C6C84D5243692F9C3E04D0A663F ] C:\Windows\System32\sspicli.dll
21:09:52.0111 4040 C:\Windows\System32\sspicli.dll - ok
21:09:52.0127 4040 [ 68EA2513CA68AD8F741FF4F5B8D8590C ] C:\Windows\System32\sspisrv.dll
21:09:52.0127 4040 C:\Windows\System32\sspisrv.dll - ok
21:09:52.0127 4040 [ B160ADAEFC76031D92C4FBAC0918B033 ] C:\Windows\System32\samsrv.dll
21:09:52.0127 4040 C:\Windows\System32\samsrv.dll - ok
21:09:52.0127 4040 [ 941AF3C8B0DE1B359BE22DD3288A8C8E ] C:\Windows\System32\scesrv.dll
21:09:52.0127 4040 C:\Windows\System32\scesrv.dll - ok
21:09:52.0127 4040 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
21:09:52.0127 4040 C:\Windows\System32\scext.dll - ok
21:09:52.0142 4040 [ 74A0871810BF0F2AA3EB6681E9BECDD3 ] C:\Windows\System32\secur32.dll
21:09:52.0142 4040 C:\Windows\System32\secur32.dll - ok
21:09:52.0142 4040 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
21:09:52.0142 4040 C:\Windows\System32\sysntfy.dll - ok
21:09:52.0142 4040 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
21:09:52.0142 4040 C:\Windows\System32\wmsgapi.dll - ok
21:09:52.0142 4040 [ DA3E2A6FA9660CC75B471530CE88453A ] C:\Windows\System32\winlogon.exe
21:09:52.0142 4040 C:\Windows\System32\winlogon.exe - ok
21:09:52.0158 4040 [ D8C88512BA9544AE1CC2034F50ECFA12 ] C:\Windows\System32\winsta.dll
21:09:52.0158 4040 C:\Windows\System32\winsta.dll - ok
21:09:52.0158 4040 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
21:09:52.0158 4040 C:\Windows\System32\cryptdll.dll - ok
21:09:52.0158 4040 [ D23371AB9607651937C7641A38CD52BC ] C:\Windows\System32\srvcli.dll
21:09:52.0158 4040 C:\Windows\System32\srvcli.dll - ok
21:09:52.0158 4040 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
21:09:52.0158 4040 C:\Windows\System32\wevtapi.dll - ok
21:09:52.0173 4040 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
21:09:52.0173 4040 C:\Windows\System32\authz.dll - ok
21:09:52.0173 4040 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
21:09:52.0173 4040 C:\Windows\System32\cngaudit.dll - ok
21:09:52.0173 4040 [ E08926B4E52F92FF8852BECC0E2F358A ] C:\Windows\System32\ncrypt.dll
21:09:52.0173 4040 C:\Windows\System32\ncrypt.dll - ok
21:09:52.0173 4040 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
21:09:52.0173 4040 C:\Windows\System32\bcrypt.dll - ok
21:09:52.0189 4040 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
21:09:52.0189 4040 C:\Windows\System32\msprivs.dll - ok
21:09:52.0189 4040 [ B561B451320B0B40908A8BFD81705262 ] C:\Windows\System32\netjoin.dll
21:09:52.0189 4040 C:\Windows\System32\netjoin.dll - ok
21:09:52.0189 4040 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
21:09:52.0189 4040 C:\Windows\System32\negoexts.dll - ok
21:09:52.0189 4040 [ 00B40A10E3DB79E4D3E127B9C2233A6B ] C:\Windows\System32\kerberos.dll
21:09:52.0189 4040 C:\Windows\System32\kerberos.dll - ok
21:09:52.0205 4040 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
21:09:52.0205 4040 C:\Windows\System32\cryptsp.dll - ok
21:09:52.0205 4040 [ FC76FE3C1E1FDB761244D4F74EF560FD ] C:\Windows\System32\mswsock.dll
21:09:52.0205 4040 C:\Windows\System32\mswsock.dll - ok
21:09:52.0205 4040 [ FA4DB05923DDDEDE3196ABD09AE0F1E9 ] C:\Windows\System32\msv1_0.dll
21:09:52.0205 4040 C:\Windows\System32\msv1_0.dll - ok
21:09:52.0205 4040 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
21:09:52.0205 4040 C:\Windows\System32\wship6.dll - ok
21:09:52.0220 4040 [ 956D030D375F207B22FB111E06EF9C35 ] C:\Windows\System32\netlogon.dll
21:09:52.0220 4040 C:\Windows\System32\netlogon.dll - ok
21:09:52.0220 4040 [ E247E7DEB20C0CF0801A8AC39E9CE1DF ] C:\Windows\System32\dnsapi.dll
21:09:52.0220 4040 C:\Windows\System32\dnsapi.dll - ok
21:09:52.0220 4040 [ 8CE22E63F08613036DF8C7B00FBDF36B ] C:\Windows\System32\logoncli.dll
21:09:52.0220 4040 C:\Windows\System32\logoncli.dll - ok
21:09:52.0220 4040 [ 90B780886BD813882CB382FF3E90E092 ] C:\Windows\System32\schannel.dll
21:09:52.0220 4040 C:\Windows\System32\schannel.dll - ok
21:09:52.0236 4040 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
21:09:52.0236 4040 C:\Windows\System32\wdigest.dll - ok
21:09:52.0236 4040 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
21:09:52.0236 4040 C:\Windows\System32\rsaenh.dll - ok
21:09:52.0236 4040 [ 0DEFD5FBF801DD8F83BC0ED09861A8EC ] C:\Windows\System32\TSpkg.dll
21:09:52.0236 4040 C:\Windows\System32\TSpkg.dll - ok
21:09:52.0236 4040 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
21:09:52.0236 4040 C:\Windows\System32\pku2u.dll - ok
21:09:52.0251 4040 [ DA090E97E57DCB48888015B5D3C749CD ] C:\Windows\System32\bcryptprimitives.dll
21:09:52.0251 4040 C:\Windows\System32\bcryptprimitives.dll - ok
21:09:52.0251 4040 [ 9301B8810B2DA4EB6AD55DB75FC1E339 ] C:\Windows\System32\credssp.dll
21:09:52.0251 4040 C:\Windows\System32\credssp.dll - ok
21:09:52.0251 4040 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
21:09:52.0251 4040 C:\Windows\System32\efslsaext.dll - ok
21:09:52.0251 4040 [ 398712DDDAEFB85EDF61DF6A07B65C79 ] C:\Windows\System32\scecli.dll
21:09:52.0251 4040 C:\Windows\System32\scecli.dll - ok
21:09:52.0267 4040 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
21:09:52.0267 4040 C:\Windows\System32\ubpm.dll - ok
21:09:52.0267 4040 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
21:09:52.0267 4040 C:\Windows\System32\SPInf.dll - ok
21:09:52.0267 4040 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
21:09:52.0267 4040 C:\Windows\System32\svchost.exe - ok
21:09:52.0267 4040 [ 98B1721B8718164293B9701B98C52D77 ] C:\Windows\System32\umpnpmgr.dll
21:09:52.0267 4040 C:\Windows\System32\umpnpmgr.dll - ok
21:09:52.0283 4040 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
21:09:52.0283 4040 C:\Windows\System32\devrtl.dll - ok
21:09:52.0283 4040 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
21:09:52.0283 4040 C:\Windows\System32\gpapi.dll - ok
21:09:52.0283 4040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
21:09:52.0283 4040 C:\Windows\System32\umpo.dll - ok
21:09:52.0283 4040 [ 0776CF79590BDEF0A2728B0B9A813B96 ] C:\Windows\System32\userenv.dll
21:09:52.0283 4040 C:\Windows\System32\userenv.dll - ok
21:09:52.0283 4040 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
21:09:52.0298 4040 C:\Windows\System32\pcwum.dll - ok
21:09:52.0298 4040 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
21:09:52.0298 4040 C:\Windows\System32\powrprof.dll - ok
21:09:52.0298 4040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
21:09:52.0298 4040 C:\Windows\System32\drivers\luafv.sys - ok

Edited by Kairyn, 17 October 2012 - 10:23 PM.


#7 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 17 October 2012 - 10:19 PM

21:09:52.0298 4040 [ B9FC4CCE5758B816F27DD4D1EED11841 ] C:\Windows\System32\drivers\mbam.sys
21:09:52.0298 4040 C:\Windows\System32\drivers\mbam.sys - ok
21:09:52.0298 4040 [ 7CADC74271DD6461C452C271B30BD378 ] C:\Windows\System32\drivers\WUDFPf.sys
21:09:52.0298 4040 C:\Windows\System32\drivers\WUDFPf.sys - ok
21:09:52.0314 4040 [ 7266972E86890E2B30C0C322E906B027 ] C:\Windows\System32\rpcss.dll
21:09:52.0314 4040 C:\Windows\System32\rpcss.dll - ok
21:09:52.0314 4040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
21:09:52.0314 4040 C:\Windows\System32\RpcEpMap.dll - ok
21:09:52.0314 4040 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
21:09:52.0314 4040 C:\Windows\System32\WSHTCPIP.DLL - ok
21:09:52.0314 4040 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
21:09:52.0314 4040 C:\Windows\System32\wshqos.dll - ok
21:09:52.0329 4040 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
21:09:52.0329 4040 C:\Windows\System32\FirewallAPI.dll - ok
21:09:52.0329 4040 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
21:09:52.0329 4040 C:\Windows\System32\version.dll - ok
21:09:52.0329 4040 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:09:52.0329 4040 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
21:09:52.0329 4040 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
21:09:52.0329 4040 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
21:09:52.0345 4040 [ 93E6A39B1DB898F7C949FA5567E774CF ] C:\Windows\System32\LogonUI.exe
21:09:52.0345 4040 C:\Windows\System32\LogonUI.exe - ok
21:09:52.0345 4040 [ BCF0A980D21711E47D0803BDB0E99CAD ] C:\Windows\System32\authui.dll
21:09:52.0345 4040 C:\Windows\System32\authui.dll - ok
21:09:52.0345 4040 [ DBA90306A721FB922FDACED9E9728C28 ] C:\Windows\System32\cryptui.dll
21:09:52.0345 4040 C:\Windows\System32\cryptui.dll - ok
21:09:52.0345 4040 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
21:09:52.0345 4040 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
21:09:52.0361 4040 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
21:09:52.0361 4040 C:\Windows\System32\wtsapi32.dll - ok
21:09:52.0361 4040 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
21:09:52.0361 4040 C:\Windows\System32\ntmarta.dll - ok
21:09:52.0361 4040 [ 113921FC4A80A3DDF646852998B836D0 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll
21:09:52.0361 4040 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll - ok
21:09:52.0361 4040 [ B27EA141A7E748B607600A8551A44D5A ] C:\Windows\System32\propsys.dll
21:09:52.0361 4040 C:\Windows\System32\propsys.dll - ok
21:09:52.0361 4040 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
21:09:52.0361 4040 C:\Windows\System32\samlib.dll - ok
21:09:52.0376 4040 [ 84F8C8B9FB1F12532999D25F5DD7E77C ] C:\Windows\System32\shacct.dll
21:09:52.0376 4040 C:\Windows\System32\shacct.dll - ok
21:09:52.0376 4040 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
21:09:52.0376 4040 C:\Windows\System32\uxtheme.dll - ok
21:09:52.0376 4040 [ DD0701DE0AAA010E6EBD0F53B672DCEE ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_2b47185a719d6182\GdiPlus.dll
21:09:52.0376 4040 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_2b47185a719d6182\GdiPlus.dll - ok
21:09:52.0376 4040 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
21:09:52.0376 4040 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
21:09:52.0392 4040 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] C:\Windows\System32\atiesrxx.exe
21:09:52.0392 4040 C:\Windows\System32\atiesrxx.exe - ok
21:09:52.0392 4040 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
21:09:52.0392 4040 C:\Windows\System32\dui70.dll - ok
21:09:52.0392 4040 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
21:09:52.0392 4040 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
21:09:52.0392 4040 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
21:09:52.0392 4040 C:\Windows\System32\fltLib.dll - ok
21:09:52.0392 4040 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
21:09:52.0392 4040 C:\Windows\System32\duser.dll - ok
21:09:52.0407 4040 [ B2E3D4BB3389817FB5E4CD9378BC8791 ] C:\Windows\System32\SndVolSSO.dll
21:09:52.0407 4040 C:\Windows\System32\SndVolSSO.dll - ok
21:09:52.0407 4040 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
21:09:52.0407 4040 C:\Windows\System32\hid.dll - ok
21:09:52.0407 4040 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
21:09:52.0407 4040 C:\Windows\System32\MMDevAPI.dll - ok
21:09:52.0407 4040 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
21:09:52.0407 4040 C:\Windows\System32\dwmapi.dll - ok
21:09:52.0407 4040 [ 39F91A948E6017B732C4A0B3086A8E32 ] C:\Windows\System32\xmllite.dll
21:09:52.0407 4040 C:\Windows\System32\xmllite.dll - ok
21:09:52.0423 4040 [ EA99F234843BBDDA1ABD2767111ADE25 ] C:\Windows\System32\WindowsCodecs.dll
21:09:52.0423 4040 C:\Windows\System32\WindowsCodecs.dll - ok
21:09:52.0423 4040 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
21:09:52.0423 4040 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
21:09:52.0423 4040 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
21:09:52.0423 4040 C:\Windows\System32\drivers\MpFilter.sys - ok
21:09:52.0423 4040 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
21:09:52.0423 4040 C:\Windows\System32\VaultCredProvider.dll - ok
21:09:52.0423 4040 [ 99ABDA9C92EC76CBAF52F00239D909C9 ] C:\Windows\System32\wevtsvc.dll
21:09:52.0423 4040 C:\Windows\System32\wevtsvc.dll - ok
21:09:52.0439 4040 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
21:09:52.0439 4040 C:\Windows\System32\winbrand.dll - ok
21:09:52.0439 4040 [ 2A381A9740165D7A1405148B6DFB3E38 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:09:52.0439 4040 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:09:52.0439 4040 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
21:09:52.0439 4040 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
21:09:52.0439 4040 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
21:09:52.0439 4040 C:\Windows\System32\BioCredProv.dll - ok
21:09:52.0439 4040 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
21:09:52.0439 4040 C:\Windows\System32\winbio.dll - ok
21:09:52.0454 4040 [ 97D38371502AA797DB14EB1FA5FCE4CD ] C:\Windows\System32\credui.dll
21:09:52.0454 4040 C:\Windows\System32\credui.dll - ok
21:09:52.0454 4040 [ 3C27B50BC43D5FED43081A784DD17190 ] C:\Windows\System32\netapi32.dll
21:09:52.0454 4040 C:\Windows\System32\netapi32.dll - ok
21:09:52.0454 4040 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
21:09:52.0454 4040 C:\Windows\System32\vaultcli.dll - ok
21:09:52.0454 4040 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
21:09:52.0454 4040 C:\Windows\System32\certCredProvider.dll - ok
21:09:52.0470 4040 [ 4C8C2F987FC397DCE98874D6C9C0736A ] C:\Windows\System32\netutils.dll
21:09:52.0470 4040 C:\Windows\System32\netutils.dll - ok
21:09:52.0470 4040 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
21:09:52.0470 4040 C:\Windows\System32\rasplap.dll - ok
21:09:52.0470 4040 [ A87205FE194B239D8D96E4972B779CC1 ] C:\Windows\System32\samcli.dll
21:09:52.0470 4040 C:\Windows\System32\samcli.dll - ok
21:09:52.0470 4040 [ B33CBD1A8C2A33121321D0FEBD7DD870 ] C:\Windows\System32\wkscli.dll
21:09:52.0470 4040 C:\Windows\System32\wkscli.dll - ok
21:09:52.0485 4040 [ 07721A77180EDD4D39CCB865BF63C7FD ] C:\Windows\System32\audiosrv.dll
21:09:52.0485 4040 C:\Windows\System32\audiosrv.dll - ok
21:09:52.0485 4040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
21:09:52.0485 4040 C:\Windows\System32\wlansvc.dll - ok
21:09:52.0485 4040 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
21:09:52.0485 4040 C:\Windows\System32\avrt.dll - ok
21:09:52.0501 4040 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
21:09:52.0501 4040 C:\Windows\System32\mmcss.dll - ok
21:09:52.0501 4040 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
21:09:52.0501 4040 C:\Windows\System32\rasapi32.dll - ok
21:09:52.0501 4040 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
21:09:52.0501 4040 C:\Windows\System32\rasman.dll - ok
21:09:52.0501 4040 [ F5A61F0A0030C80DF319B0C14A4C8885 ] C:\Windows\System32\rtutils.dll
21:09:52.0501 4040 C:\Windows\System32\rtutils.dll - ok
21:09:52.0517 4040 [ D152EBC32A23069F8AA1D1F24B15E3F9 ] C:\Windows\System32\audiodg.exe
21:09:52.0517 4040 C:\Windows\System32\audiodg.exe - ok
21:09:52.0517 4040 [ 78555E35CD15785B9EE62B8C8167A861 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8B4D0D66-6511-48F3-8CBF-3E55984B2682}\mpengine.dll
21:09:52.0517 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8B4D0D66-6511-48F3-8CBF-3E55984B2682}\mpengine.dll - ok
21:09:52.0517 4040 [ FE5AB4525BC2EC68B9119A6E5D40128B ] C:\Windows\System32\gpsvc.dll
21:09:52.0517 4040 C:\Windows\System32\gpsvc.dll - ok
21:09:52.0517 4040 [ 86E3822A34D454032D8E88C72AE8CF2D ] C:\Windows\System32\nlaapi.dll
21:09:52.0517 4040 C:\Windows\System32\nlaapi.dll - ok
21:09:52.0532 4040 [ 97293447431311C06703368AD0F6C4BE ] C:\Windows\System32\profsvc.dll
21:09:52.0532 4040 C:\Windows\System32\profsvc.dll - ok
21:09:52.0532 4040 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
21:09:52.0532 4040 C:\Windows\System32\atl.dll - ok
21:09:52.0532 4040 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
21:09:52.0532 4040 C:\Windows\System32\themeservice.dll - ok
21:09:52.0532 4040 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
21:09:52.0532 4040 C:\Windows\System32\dsrole.dll - ok
21:09:52.0532 4040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
21:09:52.0532 4040 C:\Windows\System32\es.dll - ok
21:09:52.0548 4040 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
21:09:52.0548 4040 C:\Windows\System32\slc.dll - ok
21:09:52.0548 4040 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
21:09:52.0548 4040 C:\Windows\System32\Sens.dll - ok
21:09:52.0548 4040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
21:09:52.0548 4040 C:\Windows\System32\uxsms.dll - ok
21:09:52.0548 4040 [ B551D6637AA0E132C18AC6E504F7B79B ] C:\Windows\System32\WUDFSvc.dll
21:09:52.0548 4040 C:\Windows\System32\WUDFSvc.dll - ok
21:09:52.0548 4040 [ 37B68E458C0BC255DF2FB7454D0798D3 ] C:\Windows\System32\WUDFPlatform.dll
21:09:52.0548 4040 C:\Windows\System32\WUDFPlatform.dll - ok
21:09:52.0563 4040 [ 773AE353D587B7440F071ABBB9B71319 ] C:\Windows\System32\atieclxx.exe
21:09:52.0563 4040 C:\Windows\System32\atieclxx.exe - ok
21:09:52.0563 4040 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
21:09:52.0563 4040 C:\Windows\System32\UXInit.dll - ok
21:09:52.0563 4040 [ AFCE91E482B0FE0800C455871AA98F19 ] C:\Windows\System32\atiadlxx.dll
21:09:52.0563 4040 C:\Windows\System32\atiadlxx.dll - ok
21:09:52.0563 4040 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
21:09:52.0563 4040 C:\Windows\System32\wsock32.dll - ok
21:09:52.0563 4040 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
21:09:52.0563 4040 C:\Windows\System32\adtschema.dll - ok
21:09:52.0579 4040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
21:09:52.0579 4040 C:\Windows\System32\netprofm.dll - ok
21:09:52.0579 4040 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
21:09:52.0579 4040 C:\Windows\System32\imageres.dll - ok
21:09:52.0579 4040 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
21:09:52.0579 4040 C:\Windows\System32\comres.dll - ok
21:09:52.0579 4040 [ 57FE2CFC2F25C200499D5D934EA24EB5 ] C:\Windows\System32\IPHLPAPI.DLL
21:09:52.0579 4040 C:\Windows\System32\IPHLPAPI.DLL - ok
21:09:52.0595 4040 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
21:09:52.0595 4040 C:\Windows\System32\drivers\lltdio.sys - ok
21:09:52.0595 4040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
21:09:52.0595 4040 C:\Windows\System32\drivers\nwifi.sys - ok
21:09:52.0595 4040 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] C:\Windows\System32\drivers\ndisuio.sys
21:09:52.0595 4040 C:\Windows\System32\drivers\ndisuio.sys - ok
21:09:52.0595 4040 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
21:09:52.0595 4040 C:\Windows\System32\drivers\rspndr.sys - ok
21:09:52.0610 4040 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
21:09:52.0610 4040 C:\Windows\System32\winnsi.dll - ok
21:09:52.0610 4040 [ CE3B9562D997F69B330D181A8875960F ] C:\Windows\System32\dhcpcore.dll
21:09:52.0610 4040 C:\Windows\System32\dhcpcore.dll - ok
21:09:52.0610 4040 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
21:09:52.0610 4040 C:\Windows\System32\lmhsvc.dll - ok
21:09:52.0610 4040 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:09:52.0610 4040 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:09:52.0610 4040 [ AECAB449567D1846DAD63ECE49E893E3 ] C:\Windows\System32\MPSSVC.dll
21:09:52.0610 4040 C:\Windows\System32\MPSSVC.dll - ok
21:09:52.0626 4040 [ FD5BA198F7190DFE9BE1947EB8710396 ] C:\Windows\System32\nrpsrv.dll
21:09:52.0626 4040 C:\Windows\System32\nrpsrv.dll - ok
21:09:52.0626 4040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
21:09:52.0626 4040 C:\Windows\System32\nsisvc.dll - ok
21:09:52.0626 4040 [ 85CF424C74A1D5EC33533E1DBFF9920A ] C:\Windows\System32\dnsrslvr.dll
21:09:52.0626 4040 C:\Windows\System32\dnsrslvr.dll - ok
21:09:52.0626 4040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
21:09:52.0626 4040 C:\Windows\System32\eapsvc.dll - ok
21:09:52.0626 4040 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
21:09:52.0626 4040 C:\Windows\System32\FWPUCLNT.DLL - ok
21:09:52.0641 4040 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
21:09:52.0641 4040 C:\Windows\System32\keyiso.dll - ok
21:09:52.0641 4040 [ 982F5395AD181179320083A4FA7E7CA8 ] C:\Windows\System32\eapphost.dll
21:09:52.0641 4040 C:\Windows\System32\eapphost.dll - ok
21:09:52.0641 4040 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
21:09:52.0641 4040 C:\Windows\System32\dnsext.dll - ok
21:09:52.0641 4040 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
21:09:52.0641 4040 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
21:09:52.0657 4040 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
21:09:52.0657 4040 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
21:09:52.0657 4040 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
21:09:52.0657 4040 C:\Windows\System32\dllhost.exe - ok
21:09:52.0657 4040 [ 2017BFE87CAB3D7EF632CFD2AA08D3F0 ] C:\Windows\System32\umb.dll
21:09:52.0657 4040 C:\Windows\System32\umb.dll - ok
21:09:52.0657 4040 [ 85409DCE247D97E4D6958B7C5916BE4A ] C:\Windows\System32\wscapi.dll
21:09:52.0657 4040 C:\Windows\System32\wscapi.dll - ok
21:09:52.0673 4040 [ 22FF251AE6A780960B02A6DEADFEA7FB ] C:\Windows\System32\conhost.exe
21:09:52.0673 4040 C:\Windows\System32\conhost.exe - ok
21:09:52.0673 4040 [ 48A31B7CF046702059A86836DC21D786 ] C:\Windows\System32\wlanmsm.dll
21:09:52.0673 4040 C:\Windows\System32\wlanmsm.dll - ok
21:09:52.0673 4040 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
21:09:52.0673 4040 C:\Windows\System32\dhcpcore6.dll - ok
21:09:52.0673 4040 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
21:09:52.0673 4040 C:\Windows\System32\wlansec.dll - ok
21:09:52.0688 4040 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
21:09:52.0688 4040 C:\Windows\System32\dhcpcsvc.dll - ok
21:09:52.0688 4040 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
21:09:52.0688 4040 C:\Windows\System32\dhcpcsvc6.dll - ok
21:09:52.0688 4040 [ F7866AF72ABBAF84B1FA5AA195378C59 ] C:\Windows\System32\drivers\fltMgr.sys
21:09:52.0688 4040 C:\Windows\System32\drivers\fltMgr.sys - ok
21:09:52.0688 4040 [ D2B0D1C2BE5ECA80387F7CB8626DCAFE ] C:\Windows\System32\onex.dll
21:09:52.0688 4040 C:\Windows\System32\onex.dll - ok
21:09:52.0704 4040 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
21:09:52.0704 4040 C:\Windows\System32\eappprxy.dll - ok
21:09:52.0704 4040 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
21:09:52.0704 4040 C:\Windows\System32\eappcfg.dll - ok
21:09:52.0704 4040 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
21:09:52.0704 4040 C:\Windows\System32\PSHED.DLL - ok
21:09:52.0704 4040 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
21:09:52.0704 4040 C:\Windows\System32\wlgpclnt.dll - ok
21:09:52.0704 4040 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
21:09:52.0704 4040 C:\Windows\System32\l2gpstore.dll - ok
21:09:52.0719 4040 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:09:52.0719 4040 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:09:52.0719 4040 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
21:09:52.0719 4040 C:\Windows\System32\wlanutil.dll - ok
21:09:52.0719 4040 [ 22E7431E7DAE8463AF94A79A054276E5 ] C:\Windows\System32\WinSCard.dll
21:09:52.0719 4040 C:\Windows\System32\WinSCard.dll - ok
21:09:52.0719 4040 [ BC052EFAD10ACA1AD69545B629F50D99 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll
21:09:52.0719 4040 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll - ok
21:09:52.0735 4040 [ 64E6A44177ACF348D68255A37F4723DA ] C:\Windows\System32\cabinet.dll
21:09:52.0735 4040 C:\Windows\System32\cabinet.dll - ok
21:09:52.0735 4040 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
21:09:52.0735 4040 C:\Windows\System32\IDStore.dll - ok
21:09:52.0735 4040 [ 72D3D64526765C34DBFC7D895B4FBDF6 ] C:\Windows\System32\msxml6.dll
21:09:52.0735 4040 C:\Windows\System32\msxml6.dll - ok
21:09:52.0735 4040 [ 0F5CD07A098D6A5989019CC377722989 ] C:\Windows\System32\KBDCA.DLL
21:09:52.0735 4040 C:\Windows\System32\KBDCA.DLL - ok
21:09:52.0735 4040 [ 283C64A094A763C2F3DE2C926AEAE8CD ] C:\Windows\System32\KBDCAN.DLL
21:09:52.0735 4040 C:\Windows\System32\KBDCAN.DLL - ok
21:09:52.0751 4040 [ B9A047D231D32FDF5AF2F281E4326A9D ] C:\Windows\System32\KBDUS.DLL
21:09:52.0751 4040 C:\Windows\System32\KBDUS.DLL - ok
21:09:52.0751 4040 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
21:09:52.0751 4040 C:\Windows\System32\AtBroker.exe - ok
21:09:52.0751 4040 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
21:09:52.0751 4040 C:\Windows\System32\mpr.dll - ok
21:09:52.0751 4040 [ 6F8F1376A13114CC10C0E69274F5A4DE ] C:\Windows\System32\userinit.exe
21:09:52.0751 4040 C:\Windows\System32\userinit.exe - ok
21:09:52.0766 4040 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
21:09:52.0766 4040 C:\Windows\System32\p2pcollab.dll - ok
21:09:52.0766 4040 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] C:\Windows\System32\shsvcs.dll
21:09:52.0766 4040 C:\Windows\System32\shsvcs.dll - ok
21:09:52.0766 4040 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
21:09:52.0766 4040 C:\Windows\System32\dwm.exe - ok
21:09:52.0766 4040 [ EF184066A851E7838D5BF8C8FAE66CC4 ] C:\Windows\System32\dwmredir.dll
21:09:52.0766 4040 C:\Windows\System32\dwmredir.dll - ok
21:09:52.0766 4040 [ 4987E079A4530FA737A128BE54B63B12 ] C:\Windows\System32\QAGENTRT.DLL
21:09:52.0766 4040 C:\Windows\System32\QAGENTRT.DLL - ok
21:09:52.0782 4040 [ 9D8AB964CE511AF81207DF0E1205184C ] C:\Windows\System32\dwmcore.dll
21:09:52.0782 4040 C:\Windows\System32\dwmcore.dll - ok
21:09:52.0782 4040 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
21:09:52.0782 4040 C:\Windows\System32\fveui.dll - ok
21:09:52.0782 4040 [ 8F6D9A20F1FB06F0602A7D5A82840DBF ] C:\Windows\System32\netcfgx.dll
21:09:52.0782 4040 C:\Windows\System32\netcfgx.dll - ok
21:09:52.0782 4040 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
21:09:52.0782 4040 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
21:09:52.0782 4040 [ 624D0F5FF99428BB90A5B8A4123E918E ] C:\Windows\System32\schedsvc.dll
21:09:52.0782 4040 C:\Windows\System32\schedsvc.dll - ok
21:09:52.0797 4040 [ B7213E92B270761B88B313B62BA0E13B ] C:\Windows\System32\slwga.dll
21:09:52.0797 4040 C:\Windows\System32\slwga.dll - ok
21:09:52.0797 4040 [ 64856DFE10FC7B429E6999380BC3BB62 ] C:\Windows\System32\sppc.dll
21:09:52.0797 4040 C:\Windows\System32\sppc.dll - ok
21:09:52.0797 4040 [ 58A0C212ED2ABE462B3A9626F5B96261 ] C:\Windows\System32\d3d10_1.dll
21:09:52.0797 4040 C:\Windows\System32\d3d10_1.dll - ok
21:09:52.0797 4040 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
21:09:52.0797 4040 C:\Windows\System32\ktmw32.dll - ok
21:09:52.0813 4040 [ AFBBC34687FA48A4928B99AF097C1EC0 ] C:\Windows\System32\d3d10_1core.dll
21:09:52.0813 4040 C:\Windows\System32\d3d10_1core.dll - ok
21:09:52.0813 4040 [ D95DB5C915C001F78709C17285109BDC ] C:\Windows\System32\dxgi.dll
21:09:52.0813 4040 C:\Windows\System32\dxgi.dll - ok
21:09:52.0813 4040 [ 4F88DC5A733A8E541DAD45D26380F884 ] C:\Windows\System32\aticfx64.dll
21:09:52.0813 4040 C:\Windows\System32\aticfx64.dll - ok
21:09:52.0813 4040 [ 0862495E0C825893DB75EF44FAEA8E93 ] C:\Windows\explorer.exe
21:09:52.0813 4040 C:\Windows\explorer.exe - ok
21:09:52.0829 4040 [ 9DDFBB6786AECFA198856D0355ECC974 ] C:\Windows\System32\atiuxp64.dll
21:09:52.0829 4040 C:\Windows\System32\atiuxp64.dll - ok
21:09:52.0829 4040 [ 7AFB754022F62B7A0A8A3A9A4C275634 ] C:\Windows\System32\atidxx64.dll
21:09:52.0829 4040 C:\Windows\System32\atidxx64.dll - ok
21:09:52.0829 4040 [ 1B38A0F123FCF1546FACEAF1EFAFAA00 ] C:\Windows\System32\fveapi.dll
21:09:52.0829 4040 C:\Windows\System32\fveapi.dll - ok
21:09:52.0829 4040 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
21:09:52.0829 4040 C:\Windows\System32\fvecerts.dll - ok
21:09:52.0844 4040 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
21:09:52.0844 4040 C:\Windows\System32\tbs.dll - ok
21:09:52.0844 4040 [ 1B547066D0A6CD40EB3BAAC6A9C7E7A9 ] C:\Windows\System32\taskcomp.dll
21:09:52.0844 4040 C:\Windows\System32\taskcomp.dll - ok
21:09:52.0844 4040 [ 1C27E145EC99F20BC1B13FD98165A83F ] C:\Windows\System32\ExplorerFrame.dll
21:09:52.0844 4040 C:\Windows\System32\ExplorerFrame.dll - ok
21:09:52.0844 4040 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] C:\Windows\System32\drivers\http.sys
21:09:52.0844 4040 C:\Windows\System32\drivers\http.sys - ok
21:09:52.0860 4040 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
21:09:52.0860 4040 C:\Windows\System32\uDWM.dll - ok
21:09:52.0860 4040 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
21:09:52.0860 4040 C:\Windows\System32\wiarpc.dll - ok
21:09:52.0860 4040 [ 567977DC43CC13C4C35ED7084C0B84D5 ] C:\Windows\System32\spoolsv.exe
21:09:52.0860 4040 C:\Windows\System32\spoolsv.exe - ok
21:09:52.0875 4040 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\Weeny\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
21:09:52.0875 4040 C:\Users\Weeny\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
21:09:52.0875 4040 [ 3EEFB971D61EF9638FD21F14C703CA11 ] C:\Windows\System32\taskhost.exe
21:09:52.0875 4040 C:\Windows\System32\taskhost.exe - ok
21:09:52.0875 4040 [ A74316B5C28D94AF0825267D8715549F ] C:\Windows\System32\dbghelp.dll
21:09:52.0875 4040 C:\Windows\System32\dbghelp.dll - ok
21:09:52.0875 4040 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
21:09:52.0875 4040 C:\Windows\System32\PlaySndSrv.dll - ok
21:09:52.0891 4040 [ 4992C609A6315671463E30F6512BC022 ] C:\Windows\System32\BFE.DLL
21:09:52.0891 4040 C:\Windows\System32\BFE.DLL - ok
21:09:52.0891 4040 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
21:09:52.0891 4040 C:\Windows\System32\MsCtfMonitor.dll - ok
21:09:52.0891 4040 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
21:09:52.0891 4040 C:\Windows\System32\msutb.dll - ok
21:09:52.0891 4040 [ 7F37322A489E285CFBCC02F6A53B3F1B ] C:\Windows\System32\HotStartUserAgent.dll
21:09:52.0891 4040 C:\Windows\System32\HotStartUserAgent.dll - ok
21:09:52.0907 4040 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
21:09:52.0907 4040 C:\Windows\System32\msvcp60.dll - ok
21:09:52.0907 4040 [ 19D20159708E152267E53B66677A4995 ] C:\Windows\System32\drivers\bowser.sys
21:09:52.0907 4040 C:\Windows\System32\drivers\bowser.sys - ok
21:09:52.0922 4040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
21:09:52.0922 4040 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:09:52.0922 4040 [ 040D62A9D8AD28922632137ACDD984F2 ] C:\Windows\System32\drivers\mrxsmb.sys
21:09:52.0922 4040 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:09:52.0922 4040 [ F0067552F8F9B33D7C59403AB808A3CB ] C:\Windows\System32\drivers\mrxsmb10.sys
21:09:52.0922 4040 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:09:52.0922 4040 [ 3C142D31DE9F2F193218A53FE2632051 ] C:\Windows\System32\drivers\mrxsmb20.sys
21:09:52.0922 4040 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:09:52.0938 4040 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
21:09:52.0938 4040 C:\Windows\System32\wfapigp.dll - ok
21:09:52.0938 4040 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] C:\Windows\System32\wkssvc.dll
21:09:52.0938 4040 C:\Windows\System32\wkssvc.dll - ok
21:09:52.0938 4040 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
21:09:52.0938 4040 C:\Windows\System32\EhStorShell.dll - ok
21:09:52.0938 4040 [ 961036B3C6282C646B9ADBC8BB32C983 ] C:\Windows\System32\mscms.dll
21:09:52.0938 4040 C:\Windows\System32\mscms.dll - ok
21:09:52.0953 4040 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
21:09:52.0953 4040 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
21:09:52.0953 4040 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
21:09:52.0953 4040 C:\Windows\System32\pcasvc.dll - ok
21:09:52.0953 4040 [ 86B2787F580D7CFB232F5BA0935E5F11 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
21:09:52.0953 4040 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
21:09:52.0953 4040 [ 5F917AEEEA363B8A5DC8624795CB1D60 ] C:\Windows\System32\ntshrui.dll
21:09:52.0953 4040 C:\Windows\System32\ntshrui.dll - ok
21:09:52.0969 4040 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
21:09:52.0969 4040 C:\Windows\System32\snmptrap.exe - ok
21:09:52.0969 4040 [ 37D44BFEA9B50D75764660ADC35C83AC ] C:\Windows\System32\msvcp100.dll
21:09:52.0969 4040 C:\Windows\System32\msvcp100.dll - ok
21:09:52.0969 4040 [ BFEBE1E4B301F44CEA7C1B4021BD0264 ] C:\Windows\System32\cscapi.dll
21:09:52.0969 4040 C:\Windows\System32\cscapi.dll - ok
21:09:52.0969 4040 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
21:09:52.0969 4040 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
21:09:52.0985 4040 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
21:09:52.0985 4040 C:\Windows\System32\IconCodecService.dll - ok
21:09:52.0985 4040 [ B88DA7FD10BDBB3754D98AFD39677C29 ] C:\Windows\System32\msvcr100.dll
21:09:52.0985 4040 C:\Windows\System32\msvcr100.dll - ok
21:09:52.0985 4040 [ 06A7422224D9865A5613710A089987DF ] C:\Windows\System32\provsvc.dll
21:09:52.0985 4040 C:\Windows\System32\provsvc.dll - ok
21:09:52.0985 4040 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys
21:09:52.0985 4040 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys - ok
21:09:53.0000 4040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
21:09:53.0000 4040 C:\Windows\System32\sstpsvc.dll - ok
21:09:53.0000 4040 [ 46C9203F426F5EA8524794E591152283 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
21:09:53.0000 4040 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
21:09:53.0000 4040 [ E2DEA77BAAAED15CA1CE0C8E017C7F2F ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
21:09:53.0000 4040 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
21:09:53.0000 4040 [ EFFB8EC0A41B0E74AD1555248F5EB0D6 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcp80.dll
21:09:53.0000 4040 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcp80.dll - ok
21:09:53.0016 4040 [ 7B8F7848D3C65DD9589A4898CFF3757D ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcr80.dll
21:09:53.0016 4040 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcr80.dll - ok
21:09:53.0016 4040 [ 9C963A14F955AF99F6DF0C1F5FC5AF9B ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
21:09:53.0016 4040 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
21:09:53.0031 4040 [ F10C3F2E002100BF8B797DCF283FEA7D ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:09:53.0031 4040 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe - ok
21:09:53.0031 4040 [ BAF19B633933A9FB4883D27D66C39E9A ] C:\Windows\System32\cryptsvc.dll
21:09:53.0031 4040 C:\Windows\System32\cryptsvc.dll - ok
21:09:53.0047 4040 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] C:\Windows\System32\dps.dll
21:09:53.0047 4040 C:\Windows\System32\dps.dll - ok
21:09:53.0047 4040 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
21:09:53.0047 4040 C:\Windows\System32\FDResPub.dll - ok
21:09:53.0047 4040 [ 05FE4A30177E858B51F5E1E970FE9925 ] C:\Windows\System32\WSDApi.dll
21:09:53.0047 4040 C:\Windows\System32\WSDApi.dll - ok
21:09:53.0047 4040 [ DC57BAF15064ECB79F6D2CCF352E1D88 ] C:\Windows\System32\taskschd.dll
21:09:53.0047 4040 C:\Windows\System32\taskschd.dll - ok
21:09:53.0063 4040 [ 4FAC55936209B4F3EB78532181C9ED5E ] C:\Windows\System32\cryptnet.dll
21:09:53.0063 4040 C:\Windows\System32\cryptnet.dll - ok
21:09:53.0063 4040 [ A3EA403D2B74C5F71B7E8B3DAE92DE1E ] C:\Windows\System32\webservices.dll
21:09:53.0063 4040 C:\Windows\System32\webservices.dll - ok
21:09:53.0063 4040 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
21:09:53.0063 4040 C:\Windows\System32\fundisc.dll - ok
21:09:53.0063 4040 [ A261AD1FDC6D6A658A82B81AF81B215F ] C:\Windows\System32\vssapi.dll
21:09:53.0063 4040 C:\Windows\System32\vssapi.dll - ok
21:09:53.0078 4040 [ 0DCF16B1449811EFA47AB52CAC84093C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:09:53.0078 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
21:09:53.0078 4040 [ DB6DD54A93522CA3572D04B56C5DB890 ] C:\Windows\SysWOW64\ntdll.dll
21:09:53.0078 4040 C:\Windows\SysWOW64\ntdll.dll - ok
21:09:53.0078 4040 [ C823A6F302D12FFE5DA305041F5213C7 ] C:\Windows\System32\wow64.dll
21:09:53.0078 4040 C:\Windows\System32\wow64.dll - ok
21:09:53.0078 4040 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
21:09:53.0078 4040 C:\Windows\System32\vsstrace.dll - ok
21:09:53.0094 4040 [ CA6CEE750AFE37BF90044774B7FE8DAD ] C:\Windows\System32\wow64win.dll
21:09:53.0094 4040 C:\Windows\System32\wow64win.dll - ok
21:09:53.0094 4040 [ 4E89D6A7571545F09F1234E7F6618099 ] C:\Windows\System32\wow64cpu.dll
21:09:53.0094 4040 C:\Windows\System32\wow64cpu.dll - ok
21:09:53.0094 4040 [ 0BF0C2A72F2CB0BA4382C392D3E331AF ] C:\Windows\System32\winhttp.dll
21:09:53.0094 4040 C:\Windows\System32\winhttp.dll - ok
21:09:53.0094 4040 [ 2196CDBFA4B99BEEDAE300FA21DFE718 ] C:\Windows\System32\webio.dll
21:09:53.0094 4040 C:\Windows\System32\webio.dll - ok
21:09:53.0109 4040 [ 33616DACC75C9E105DAE944120DB4274 ] C:\Windows\SysWOW64\kernel32.dll
21:09:53.0109 4040 C:\Windows\SysWOW64\kernel32.dll - ok
21:09:53.0109 4040 [ 923BB61D913C37EAB1570F236CCDCE41 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
21:09:53.0109 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
21:09:53.0109 4040 [ 4509387963DF66A6401752A0C631F6E8 ] C:\Windows\System32\httpapi.dll
21:09:53.0109 4040 C:\Windows\System32\httpapi.dll - ok
21:09:53.0109 4040 [ 0223642C49CF1B7BBF0B2CCC6FEA707C ] C:\Windows\SysWOW64\KernelBase.dll
21:09:53.0109 4040 C:\Windows\SysWOW64\KernelBase.dll - ok
21:09:53.0125 4040 [ F037DB14CF6165C62F4A64D12A25B07C ] C:\Windows\SysWOW64\shlwapi.dll
21:09:53.0125 4040 C:\Windows\SysWOW64\shlwapi.dll - ok
21:09:53.0125 4040 [ FBE1E0B9EF53B5BB7C36763AA6A685CF ] C:\Windows\SysWOW64\gdi32.dll
21:09:53.0125 4040 C:\Windows\SysWOW64\gdi32.dll - ok
21:09:53.0125 4040 [ E8B0FFC209E504CB7E79FC24E6C085F0 ] C:\Windows\SysWOW64\user32.dll
21:09:53.0125 4040 C:\Windows\SysWOW64\user32.dll - ok
21:09:53.0125 4040 [ AD474D48CC9F32213F5DC395761031F6 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
21:09:53.0125 4040 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe - ok
21:09:53.0141 4040 [ 26A634B2E0FD87F23541AD13A503CA72 ] C:\Windows\SysWOW64\winmm.dll
21:09:53.0141 4040 C:\Windows\SysWOW64\winmm.dll - ok
21:09:53.0141 4040 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
21:09:53.0141 4040 C:\Windows\SysWOW64\lpk.dll - ok
21:09:53.0141 4040 [ F8A61B2E713309B4616D107919BDAB6E ] C:\Windows\SysWOW64\msvcrt.dll
21:09:53.0141 4040 C:\Windows\SysWOW64\msvcrt.dll - ok
21:09:53.0141 4040 [ 0C65FA8214D6F8378D1D3BA1CA46AF0A ] C:\Windows\SysWOW64\advapi32.dll
21:09:53.0141 4040 C:\Windows\SysWOW64\advapi32.dll - ok
21:09:53.0156 4040 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
21:09:53.0156 4040 C:\Windows\SysWOW64\sechost.dll - ok
21:09:53.0156 4040 [ 90385551B6B3793E949DF310A11D64E7 ] C:\Windows\SysWOW64\rpcrt4.dll
21:09:53.0156 4040 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:09:53.0156 4040 [ 0BA19F3198C40AC4E8CC66EE02EDA6C6 ] C:\Windows\SysWOW64\usp10.dll
21:09:53.0156 4040 C:\Windows\SysWOW64\usp10.dll - ok
21:09:53.0156 4040 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
21:09:53.0156 4040 C:\Windows\SysWOW64\cryptbase.dll - ok
21:09:53.0172 4040 [ 351F62085F1D007533B4BB159C9EFDE3 ] C:\Windows\SysWOW64\sspicli.dll
21:09:53.0172 4040 C:\Windows\SysWOW64\sspicli.dll - ok
21:09:53.0172 4040 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
21:09:53.0172 4040 C:\Windows\SysWOW64\msimg32.dll - ok
21:09:53.0172 4040 [ 6CC10D9FD128069DBFE476222F097616 ] C:\Windows\SysWOW64\secur32.dll
21:09:53.0172 4040 C:\Windows\SysWOW64\secur32.dll - ok
21:09:53.0172 4040 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
21:09:53.0172 4040 C:\Windows\System32\rasadhlp.dll - ok
21:09:53.0187 4040 [ A223CF703E28CBD7E9E7982141FA403C ] C:\Windows\SysWOW64\comdlg32.dll
21:09:53.0187 4040 C:\Windows\SysWOW64\comdlg32.dll - ok
21:09:53.0187 4040 [ 2CBC35E872BA9B46474890135B56DD66 ] C:\Windows\SysWOW64\shell32.dll
21:09:53.0187 4040 C:\Windows\SysWOW64\shell32.dll - ok
21:09:53.0187 4040 [ 4B8DD8541C0E26602005DD0137333615 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
21:09:53.0187 4040 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll - ok
21:09:53.0187 4040 [ 637982A421D0133DCEAA0D1490D1DC9C ] C:\Windows\System32\netsh.exe
21:09:53.0187 4040 C:\Windows\System32\netsh.exe - ok
21:09:53.0203 4040 [ 40E1F127557EFC86882581C55108D4AE ] C:\Windows\System32\rasmontr.dll
21:09:53.0203 4040 C:\Windows\System32\rasmontr.dll - ok
21:09:53.0203 4040 [ 114429A77D935053E13A9BF98A8B8CA1 ] C:\Windows\System32\mprapi.dll
21:09:53.0203 4040 C:\Windows\System32\mprapi.dll - ok
21:09:53.0203 4040 [ 0ABCA5A037A8B4D744991544B286D847 ] C:\Windows\System32\mfc42u.dll
21:09:53.0203 4040 C:\Windows\System32\mfc42u.dll - ok
21:09:53.0203 4040 [ DFF4993094A11275601E7ADBF1D1BD25 ] C:\Windows\System32\odbc32.dll
21:09:53.0203 4040 C:\Windows\System32\odbc32.dll - ok
21:09:53.0219 4040 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
21:09:53.0219 4040 C:\Windows\System32\odbcint.dll - ok
21:09:53.0219 4040 [ 47F29A09E01B5D01866E2061FCFF766F ] C:\Windows\System32\nshwfp.dll
21:09:53.0219 4040 C:\Windows\System32\nshwfp.dll - ok
21:09:53.0219 4040 [ FA753FAB0B93E3427C1EB722E876501E ] C:\Windows\System32\dhcpcmonitor.dll
21:09:53.0219 4040 C:\Windows\System32\dhcpcmonitor.dll - ok
21:09:53.0219 4040 [ CB06D9EDB2A0C225C25A3B33BEDF4DD7 ] C:\Windows\System32\DHCPQEC.DLL
21:09:53.0219 4040 C:\Windows\System32\DHCPQEC.DLL - ok
21:09:53.0234 4040 [ BD03C64C4B1F34D1F330BF6C4AC8113D ] C:\Windows\System32\QUTIL.DLL
21:09:53.0234 4040 C:\Windows\System32\QUTIL.DLL - ok
21:09:53.0234 4040 [ EFFA3C1731775272F074F3FF257020FC ] C:\Windows\System32\fwcfg.dll
21:09:53.0234 4040 C:\Windows\System32\fwcfg.dll - ok
21:09:53.0234 4040 [ FA4D595B2C5B2E54E8A49A82CFFAB155 ] C:\Windows\System32\nshhttp.dll
21:09:53.0234 4040 C:\Windows\System32\nshhttp.dll - ok
21:09:53.0234 4040 [ 8396C6C26AADDFE4590CCEF0F419B6B7 ] C:\Windows\System32\ws2help.dll
21:09:53.0234 4040 C:\Windows\System32\ws2help.dll - ok
21:09:53.0250 4040 [ D314DA4B0B8DCD023D547FC568E34FB6 ] C:\Windows\System32\wshelper.dll
21:09:53.0250 4040 C:\Windows\System32\wshelper.dll - ok
21:09:53.0250 4040 [ 55F1C5EFF3D81EE93B0691FFC610BCF2 ] C:\Windows\System32\authfwcfg.dll
21:09:53.0250 4040 C:\Windows\System32\authfwcfg.dll - ok
21:09:53.0250 4040 [ 2553AF518536B2E365A814730EB93E0A ] C:\Windows\System32\ifmon.dll
21:09:53.0250 4040 C:\Windows\System32\ifmon.dll - ok
21:09:53.0250 4040 [ FA4C81DC1E0B5D5F0BD5CB1C78659CAA ] C:\Windows\System32\winipsec.dll
21:09:53.0250 4040 C:\Windows\System32\winipsec.dll - ok
21:09:53.0265 4040 [ AEBDB652D9273AD61E10C5D8F51C86FB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
21:09:53.0265 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
21:09:53.0265 4040 [ 6E03C9E362389A768E6C240933352D11 ] C:\Windows\System32\nci.dll
21:09:53.0265 4040 C:\Windows\System32\nci.dll - ok
21:09:53.0265 4040 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
21:09:53.0265 4040 C:\Windows\SysWOW64\version.dll - ok
21:09:53.0265 4040 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
21:09:53.0265 4040 C:\Windows\SysWOW64\oledlg.dll - ok
21:09:53.0265 4040 [ 61E02CC3184B63FAFE0B83EAC8B3B8EF ] C:\Windows\SysWOW64\winspool.drv
21:09:53.0265 4040 C:\Windows\SysWOW64\winspool.drv - ok
21:09:53.0281 4040 [ E2C2D8C982316C8ABF800C6CE3F28FAB ] C:\Windows\SysWOW64\ole32.dll
21:09:53.0281 4040 C:\Windows\SysWOW64\ole32.dll - ok
21:09:53.0281 4040 [ A1A60A4C035535373F9FECCD6227E362 ] C:\Windows\System32\netiohlp.dll
21:09:53.0281 4040 C:\Windows\System32\netiohlp.dll - ok
21:09:53.0281 4040 [ 7DA089C75B1E92032D0CBE4ADE7C32BC ] C:\Windows\SysWOW64\crypt32.dll
21:09:53.0281 4040 C:\Windows\SysWOW64\crypt32.dll - ok
21:09:53.0281 4040 [ 840B884B2071186C0D354F3A7F4E4D56 ] C:\Windows\System32\hnetmon.dll
21:09:53.0281 4040 C:\Windows\System32\hnetmon.dll - ok
21:09:53.0297 4040 [ 110A8C1EA034CE155CC99F083B2415CA ] C:\Windows\System32\whhelper.dll
21:09:53.0297 4040 C:\Windows\System32\whhelper.dll - ok
21:09:53.0297 4040 [ 4C04900AA8C323F5D4C316A89E976849 ] C:\Windows\SysWOW64\msasn1.dll
21:09:53.0297 4040 C:\Windows\SysWOW64\msasn1.dll - ok
21:09:53.0297 4040 [ 6095266CAAF5E75F394CFD4844CC4C25 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:09:53.0297 4040 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:09:53.0297 4040 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
21:09:53.0297 4040 C:\Windows\SysWOW64\nsi.dll - ok
21:09:53.0312 4040 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
21:09:53.0312 4040 C:\Windows\SysWOW64\winnsi.dll - ok
21:09:53.0312 4040 [ 66920354B984D4A3848A84B4E66745EA ] C:\Windows\System32\netshell.dll
21:09:53.0312 4040 C:\Windows\System32\netshell.dll - ok
21:09:53.0312 4040 [ 705C210EFC5564BE49EB026BD7AFF27A ] C:\Windows\SysWOW64\oleaut32.dll
21:09:53.0312 4040 C:\Windows\SysWOW64\oleaut32.dll - ok
21:09:53.0312 4040 [ DAAE8A9B8C0ACC7F858454132553C30D ] C:\Windows\SysWOW64\ws2_32.dll
21:09:53.0312 4040 C:\Windows\SysWOW64\ws2_32.dll - ok
21:09:53.0328 4040 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
21:09:53.0328 4040 C:\Windows\SysWOW64\profapi.dll - ok
21:09:53.0328 4040 [ 9C0DC1DAAD14D443DD5A0D1EE78D775E ] C:\Windows\SysWOW64\userenv.dll
21:09:53.0328 4040 C:\Windows\SysWOW64\userenv.dll - ok
21:09:53.0328 4040 [ E30E5BB0DBA49EFE5BBBAFEA440CFBD9 ] C:\Windows\SysWOW64\wtsapi32.dll
21:09:53.0328 4040 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:09:53.0328 4040 [ 0DE3069D6E09BA262856EF31C941BEFE ] C:\Windows\SysWOW64\imm32.dll
21:09:53.0328 4040 C:\Windows\SysWOW64\imm32.dll - ok
21:09:53.0328 4040 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
21:09:53.0328 4040 C:\Windows\SysWOW64\msctf.dll - ok
21:09:53.0343 4040 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:09:53.0343 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
21:09:53.0343 4040 [ 18AAD5A845EEC8A0555582ED6A8B061F ] C:\Windows\System32\rpcnsh.dll
21:09:53.0343 4040 C:\Windows\System32\rpcnsh.dll - ok
21:09:53.0343 4040 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
21:09:53.0343 4040 C:\Windows\System32\winmm.dll - ok
21:09:53.0343 4040 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
21:09:53.0343 4040 C:\Windows\SysWOW64\uxtheme.dll - ok
21:09:53.0359 4040 [ A8BC80D5BD5D32B29834335FB5831203 ] C:\Windows\System32\dot3cfg.dll
21:09:53.0359 4040 C:\Windows\System32\dot3cfg.dll - ok
21:09:53.0359 4040 [ 6EC594AB7EFA45EACDE65FD4040F53D9 ] C:\Windows\SysWOW64\riched20.dll
21:09:53.0359 4040 C:\Windows\SysWOW64\riched20.dll - ok
21:09:53.0359 4040 [ BB68579E181956E37EB11F9083C01CF3 ] C:\Windows\System32\dot3api.dll
21:09:53.0359 4040 C:\Windows\System32\dot3api.dll - ok
21:09:53.0359 4040 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
21:09:53.0359 4040 C:\Windows\SysWOW64\cryptsp.dll - ok
21:09:53.0375 4040 [ A68E038D88A255B24F78AE47B944C7AF ] C:\Windows\System32\NAPMONTR.DLL
21:09:53.0375 4040 C:\Windows\System32\NAPMONTR.DLL - ok
21:09:53.0375 4040 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
21:09:53.0375 4040 C:\Windows\SysWOW64\rsaenh.dll - ok
21:09:53.0375 4040 [ 420E9BF21339F51B31DF4194D5A0E12E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
21:09:53.0375 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
21:09:53.0375 4040 [ AAA6D0DF7356BBA706BD67385A103AAB ] C:\Windows\System32\certcli.dll
21:09:53.0375 4040 C:\Windows\System32\certcli.dll - ok
21:09:53.0390 4040 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
21:09:53.0390 4040 C:\Windows\SysWOW64\mpr.dll - ok
21:09:53.0390 4040 [ 2AE53CA58B2921C2CA0C636B400D1835 ] C:\Windows\System32\nshipsec.dll
21:09:53.0390 4040 C:\Windows\System32\nshipsec.dll - ok
21:09:53.0390 4040 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
21:09:53.0390 4040 C:\Windows\SysWOW64\psapi.dll - ok
21:09:53.0390 4040 [ 334A663962618F7A136FA1F80F773C5F ] C:\Windows\SysWOW64\wintrust.dll
21:09:53.0390 4040 C:\Windows\SysWOW64\wintrust.dll - ok
21:09:53.0406 4040 [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
21:09:53.0406 4040 C:\Windows\System32\activeds.dll - ok
21:09:53.0406 4040 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
21:09:53.0406 4040 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
21:09:53.0406 4040 [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
21:09:53.0406 4040 C:\Windows\System32\adsldpc.dll - ok
21:09:53.0406 4040 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
21:09:53.0406 4040 C:\Windows\System32\aepic.dll - ok
21:09:53.0421 4040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
21:09:53.0421 4040 C:\Windows\System32\drivers\PEAuth.sys - ok
21:09:53.0421 4040 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] C:\Windows\System32\nlasvc.dll
21:09:53.0421 4040 C:\Windows\System32\nlasvc.dll - ok
21:09:53.0421 4040 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
21:09:53.0421 4040 C:\Windows\System32\sfc.dll - ok
21:09:53.0421 4040 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
21:09:53.0421 4040 C:\Windows\System32\sfc_os.dll - ok
21:09:53.0437 4040 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] C:\Windows\SysWOW64\PnkBstrA.exe
21:09:53.0437 4040 C:\Windows\SysWOW64\PnkBstrA.exe - ok
21:09:53.0437 4040 [ 107F279517E2A04DB4AC1B1FAF1D573B ] C:\Windows\System32\ncsi.dll
21:09:53.0437 4040 C:\Windows\System32\ncsi.dll - ok
21:09:53.0437 4040 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
21:09:53.0437 4040 C:\Windows\System32\ssdpapi.dll - ok
21:09:53.0437 4040 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
21:09:53.0437 4040 C:\Windows\SysWOW64\ntmarta.dll - ok
21:09:53.0437 4040 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
21:09:53.0437 4040 C:\Windows\SysWOW64\wsock32.dll - ok
21:09:53.0453 4040 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
21:09:53.0453 4040 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
21:09:53.0453 4040 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:09:53.0453 4040 C:\Windows\System32\drivers\secdrv.sys - ok
21:09:53.0453 4040 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
21:09:53.0453 4040 C:\Windows\System32\polstore.dll - ok
21:09:53.0453 4040 [ BFA70A99AD1434263F2DFBBA103BDEF8 ] C:\Windows\SysWOW64\Wldap32.dll
21:09:53.0453 4040 C:\Windows\SysWOW64\Wldap32.dll - ok
21:09:53.0468 4040 [ AE5FF948400A51B040F999BF04290373 ] C:\Windows\SysWOW64\winsta.dll
21:09:53.0468 4040 C:\Windows\SysWOW64\winsta.dll - ok
21:09:53.0468 4040 [ E0D2F6BF46E6053193FAA3E294D657FF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
21:09:53.0468 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
21:09:53.0468 4040 [ C02E3CE20E7776C922B5C8938350B5F1 ] C:\Windows\SysWOW64\apphelp.dll
21:09:53.0468 4040 C:\Windows\SysWOW64\apphelp.dll - ok
21:09:53.0468 4040 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
21:09:53.0468 4040 C:\Windows\SysWOW64\clbcatq.dll - ok
21:09:53.0484 4040 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] C:\Windows\System32\drivers\srvnet.sys
21:09:53.0484 4040 C:\Windows\System32\drivers\srvnet.sys - ok
21:09:53.0484 4040 [ 6C0BD9D59C7E97DEE2FB3407D17BF697 ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:09:53.0484 4040 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:09:53.0484 4040 [ 3C1284516A62078FB68F768DE4F1A7BE ] C:\Windows\System32\sysmain.dll
21:09:53.0484 4040 C:\Windows\System32\sysmain.dll - ok
21:09:53.0484 4040 [ 76D078AF6F587B162D50210F761EB9ED ] C:\Windows\System32\drivers\tcpipreg.sys
21:09:53.0484 4040 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:09:53.0499 4040 [ 11A41F17527ED75D6B758FDD7F4FD00D ] C:\Windows\SysWOW64\mswsock.dll
21:09:53.0499 4040 C:\Windows\SysWOW64\mswsock.dll - ok
21:09:53.0499 4040 [ 6D672FE62DF8B2A6626F128C1ABAB4F8 ] C:\Windows\System32\nettrace.dll
21:09:53.0499 4040 C:\Windows\System32\nettrace.dll - ok
21:09:53.0499 4040 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:09:53.0499 4040 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:09:53.0515 4040 [ 18D4729031314F8C217CDFCC599EF4E4 ] C:\Windows\System32\ndfapi.dll
21:09:53.0515 4040 C:\Windows\System32\ndfapi.dll - ok
21:09:53.0531 4040 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
21:09:53.0531 4040 C:\Windows\System32\wdi.dll - ok
21:09:53.0531 4040 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
21:09:53.0531 4040 C:\Windows\System32\tdh.dll - ok
21:09:53.0531 4040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
21:09:53.0531 4040 C:\Windows\System32\trkwks.dll - ok
21:09:53.0531 4040 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
21:09:53.0531 4040 C:\Windows\SysWOW64\dwmapi.dll - ok
21:09:53.0546 4040 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] C:\Windows\System32\drivers\srv2.sys
21:09:53.0546 4040 C:\Windows\System32\drivers\srv2.sys - ok
21:09:53.0546 4040 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
21:09:53.0546 4040 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:09:53.0546 4040 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] C:\Windows\System32\drivers\srv.sys
21:09:53.0546 4040 C:\Windows\System32\drivers\srv.sys - ok
21:09:53.0546 4040 [ FAF9BA81FB0543CB4B7EFFD24CFA815F ] C:\Windows\System32\wbemcomn.dll
21:09:53.0546 4040 C:\Windows\System32\wbemcomn.dll - ok
21:09:53.0562 4040 [ DB991B869472AF2A3BB97460BBA59AA3 ] C:\Windows\System32\WcnNetsh.dll
21:09:53.0562 4040 C:\Windows\System32\WcnNetsh.dll - ok
21:09:53.0562 4040 [ 81F1D04D4D0E433099365127375FD501 ] C:\Windows\System32\srvsvc.dll
21:09:53.0562 4040 C:\Windows\System32\srvsvc.dll - ok
21:09:53.0562 4040 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
21:09:53.0562 4040 C:\Windows\System32\wlanapi.dll - ok
21:09:53.0577 4040 [ 6B054C67AAA87843504E8E3C09102009 ] C:\Windows\System32\browser.dll
21:09:53.0577 4040 C:\Windows\System32\browser.dll - ok
21:09:53.0577 4040 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
21:09:53.0577 4040 C:\Windows\System32\netmsg.dll - ok
21:09:53.0593 4040 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
21:09:53.0593 4040 C:\Windows\System32\P2P.dll - ok
21:09:53.0593 4040 [ 01A9E95A520247E110AFBDF2ACBC6AE8 ] C:\Windows\System32\p2pnetsh.dll
21:09:53.0593 4040 C:\Windows\System32\p2pnetsh.dll - ok
21:09:53.0609 4040 [ F8E058D17363EC580E4B7232778B6CB5 ] C:\Windows\System32\iphlpsvc.dll
21:09:53.0609 4040 C:\Windows\System32\iphlpsvc.dll - ok
21:09:53.0609 4040 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
21:09:53.0609 4040 C:\Windows\System32\wbem\fastprox.dll - ok
21:09:53.0624 4040 [ A7582A70802D5B9F28ED3940F6A3E9ED ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:09:53.0624 4040 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:09:53.0655 4040 [ DFE67CB5060D6B4E950646ABDBB0C9C4 ] C:\Windows\System32\wlancfg.dll
21:09:53.0655 4040 C:\Windows\System32\wlancfg.dll - ok
21:09:53.0671 4040 [ D63A0FF194BF6BEC0E2776B550B3691B ] C:\Windows\System32\wwancfg.dll
21:09:53.0671 4040 C:\Windows\System32\wwancfg.dll - ok
21:09:53.0671 4040 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
21:09:53.0671 4040 C:\Windows\System32\wwapi.dll - ok
21:09:53.0687 4040 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
21:09:53.0687 4040 C:\Windows\System32\ntdsapi.dll - ok
21:09:53.0687 4040 [ 48A6CA43A5C921C465F70D9B42B3EF1A ] C:\Windows\System32\sqmapi.dll
21:09:53.0687 4040 C:\Windows\System32\sqmapi.dll - ok
21:09:53.0687 4040 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
21:09:53.0687 4040 C:\Windows\System32\wlanhlp.dll - ok
21:09:53.0702 4040 [ 0B9F7D42D745038437FAE70D97F9AD5A ] C:\Windows\System32\QAGENT.DLL
21:09:53.0702 4040 C:\Windows\System32\QAGENT.DLL - ok
21:09:53.0702 4040 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
21:09:53.0702 4040 C:\Windows\System32\wdscore.dll - ok
21:09:53.0702 4040 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
21:09:53.0702 4040 C:\Windows\System32\wbem\wbemprox.dll - ok
21:09:53.0718 4040 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
21:09:53.0718 4040 C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:09:53.0718 4040 [ 836892094209E5D9CF403B4CF2829B5C ] C:\Windows\System32\sscore.dll
21:09:53.0718 4040 C:\Windows\System32\sscore.dll - ok
21:09:53.0718 4040 [ 4EAE37133B78A26A84EA1649D9B21A1E ] C:\Windows\System32\clusapi.dll
21:09:53.0718 4040 C:\Windows\System32\clusapi.dll - ok
21:09:53.0733 4040 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
21:09:53.0733 4040 C:\Windows\System32\hnetcfg.dll - ok
21:09:53.0733 4040 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
21:09:53.0733 4040 C:\Windows\System32\resutils.dll - ok
21:09:53.0733 4040 [ 3B9665D4B8C587A6014B9B8DFF5974A0 ] C:\Windows\System32\wbem\wbemcore.dll
21:09:53.0733 4040 C:\Windows\System32\wbem\wbemcore.dll - ok
21:09:53.0749 4040 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
21:09:53.0749 4040 C:\Windows\System32\wbem\esscli.dll - ok
21:09:53.0749 4040 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
21:09:53.0749 4040 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:09:53.0749 4040 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
21:09:53.0749 4040 C:\Windows\System32\wbem\wmiutils.dll - ok
21:09:53.0749 4040 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
21:09:53.0749 4040 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:09:53.0749 4040 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
21:09:53.0765 4040 C:\Windows\System32\ncobjapi.dll - ok
21:09:53.0765 4040 [ 82BC97E5793DEF69691AAD5AB953A200 ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:09:53.0765 4040 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:09:53.0765 4040 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
21:09:53.0765 4040 C:\Windows\System32\wbem\wbemess.dll - ok
21:09:53.0765 4040 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
21:09:53.0765 4040 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
21:09:53.0765 4040 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
21:09:53.0765 4040 C:\Windows\System32\perftrack.dll - ok
21:09:53.0780 4040 [ 518D71FB636A68AD95A53849EB3EE7DD ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
21:09:53.0780 4040 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
21:09:53.0780 4040 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
21:09:53.0780 4040 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
21:09:53.0780 4040 [ D065BE66822847B7F127D1F90158376E ] C:\Windows\System32\appinfo.dll
21:09:53.0780 4040 C:\Windows\System32\appinfo.dll - ok
21:09:53.0780 4040 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
21:09:53.0780 4040 C:\Windows\System32\wer.dll - ok
21:09:53.0796 4040 [ D891293880F2F00AB7BA959910300EF7 ] C:\Windows\System32\diagperf.dll
21:09:53.0796 4040 C:\Windows\System32\diagperf.dll - ok
21:09:53.0796 4040 [ 2E57DDF2880A7E52E76F41C7E96D327B ] C:\Windows\System32\wpdbusenum.dll
21:09:53.0796 4040 C:\Windows\System32\wpdbusenum.dll - ok
21:09:53.0796 4040 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
21:09:53.0796 4040 C:\Windows\System32\ndiscapCfg.dll - ok
21:09:53.0796 4040 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
21:09:53.0796 4040 C:\Windows\System32\npmproxy.dll - ok
21:09:53.0811 4040 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
21:09:53.0811 4040 C:\Windows\System32\mprmsg.dll - ok
21:09:53.0811 4040 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
21:09:53.0811 4040 C:\Windows\System32\pnpts.dll - ok
21:09:53.0811 4040 [ 5DA7D8934F7AB0884A6A8FC02E8B2AA7 ] C:\Windows\System32\PortableDeviceApi.dll
21:09:53.0811 4040 C:\Windows\System32\PortableDeviceApi.dll - ok
21:09:53.0811 4040 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
21:09:53.0811 4040 C:\Windows\System32\radardt.dll - ok
21:09:53.0827 4040 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
21:09:53.0827 4040 C:\Windows\System32\rascfg.dll - ok
21:09:53.0827 4040 [ 1FCD619D8542A248D4E1FF72FFB0E56B ] C:\Windows\System32\tcpipcfg.dll
21:09:53.0827 4040 C:\Windows\System32\tcpipcfg.dll - ok
21:09:53.0827 4040 [ 65AF044B5570D355124DCD1E099AA98F ] C:\Windows\System32\wdiasqmmodule.dll
21:09:53.0827 4040 C:\Windows\System32\wdiasqmmodule.dll - ok
21:09:53.0827 4040 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
21:09:53.0827 4040 C:\Windows\System32\aeevts.dll - ok
21:09:53.0843 4040 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
21:09:53.0843 4040 C:\Windows\System32\Apphlpdm.dll - ok
21:09:53.0843 4040 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:09:53.0843 4040 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:09:53.0843 4040 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] C:\Windows\System32\drivers\WUDFRd.sys
21:09:53.0843 4040 C:\Windows\System32\drivers\WUDFRd.sys - ok
21:09:53.0843 4040 [ 95D498927F74ACA3593D653D42099915 ] C:\Windows\System32\WUDFHost.exe
21:09:53.0843 4040 C:\Windows\System32\WUDFHost.exe - ok
21:09:53.0858 4040 [ 518A0FD2A0E7BE84589659A948B1FBD6 ] C:\Windows\System32\WUDFx.dll
21:09:53.0858 4040 C:\Windows\System32\WUDFx.dll - ok
21:09:53.0858 4040 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
21:09:53.0858 4040 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
21:09:53.0858 4040 [ 9AA6F803C9BD4A0EC2B0BF1EB458C821 ] C:\Windows\System32\WMVCORE.DLL
21:09:53.0858 4040 C:\Windows\System32\WMVCORE.DLL - ok
21:09:53.0858 4040 [ 158117F3CF278F01C6F24E89E2141E81 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:09:53.0858 4040 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:09:53.0874 4040 [ 169F916EFEAA44487E65305B7D2D754B ] C:\Windows\SysWOW64\runonce.exe
21:09:53.0874 4040 C:\Windows\SysWOW64\runonce.exe - ok
21:09:53.0874 4040 [ 6AB6D4DF10EC784CF4A66CBFAF417A11 ] C:\Windows\System32\runonce.exe
21:09:53.0874 4040 C:\Windows\System32\runonce.exe - ok
21:09:53.0874 4040 [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B0440F3-FB3A-49F0-92AF-CAE84AC2ACBC}\gapaengine.dll
21:09:53.0874 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B0440F3-FB3A-49F0-92AF-CAE84AC2ACBC}\gapaengine.dll - ok
21:09:53.0889 4040 [ BB3A49A23E53107D692F0D736473CEFE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B0440F3-FB3A-49F0-92AF-CAE84AC2ACBC}\nisfull.vdm
21:09:53.0889 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B0440F3-FB3A-49F0-92AF-CAE84AC2ACBC}\nisfull.vdm - ok
21:09:53.0889 4040 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
21:09:53.0889 4040 C:\Windows\SysWOW64\dimsjob.dll - ok
21:09:53.0889 4040 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
21:09:53.0889 4040 C:\Windows\SysWOW64\WMASF.DLL - ok
21:09:53.0889 4040 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
21:09:53.0889 4040 C:\Windows\System32\dimsjob.dll - ok
21:09:53.0905 4040 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
21:09:53.0905 4040 C:\Windows\System32\WMASF.DLL - ok
21:09:53.0905 4040 [ 3989BB6998C32753FDD5493879C1835A ] C:\Windows\SysWOW64\ncrypt.dll
21:09:53.0905 4040 C:\Windows\SysWOW64\ncrypt.dll - ok
21:09:53.0905 4040 [ 21012407E8C74AA72BBB485B0FC197FE ] C:\Windows\SysWOW64\taskschd.dll
21:09:53.0905 4040 C:\Windows\SysWOW64\taskschd.dll - ok
21:09:53.0905 4040 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
21:09:53.0905 4040 C:\Windows\SysWOW64\bcrypt.dll - ok
21:09:53.0921 4040 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:09:53.0921 4040 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:09:53.0921 4040 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
21:09:53.0921 4040 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok
21:09:53.0921 4040 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
21:09:53.0921 4040 C:\Windows\SysWOW64\netprofm.dll - ok
21:09:53.0921 4040 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
21:09:53.0921 4040 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
21:09:53.0921 4040 [ 045DB4EAB4FBD23210E85ECC3F464A2E ] C:\Windows\SysWOW64\nlaapi.dll
21:09:53.0921 4040 C:\Windows\SysWOW64\nlaapi.dll - ok
21:09:53.0936 4040 [ 41323AB614A2B66AD77B1121D24AC895 ] C:\Windows\SysWOW64\setupapi.dll
21:09:53.0936 4040 C:\Windows\SysWOW64\setupapi.dll - ok
21:09:53.0936 4040 [ 5DE691884C240227B733CC18BBFCA3D8 ] C:\Windows\SysWOW64\netapi32.dll
21:09:53.0936 4040 C:\Windows\SysWOW64\netapi32.dll - ok
21:09:53.0936 4040 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
21:09:53.0936 4040 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
21:09:53.0936 4040 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
21:09:53.0936 4040 C:\Windows\SysWOW64\npmproxy.dll - ok
21:09:53.0952 4040 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
21:09:53.0952 4040 C:\Windows\System32\pautoenr.dll - ok
21:09:53.0952 4040 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
21:09:53.0952 4040 C:\Windows\System32\PortableDeviceTypes.dll - ok
21:09:53.0952 4040 [ E702ED19C332C1F12C1403D100E2F4F3 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:09:53.0952 4040 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:09:53.0952 4040 [ C6BB27D9A8AC13D4A44486F528B5C884 ] C:\Windows\SysWOW64\netutils.dll
21:09:53.0952 4040 C:\Windows\SysWOW64\netutils.dll - ok
21:09:53.0967 4040 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
21:09:53.0967 4040 C:\Windows\SysWOW64\pautoenr.dll - ok
21:09:53.0967 4040 [ 6C9C05D5344B9AB80E9180FC859BC45A ] C:\Windows\SysWOW64\devobj.dll
21:09:53.0967 4040 C:\Windows\SysWOW64\devobj.dll - ok
21:09:53.0967 4040 [ CC9BBCFC715FBEDF7AE476106FE653E9 ] C:\Windows\SysWOW64\winhttp.dll
21:09:53.0967 4040 C:\Windows\SysWOW64\winhttp.dll - ok
21:09:53.0967 4040 [ 89D840773C9C4358A5031DCC860449EC ] C:\Windows\SysWOW64\srvcli.dll
21:09:53.0967 4040 C:\Windows\SysWOW64\srvcli.dll - ok
21:09:53.0983 4040 [ 26EAEE08CAF82AA7F03C5020F51DA541 ] C:\Windows\SysWOW64\propsys.dll
21:09:53.0983 4040 C:\Windows\SysWOW64\propsys.dll - ok
21:09:53.0983 4040 [ A86A1C5DF1C662D1C75815BF4794F16D ] C:\Windows\SysWOW64\webio.dll
21:09:53.0983 4040 C:\Windows\SysWOW64\webio.dll - ok
21:09:53.0983 4040 [ 0174C3636D001197F10A52DB8BBF960D ] C:\Windows\SysWOW64\certcli.dll
21:09:53.0983 4040 C:\Windows\SysWOW64\certcli.dll - ok
21:09:53.0983 4040 [ BF591B5C2CC38314518467E883AE37C5 ] C:\Windows\SysWOW64\credssp.dll
21:09:53.0983 4040 C:\Windows\SysWOW64\credssp.dll - ok
21:09:53.0983 4040 [ 7AD12703039056D2A0815F85960E1FA1 ] C:\Windows\SysWOW64\wkscli.dll
21:09:53.0983 4040 C:\Windows\SysWOW64\wkscli.dll - ok
21:09:53.0999 4040 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
21:09:53.0999 4040 C:\Windows\SysWOW64\atl.dll - ok
21:09:53.0999 4040 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
21:09:53.0999 4040 C:\Windows\SysWOW64\dsrole.dll - ok
21:09:53.0999 4040 [ 62390F4ACE9E2B63E3CA26B7F7497897 ] C:\Windows\SysWOW64\dnsapi.dll
21:09:53.0999 4040 C:\Windows\SysWOW64\dnsapi.dll - ok
21:09:53.0999 4040 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
21:09:53.0999 4040 C:\Windows\SysWOW64\urlmon.dll - ok
21:09:54.0014 4040 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
21:09:54.0014 4040 C:\Windows\SysWOW64\winrnr.dll - ok
21:09:54.0014 4040 [ 9D37CF187096B79ACD1C343F7C382352 ] C:\Windows\SysWOW64\CertEnroll.dll
21:09:54.0014 4040 C:\Windows\SysWOW64\CertEnroll.dll - ok
21:09:54.0014 4040 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
21:09:54.0014 4040 C:\Windows\System32\winrnr.dll - ok
21:09:54.0014 4040 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
21:09:54.0014 4040 C:\Windows\SysWOW64\iertutil.dll - ok
21:09:54.0014 4040 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
21:09:54.0014 4040 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:09:54.0030 4040 [ 522BD073F617060AFCB9CC5707778DB1 ] C:\Windows\System32\CertEnroll.dll
21:09:54.0030 4040 C:\Windows\System32\CertEnroll.dll - ok
21:09:54.0030 4040 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
21:09:54.0030 4040 C:\Windows\System32\NapiNSP.dll - ok
21:09:54.0030 4040 [ 4DBC81CEFE9DB36856880BFB3491C100 ] C:\Windows\SysWOW64\msxml6.dll
21:09:54.0030 4040 C:\Windows\SysWOW64\msxml6.dll - ok
21:09:54.0030 4040 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
21:09:54.0030 4040 C:\Windows\System32\pnrpnsp.dll - ok
21:09:54.0045 4040 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:09:54.0045 4040 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:09:54.0045 4040 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
21:09:54.0045 4040 C:\Windows\SysWOW64\wship6.dll - ok
21:09:54.0045 4040 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
21:09:54.0045 4040 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:09:54.0045 4040 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
21:09:54.0045 4040 C:\Windows\SysWOW64\wininet.dll - ok
21:09:54.0061 4040 [ 0C2AE180D8C35F723BA13A16AA9AC453 ] C:\Windows\SysWOW64\xmllite.dll
21:09:54.0061 4040 C:\Windows\SysWOW64\xmllite.dll - ok
21:09:54.0061 4040 [ 92B214B7E5436A3310A9138CE4A03D23 ] C:\Windows\SysWOW64\esent.dll
21:09:54.0061 4040 C:\Windows\SysWOW64\esent.dll - ok
21:09:54.0061 4040 [ 8AE6DD9A6D246004DA047F704F0CC487 ] C:\Windows\SysWOW64\cmd.exe
21:09:54.0061 4040 C:\Windows\SysWOW64\cmd.exe - ok
21:09:54.0061 4040 [ FE130D15D71AC16EFFDF1397F2AF1653 ] C:\Windows\System32\esent.dll
21:09:54.0061 4040 C:\Windows\System32\esent.dll - ok
21:09:54.0077 4040 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
21:09:54.0077 4040 C:\Windows\SysWOW64\winbrand.dll - ok
21:09:54.0077 4040 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
21:09:54.0077 4040 C:\Windows\SysWOW64\ieframe.dll - ok
21:09:54.0077 4040 [ 4D59A5B6EF0AF6F9FDF3D157534380AF ] C:\Windows\SysWOW64\oleacc.dll
21:09:54.0077 4040 C:\Windows\SysWOW64\oleacc.dll - ok
21:09:54.0077 4040 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:09:54.0077 4040 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:09:54.0092 4040 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:09:54.0092 4040 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:09:54.0092 4040 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
21:09:54.0092 4040 C:\Program Files\Windows Defender\MpClient.dll - ok
21:09:54.0092 4040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
21:09:54.0092 4040 C:\Windows\System32\aelupsvc.dll - ok
21:09:54.0092 4040 [ E07B77C3BDC82A024E294FB67ABFEDA0 ] C:\Windows\SysWOW64\shdocvw.dll
21:09:54.0092 4040 C:\Windows\SysWOW64\shdocvw.dll - ok
21:09:54.0108 4040 [ 5F610783FBF01F9885D80A1DB1A2F220 ] C:\Windows\SysWOW64\nci.dll
21:09:54.0108 4040 C:\Windows\SysWOW64\nci.dll - ok
21:09:54.0108 4040 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
21:09:54.0108 4040 C:\Windows\System32\wlaninst.dll - ok
21:09:54.0108 4040 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
21:09:54.0108 4040 C:\Windows\System32\wwaninst.dll - ok
21:09:54.0108 4040 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll
21:09:54.0108 4040 C:\Windows\SysWOW64\wlaninst.dll - ok
21:09:54.0123 4040 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
21:09:54.0123 4040 C:\Windows\SysWOW64\rundll32.exe - ok
21:09:54.0123 4040 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
21:09:54.0123 4040 C:\Windows\System32\rundll32.exe - ok
21:09:54.0123 4040 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
21:09:54.0123 4040 C:\Windows\SysWOW64\mprmsg.dll - ok
21:09:54.0123 4040 [ B6C4063297C7D07CD0532BDC3350436C ] C:\Windows\SysWOW64\actxprxy.dll
21:09:54.0123 4040 C:\Windows\SysWOW64\actxprxy.dll - ok
21:09:54.0123 4040 [ 1E4BDDBD5A63059A97063339B4F8986F ] C:\Windows\System32\actxprxy.dll
21:09:54.0123 4040 C:\Windows\System32\actxprxy.dll - ok
21:09:54.0139 4040 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
21:09:54.0139 4040 C:\Windows\SysWOW64\spfileq.dll - ok
21:09:54.0139 4040 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
21:09:54.0139 4040 C:\Windows\System32\spfileq.dll - ok
21:09:54.0139 4040 [ D2033210D4DA9E9CE7670DFF45D7101B ] C:\Users\Weeny\AppData\Local\Temp\9EF37784-6C4C-4AD8-A649-F64E54A97C13.exe
21:09:54.0139 4040 C:\Users\Weeny\AppData\Local\Temp\9EF37784-6C4C-4AD8-A649-F64E54A97C13.exe - ok
21:09:54.0139 4040 [ 97CCB4D737B426B200E5EF90C877DF32 ] C:\Windows\SysWOW64\imagehlp.dll
21:09:54.0139 4040 C:\Windows\SysWOW64\imagehlp.dll - ok
21:09:54.0155 4040 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
21:09:54.0155 4040 C:\Windows\SysWOW64\gpapi.dll - ok
21:09:54.0155 4040 [ 1F778C34C751E1B585E4FC66659BA904 ] C:\Windows\SysWOW64\cryptnet.dll
21:09:54.0155 4040 C:\Windows\SysWOW64\cryptnet.dll - ok
21:09:54.0155 4040 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
21:09:54.0155 4040 C:\Windows\SysWOW64\SensApi.dll - ok
21:09:54.0155 4040 [ 691C8DFB208227F0CBB5C0897C742ACE ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:09:54.0155 4040 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:09:54.0170 4040 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
21:09:54.0170 4040 C:\Windows\SysWOW64\EhStorShell.dll - ok
21:09:54.0170 4040 [ 9141FE8D904CE682A3BDCFAE96BB04EF ] C:\Windows\SysWOW64\ntshrui.dll
21:09:54.0170 4040 C:\Windows\SysWOW64\ntshrui.dll - ok
21:09:54.0170 4040 [ ADD9D33D685DFADDFAD5AFB42CF31A70 ] C:\Windows\SysWOW64\cscapi.dll
21:09:54.0170 4040 C:\Windows\SysWOW64\cscapi.dll - ok
21:09:54.0170 4040 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
21:09:54.0170 4040 C:\Windows\SysWOW64\slc.dll - ok
21:09:54.0186 4040 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
21:09:54.0186 4040 C:\Windows\SysWOW64\imageres.dll - ok
21:09:54.0186 4040 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
21:09:54.0186 4040 C:\Windows\SysWOW64\sfc.dll - ok
21:09:54.0186 4040 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
21:09:54.0186 4040 C:\Windows\SysWOW64\sfc_os.dll - ok
21:09:54.0186 4040 [ 11CDF138552BFEC115B60ED6DC3ACEB6 ] C:\Windows\SysWOW64\devrtl.dll
21:09:54.0186 4040 C:\Windows\SysWOW64\devrtl.dll - ok
21:09:54.0186 4040 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
21:09:54.0186 4040 C:\Windows\System32\ie4uinit.exe - ok
21:09:54.0201 4040 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
21:09:54.0201 4040 C:\Windows\System32\iedkcs32.dll - ok
21:09:54.0201 4040 [ 6B18F23108E6FA70B9F62B4D89668ED8 ] C:\Windows\SysWOW64\SndVolSSO.dll
21:09:54.0201 4040 C:\Windows\SysWOW64\SndVolSSO.dll - ok
21:09:54.0201 4040 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
21:09:54.0201 4040 C:\Windows\SysWOW64\hid.dll - ok
21:09:54.0201 4040 [ 8C680C0E6B3D6711B2B88AC82FE1804E ] C:\Windows\SysWOW64\MMDevAPI.dll
21:09:54.0201 4040 C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:09:54.0217 4040 [ C338915320CBEBFDB6DA3F0E6B069754 ] C:\Windows\SysWOW64\timedate.cpl
21:09:54.0217 4040 C:\Windows\SysWOW64\timedate.cpl - ok
21:09:54.0217 4040 [ 18245DC72B65D488A8B2D75A8FE088EA ] C:\Windows\System32\timedate.cpl
21:09:54.0217 4040 C:\Windows\System32\timedate.cpl - ok
21:09:54.0217 4040 [ FBE8EBF528DC49B3DEB186CA9545D97E ] C:\Windows\System32\shdocvw.dll
21:09:54.0217 4040 C:\Windows\System32\shdocvw.dll - ok
21:09:54.0217 4040 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
21:09:54.0217 4040 C:\Windows\SysWOW64\linkinfo.dll - ok
21:09:54.0233 4040 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
21:09:54.0233 4040 C:\Windows\System32\linkinfo.dll - ok
21:09:54.0233 4040 [ 415132079EAF93D6E90D9CA1B641F068 ] C:\Windows\SysWOW64\msutb.dll
21:09:54.0233 4040 C:\Windows\SysWOW64\msutb.dll - ok
21:09:54.0233 4040 [ D6415224AD96840153E283A0268DE384 ] C:\Windows\SysWOW64\shacct.dll
21:09:54.0233 4040 C:\Windows\SysWOW64\shacct.dll - ok
21:09:54.0233 4040 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
21:09:54.0233 4040 C:\Windows\SysWOW64\samlib.dll - ok
21:09:54.0248 4040 [ 742AA02BD9FA3492C9E525BBD427D87D ] C:\Windows\SysWOW64\samcli.dll
21:09:54.0248 4040 C:\Windows\SysWOW64\samcli.dll - ok
21:09:54.0248 4040 [ C01A5E602E827FD00240370C1B617608 ] C:\Windows\SysWOW64\gameux.dll
21:09:54.0248 4040 C:\Windows\SysWOW64\gameux.dll - ok
21:09:54.0248 4040 [ 14F5C0DB4B2C47874D6C937A5A1B367C ] C:\Windows\System32\gameux.dll
21:09:54.0248 4040 C:\Windows\System32\gameux.dll - ok
21:09:54.0248 4040 [ 8019A904EBB6F8CFBA9E41A76A99604A ] C:\Windows\SysWOW64\wer.dll
21:09:54.0248 4040 C:\Windows\SysWOW64\wer.dll - ok
21:09:54.0264 4040 [ FBE9BC55CF7ED9CC1452F7AF02C31864 ] C:\Windows\SysWOW64\msftedit.dll
21:09:54.0264 4040 C:\Windows\SysWOW64\msftedit.dll - ok
21:09:54.0264 4040 [ 46EDD0A6B42BA5D2044FA0909BE4BE95 ] C:\Windows\System32\msftedit.dll
21:09:54.0264 4040 C:\Windows\System32\msftedit.dll - ok
21:09:54.0264 4040 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
21:09:54.0264 4040 C:\Windows\SysWOW64\msls31.dll - ok
21:09:54.0264 4040 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
21:09:54.0264 4040 C:\Windows\System32\msls31.dll - ok
21:09:54.0279 4040 [ 17A7998CB5DA92020A291B85FF7B3681 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
21:09:54.0279 4040 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
21:09:54.0279 4040 [ FABFC817547EABB19B74849CEF410622 ] C:\Windows\SysWOW64\authui.dll
21:09:54.0279 4040 C:\Windows\SysWOW64\authui.dll - ok
21:09:54.0279 4040 [ E8132FB3BAC7C0CDBD581485B8BA947F ] C:\Windows\SysWOW64\cryptui.dll
21:09:54.0279 4040 C:\Windows\SysWOW64\cryptui.dll - ok
21:09:54.0279 4040 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
21:09:54.0279 4040 C:\Windows\SysWOW64\msiltcfg.dll - ok
21:09:54.0279 4040 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
21:09:54.0279 4040 C:\Windows\System32\msiltcfg.dll - ok
21:09:54.0295 4040 [ F1317678AC2FBA9F640279290B2E2988 ] C:\Windows\SysWOW64\msi.dll
21:09:54.0295 4040 C:\Windows\SysWOW64\msi.dll - ok
21:09:54.0295 4040 [ 599EBE6C7EA52B5FF9603F203E8EC080 ] C:\Windows\System32\msi.dll
21:09:54.0295 4040 C:\Windows\System32\msi.dll - ok
21:09:54.0295 4040 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
21:09:54.0295 4040 C:\Program Files\Microsoft Security Client\msseces.exe - ok
21:09:54.0295 4040 [ DD76912E8D165C68659D9875256710A3 ] C:\Windows\System32\DeviceCenter.dll
21:09:54.0295 4040 C:\Windows\System32\DeviceCenter.dll - ok
21:09:54.0311 4040 [ 60A24CA5E2D760F4F619F1D1FE62FB27 ] C:\Program Files (x86)\Steam\Steam.exe
21:09:54.0311 4040 C:\Program Files (x86)\Steam\Steam.exe - ok
21:09:54.0311 4040 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\48541667.sys
21:09:54.0311 4040 C:\Windows\System32\drivers\48541667.sys - ok
21:09:54.0311 4040 [ DBE2AA52B5D67DA319D33A175B8BB41E ] C:\Windows\SysWOW64\thumbcache.dll
21:09:54.0311 4040 C:\Windows\SysWOW64\thumbcache.dll - ok
21:09:54.0311 4040 [ F468C806267D46B68DB7EB32FBF0A103 ] C:\Windows\System32\thumbcache.dll
21:09:54.0311 4040 C:\Windows\System32\thumbcache.dll - ok
21:09:54.0326 4040 [ 29C5375CE613B40EB4869C8B03FD1010 ] C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe
21:09:54.0326 4040 C:\Users\Weeny\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
21:09:54.0326 4040 [ D3EAD1CF16BA729A7F7C9A5D94AA7C05 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
21:09:54.0326 4040 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll - ok
21:09:54.0326 4040 [ 4A056D7392F31EDA3AE1975E7010D7E3 ] C:\Windows\SysWOW64\networkexplorer.dll
21:09:54.0326 4040 C:\Windows\SysWOW64\networkexplorer.dll - ok
21:09:54.0326 4040 [ 8BC7AE7E16458355508ECF5EC3A04E72 ] C:\Windows\System32\networkexplorer.dll
21:09:54.0326 4040 C:\Windows\System32\networkexplorer.dll - ok
21:09:54.0342 4040 [ 8476E1C89C9D9834102EF86B651C6F39 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:09:54.0342 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
21:09:54.0342 4040 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Weeny\AppData\Roaming\Dropbox\bin\msvcr71.dll
21:09:54.0342 4040 C:\Users\Weeny\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
21:09:54.0342 4040 [ A9A860F47D8E4417F82C5C211E7FF510 ] C:\Windows\SysWOW64\atiadlxy.dll
21:09:54.0342 4040 C:\Windows\SysWOW64\atiadlxy.dll - ok
21:09:54.0342 4040 [ B24ABFAB2D541996A38905369D511953 ] C:\Windows\SysWOW64\wdmaud.drv
21:09:54.0342 4040 C:\Windows\SysWOW64\wdmaud.drv - ok
21:09:54.0357 4040 [ 30F9BACA07F8251D7DD1805A9E919CE0 ] C:\Windows\System32\wdmaud.drv
21:09:54.0357 4040 C:\Windows\System32\wdmaud.drv - ok
21:09:54.0357 4040 [ 00D1F89836927C0F2E37321E6B441FCE ] C:\Windows\SysWOW64\msxml3.dll
21:09:54.0357 4040 C:\Windows\SysWOW64\msxml3.dll - ok
21:09:54.0357 4040 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
21:09:54.0357 4040 C:\Windows\SysWOW64\ksuser.dll - ok
21:09:54.0357 4040 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
21:09:54.0357 4040 C:\Windows\System32\ksuser.dll - ok
21:09:54.0373 4040 [ 4B9949208944C50B1A16FD1F05ED0A04 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
21:09:54.0373 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
21:09:54.0373 4040 [ 87BF5BD7D8D441EE18BE699B37FA3FBF ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
21:09:54.0373 4040 C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe - ok
21:09:54.0373 4040 [ CE07AF86AA72F4AE964239DE0DABE738 ] C:\Windows\System32\msxml3.dll
21:09:54.0373 4040 C:\Windows\System32\msxml3.dll - ok
21:09:54.0373 4040 [ 8898C95862D03D16B2A06DB4DB6BB6B2 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:09:54.0373 4040 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:09:54.0373 4040 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
21:09:54.0373 4040 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
21:09:54.0389 4040 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
21:09:54.0389 4040 C:\Windows\SysWOW64\avrt.dll - ok
21:09:54.0389 4040 [ 63309E61AAC7A09A40218A8AECFF6B26 ] C:\Program Files (x86)\Steam\Steam.dll
21:09:54.0389 4040 C:\Program Files (x86)\Steam\Steam.dll - ok
21:09:54.0389 4040 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
21:09:54.0389 4040 C:\Windows\SysWOW64\duser.dll - ok
21:09:54.0389 4040 [ AFBB5060A2DAD431A2EAEB2C86CFFE81 ] C:\Windows\SysWOW64\AudioSes.dll
21:09:54.0389 4040 C:\Windows\SysWOW64\AudioSes.dll - ok
21:09:54.0404 4040 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
21:09:54.0404 4040 C:\Windows\SysWOW64\dui70.dll - ok
21:09:54.0404 4040 [ 81D64E8D70E5FBF9F7ABF2D41154F54D ] C:\Windows\System32\AudioSes.dll
21:09:54.0404 4040 C:\Windows\System32\AudioSes.dll - ok
21:09:54.0404 4040 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
21:09:54.0404 4040 C:\Windows\SysWOW64\msacm32.drv - ok
21:09:54.0404 4040 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
21:09:54.0404 4040 C:\Windows\System32\msacm32.drv - ok
21:09:54.0420 4040 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
21:09:54.0420 4040 C:\Windows\SysWOW64\apisetschema.dll - ok
21:09:54.0420 4040 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
21:09:54.0420 4040 C:\Windows\SysWOW64\msacm32.dll - ok
21:09:54.0420 4040 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
21:09:54.0420 4040 C:\Windows\System32\msacm32.dll - ok
21:09:54.0420 4040 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
21:09:54.0420 4040 C:\Windows\SysWOW64\midimap.dll - ok
21:09:54.0420 4040 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
21:09:54.0420 4040 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
21:09:54.0435 4040 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
21:09:54.0435 4040 C:\Windows\System32\midimap.dll - ok
21:09:54.0435 4040 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
21:09:54.0435 4040 C:\Windows\System32\dsound.dll - ok
21:09:54.0435 4040 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
21:09:54.0435 4040 C:\Windows\SysWOW64\dsound.dll - ok
21:09:54.0435 4040 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
21:09:54.0435 4040 C:\Windows\System32\SensApi.dll - ok
21:09:54.0451 4040 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
21:09:54.0451 4040 C:\Windows\SysWOW64\ntdsapi.dll - ok
21:09:54.0451 4040 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
21:09:54.0451 4040 C:\Windows\SysWOW64\security.dll - ok
21:09:54.0451 4040 [ B9D7A09D00EE625CCB9FA5260629275E ] C:\Program Files (x86)\Steam\GameOverlayRenderer.dll
21:09:54.0451 4040 C:\Program Files (x86)\Steam\GameOverlayRenderer.dll - ok
21:09:54.0451 4040 [ D8ECA7A87AAA3AE308B5277411666622 ] C:\Windows\SysWOW64\logoncli.dll
21:09:54.0451 4040 C:\Windows\SysWOW64\logoncli.dll - ok
21:09:54.0467 4040 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll
21:09:54.0467 4040 C:\Windows\SysWOW64\UIAnimation.dll - ok
21:09:54.0467 4040 [ A7532E66EA2F168A0970E829D8986423 ] C:\Program Files (x86)\Steam\dbghelp.dll
21:09:54.0467 4040 C:\Program Files (x86)\Steam\dbghelp.dll - ok
21:09:54.0467 4040 [ 72AB6633E9B39EC7FEBEDF083A9061E5 ] C:\Windows\System32\mscoree.dll
21:09:54.0467 4040 C:\Windows\System32\mscoree.dll - ok
21:09:54.0467 4040 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\SysWOW64\mscoree.dll
21:09:54.0467 4040 C:\Windows\SysWOW64\mscoree.dll - ok
21:09:54.0482 4040 [ 173C217E677C4B0C4F8A6D54BA13BF9B ] C:\Program Files (x86)\Steam\CSERHelper.dll
21:09:54.0482 4040 C:\Program Files (x86)\Steam\CSERHelper.dll - ok
21:09:54.0482 4040 [ 0470997A5ADC2FCDDCB3461D92073FAA ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\GdiPlus.dll
21:09:54.0482 4040 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\GdiPlus.dll - ok
21:09:54.0482 4040 [ 163DC280E527CE4C2D18AE36D80227E1 ] C:\Program Files (x86)\Steam\SteamUI.dll
21:09:54.0482 4040 C:\Program Files (x86)\Steam\SteamUI.dll - ok
21:09:54.0482 4040 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
21:09:54.0482 4040 C:\Windows\System32\UIAnimation.dll - ok
21:09:54.0498 4040 [ 667224FF4FD48B182F574AA96E93267C ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:09:54.0498 4040 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:09:54.0498 4040 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
21:09:54.0498 4040 C:\Windows\SysWOW64\powrprof.dll - ok
21:09:54.0498 4040 [ 2D8F107091A04D6F875F9D3C5B0CDBB9 ] C:\Program Files (x86)\Steam\tier0_s.dll
21:09:54.0498 4040 C:\Program Files (x86)\Steam\tier0_s.dll - ok
21:09:54.0498 4040 [ A921DB364E56F6B86C93BCD11799996F ] C:\Program Files (x86)\Steam\vstdlib_s.dll
21:09:54.0498 4040 C:\Program Files (x86)\Steam\vstdlib_s.dll - ok
21:09:54.0513 4040 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Weeny\AppData\Roaming\Dropbox\bin\msvcp71.dll
21:09:54.0513 4040 C:\Users\Weeny\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
21:09:54.0513 4040 [ 3CA4ADDA47D97DDF412893F1D03EA6F6 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
21:09:54.0513 4040 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
21:09:54.0513 4040 [ E9B2800435A1DC3B857C7F0967B56007 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
21:09:54.0513 4040 C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll - ok
21:09:54.0513 4040 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
21:09:54.0513 4040 C:\Windows\SysWOW64\AudioEng.dll - ok
21:09:54.0529 4040 [ 68C0AA667357F26450A1A1F4472174B7 ] C:\Program Files (x86)\Steam\crashhandler.dll
21:09:54.0529 4040 C:\Program Files (x86)\Steam\crashhandler.dll - ok
21:09:54.0529 4040 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
21:09:54.0529 4040 C:\Windows\System32\AudioEng.dll - ok
21:09:54.0529 4040 [ 70F03B29A62194E69911952B3640D9D2 ] C:\Windows\SysWOW64\msdmo.dll
21:09:54.0529 4040 C:\Windows\SysWOW64\msdmo.dll - ok
21:09:54.0545 4040 [ D3C8C6B6DB123B0E51ECFFF0F6DF145E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9a7b48ad2929bc93362ec42cd4573f87\mscorlib.ni.dll
21:09:54.0545 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9a7b48ad2929bc93362ec42cd4573f87\mscorlib.ni.dll - ok
21:09:54.0545 4040 [ 0B0604BC02CA5F77A1F23C6B0D86AE8C ] C:\Windows\System32\msdmo.dll
21:09:54.0545 4040 C:\Windows\System32\msdmo.dll - ok
21:09:54.0545 4040 [ 24B868F45E636D41DD942E0B78166AAF ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
21:09:54.0545 4040 C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll - ok
21:09:54.0545 4040 [ A96029C942E890C9079C4D35740E5CC3 ] C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll
21:09:54.0545 4040 C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll - ok
21:09:54.0560 4040 [ C8FDC6DCDDE5ED79EF2EBF43ADFA64F0 ] C:\Program Files (x86)\Steam\bin\vgui2_s.dll
21:09:54.0560 4040 C:\Program Files (x86)\Steam\bin\vgui2_s.dll - ok
21:09:54.0560 4040 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
21:09:54.0560 4040 C:\Windows\System32\msimg32.dll - ok
21:09:54.0560 4040 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
21:09:54.0560 4040 C:\Windows\SysWOW64\opengl32.dll - ok
21:09:54.0560 4040 [ 02CDEB5D8B3DD5F6770DEFFBBC0CFAD0 ] C:\Windows\System32\winspool.drv
21:09:54.0560 4040 C:\Windows\System32\winspool.drv - ok
21:09:54.0576 4040 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
21:09:54.0576 4040 C:\Windows\SysWOW64\AUDIOKSE.dll - ok
21:09:54.0576 4040 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
21:09:54.0576 4040 C:\Windows\SysWOW64\glu32.dll - ok
21:09:54.0576 4040 [ 3A2F5C8666F08B31C61DBAE9C297551C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
21:09:54.0576 4040 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
21:09:54.0576 4040 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
21:09:54.0576 4040 C:\Windows\System32\oledlg.dll - ok
21:09:54.0591 4040 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
21:09:54.0591 4040 C:\Windows\SysWOW64\ddraw.dll - ok
21:09:54.0591 4040 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
21:09:54.0591 4040 C:\Windows\System32\AUDIOKSE.dll - ok
21:09:54.0591 4040 [ C8FE465986FE1E242C92B6B76CDFEC6F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6ec488b702c100ad5d3e712db0e88554\System.ni.dll
21:09:54.0591 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6ec488b702c100ad5d3e712db0e88554\System.ni.dll - ok
21:09:54.0591 4040 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
21:09:54.0591 4040 C:\Windows\SysWOW64\dciman32.dll - ok
21:09:54.0591 4040 [ 1854347C683A1B573EE6910777383E68 ] C:\Program Files (x86)\Steam\bin\chromehtml.dll
21:09:54.0591 4040 C:\Program Files (x86)\Steam\bin\chromehtml.dll - ok
21:09:54.0607 4040 [ 782ADAA3191724DAC47DEC72C25F8864 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
21:09:54.0607 4040 C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll - ok
21:09:54.0607 4040 [ F2C38B69377DD2D7BB6DA5673206E070 ] C:\Program Files (x86)\Steam\bin\libcef.dll
21:09:54.0607 4040 C:\Program Files (x86)\Steam\bin\libcef.dll - ok
21:09:54.0607 4040 [ 5CDAD00CD511B16D7C18F263072B54E3 ] C:\Windows\System32\VIASysFx.dll
21:09:54.0607 4040 C:\Windows\System32\VIASysFx.dll - ok
21:09:54.0607 4040 [ EFEA483CB72A27915FA97AF700FDA05C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6ea40f2da0e2321428a7bdd387e475fd\System.Drawing.ni.dll
21:09:54.0607 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6ea40f2da0e2321428a7bdd387e475fd\System.Drawing.ni.dll - ok
21:09:54.0623 4040 [ 044CB0374E0DA180A29278901EB259E1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\ced1d3b0790804426463ad06a61f180e\System.Windows.Forms.ni.dll
21:09:54.0623 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\ced1d3b0790804426463ad06a61f180e\System.Windows.Forms.ni.dll - ok
21:09:54.0623 4040 [ 00000000000000000000000000000000 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\skin.dll
21:09:54.0623 4040 C:\Program Files (x86)\VIA\VIAudioi\VDeck\skin.dll - ok
21:09:54.0623 4040 [ 045D0F4F41CA53D4CB22BDC814A22B64 ] C:\Program Files (x86)\Steam\bin\icudt.dll
21:09:54.0623 4040 C:\Program Files (x86)\Steam\bin\icudt.dll - ok
21:09:54.0638 4040 [ EA3B73368CC0400A6ABFBB6BBB1C0D61 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
21:09:54.0638 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll - ok
21:09:54.0638 4040 [ 9F9B0AD8804ECFF8CBD279992DCF7210 ] C:\Windows\SysWOW64\DWrite.dll
21:09:54.0638 4040 C:\Windows\SysWOW64\DWrite.dll - ok
21:09:54.0638 4040 [ 4D87A687749DDAA2F093DD2B131A20D6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
21:09:54.0638 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll - ok
21:09:54.0638 4040 [ 3CDF111CCFF180B04699B87EA95A2693 ] C:\Program Files (x86)\Steam\bin\avcodec-53.dll
21:09:54.0638 4040 C:\Program Files (x86)\Steam\bin\avcodec-53.dll - ok
21:09:54.0654 4040 [ 25835D0658CAE221912DA90FC39B826A ] C:\Program Files (x86)\Steam\bin\avutil-51.dll
21:09:54.0654 4040 C:\Program Files (x86)\Steam\bin\avutil-51.dll - ok
21:09:54.0654 4040 [ C7B6C67B4597939DCED605B0FC505E20 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
21:09:54.0654 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll - ok
21:09:54.0654 4040 [ C3CA13D6FA87F8B5B72C96B9F3CD0BA1 ] C:\Program Files (x86)\Steam\bin\avformat-53.dll
21:09:54.0654 4040 C:\Program Files (x86)\Steam\bin\avformat-53.dll - ok
21:09:54.0654 4040 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] C:\Windows\System32\FntCache.dll
21:09:54.0654 4040 C:\Windows\System32\FntCache.dll - ok
21:09:54.0654 4040 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
21:09:54.0654 4040 C:\Windows\SysWOW64\ktmw32.dll - ok
21:09:54.0669 4040 [ A9CB6542E2516C1161320F8125AD67C9 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
21:09:54.0669 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll - ok
21:09:54.0669 4040 [ E26CB0A6E2E211DF242E4B7312CF52B7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
21:09:54.0669 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll - ok
21:09:54.0669 4040 [ 8C2ED771B56FAE43DBBA9057C86DB2C1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
21:09:54.0669 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll - ok
21:09:54.0669 4040 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
21:09:54.0669 4040 C:\Windows\SysWOW64\FirewallAPI.dll - ok
21:09:54.0685 4040 [ BFEB59D2C6A56F0C13BFA40CDF4B8668 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\17bf0932e5c6cb8ba59046456f13328d\System.Runtime.Remoting.ni.dll
21:09:54.0685 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\17bf0932e5c6cb8ba59046456f13328d\System.Runtime.Remoting.ni.dll - ok
21:09:54.0685 4040 [ ACCBA604D34842844133A731F8045B32 ] C:\Windows\SysWOW64\sxs.dll
21:09:54.0685 4040 C:\Windows\SysWOW64\sxs.dll - ok
21:09:54.0685 4040 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
21:09:54.0685 4040 C:\Windows\System32\shfolder.dll - ok
21:09:54.0685 4040 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
21:09:54.0685 4040 C:\Windows\SysWOW64\shfolder.dll - ok
21:09:54.0701 4040 [ AEA870CB44C190DDCCB96DF2D7B07C5B ] C:\Program Files (x86)\Steam\steamclient.dll
21:09:54.0701 4040 C:\Program Files (x86)\Steam\steamclient.dll - ok
21:09:54.0701 4040 [ 21894CB605E416D26892DC445507408E ] C:\Windows\SysWOW64\pdh.dll
21:09:54.0701 4040 C:\Windows\SysWOW64\pdh.dll - ok
21:09:54.0701 4040 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
21:09:54.0701 4040 C:\Windows\System32\ieframe.dll - ok
21:09:54.0701 4040 [ 6850CAB88C6689D9A9936AFF033578AF ] C:\Windows\SysWOW64\stobject.dll
21:09:54.0701 4040 C:\Windows\SysWOW64\stobject.dll - ok
21:09:54.0716 4040 [ 60CC15392FF14DCB9C29C69B3233741B ] C:\Windows\System32\stobject.dll
21:09:54.0716 4040 C:\Windows\System32\stobject.dll - ok
21:09:54.0716 4040 [ DAD1F753E1F8563629FBC93F8B15D9F8 ] C:\Windows\SysWOW64\batmeter.dll
21:09:54.0716 4040 C:\Windows\SysWOW64\batmeter.dll - ok
21:09:54.0716 4040 [ 86B6AC0FD2881B3D20B80F51C7152AE0 ] C:\Windows\System32\batmeter.dll
21:09:54.0716 4040 C:\Windows\System32\batmeter.dll - ok
21:09:54.0716 4040 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
21:09:54.0716 4040 C:\Windows\SysWOW64\es.dll - ok
21:09:54.0732 4040 [ AF28348ED585539C4A33A4341FF23696 ] C:\Windows\System32\oleacc.dll
21:09:54.0732 4040 C:\Windows\System32\oleacc.dll - ok
21:09:54.0732 4040 [ 803768444B482D61B92D715A05B5712A ] C:\Windows\SysWOW64\prnfldr.dll
21:09:54.0732 4040 C:\Windows\SysWOW64\prnfldr.dll - ok
21:09:54.0732 4040 [ 8E18C83C6CFE2F02F8885D3A9DB363D7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
21:09:54.0732 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
21:09:54.0732 4040 [ 651F169718CC46C8A9264880C538D5FF ] C:\Windows\System32\prnfldr.dll
21:09:54.0732 4040 C:\Windows\System32\prnfldr.dll - ok
21:09:54.0747 4040 [ 913C2E4A03201644FC986EDEB5F8A390 ] C:\Windows\System32\DXP.dll
21:09:54.0747 4040 C:\Windows\System32\DXP.dll - ok
21:09:54.0747 4040 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
21:09:54.0747 4040 C:\Windows\SysWOW64\Syncreg.dll - ok
21:09:54.0747 4040 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
21:09:54.0747 4040 C:\Windows\System32\Syncreg.dll - ok
21:09:54.0747 4040 [ 72854A70D02507F21DBA4FE079618A0D ] C:\Windows\SysWOW64\en-US\cmd.exe.mui
21:09:54.0747 4040 C:\Windows\SysWOW64\en-US\cmd.exe.mui - ok
21:09:54.0747 4040 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
21:09:54.0763 4040 C:\Windows\ehome\ehSSO.dll - ok
21:09:54.0763 4040 [ 5C5C7246F01D0BD7354A8581035681E5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
21:09:54.0763 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll - ok
21:09:54.0763 4040 [ 1517586D73A1C0D9D1660DE8FDA888CC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
21:09:54.0763 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll - ok
21:09:54.0763 4040 [ A53F077BCA87A68D5FD280AD93121BA6 ] C:\Windows\SysWOW64\tzres.dll
21:09:54.0763 4040 C:\Windows\SysWOW64\tzres.dll - ok
21:09:54.0779 4040 [ B998AB59D5541777A1E43175A9ACBE83 ] C:\Windows\System32\en-US\conhost.exe.mui
21:09:54.0779 4040 C:\Windows\System32\en-US\conhost.exe.mui - ok
21:09:54.0779 4040 [ F7611E0F05B4EB272102CA9883CA98A7 ] C:\Windows\SysWOW64\netshell.dll
21:09:54.0779 4040 C:\Windows\SysWOW64\netshell.dll - ok
21:09:54.0779 4040 [ 53DA45051EB8CE63BFAD4F16F10CBDCD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
21:09:54.0779 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll - ok
21:09:54.0779 4040 [ A0C69A8661CCEB20DB60A4FA35A2FBE4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\c40cbbdf7af03daedb16f4d9ef1b6f5f\System.Xml.ni.dll
21:09:54.0779 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\c40cbbdf7af03daedb16f4d9ef1b6f5f\System.Xml.ni.dll - ok
21:09:54.0794 4040 [ F4554EC3E1A949B07F083BD52D7B279E ] C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:09:54.0794 4040 C:\Program Files (x86)\Common Files\Steam\SteamService.exe - ok
21:09:54.0794 4040 [ 6960D29ABE74341FAB8300DB3E6F883D ] C:\Windows\System32\cmd.exe
21:09:54.0794 4040 C:\Windows\System32\cmd.exe - ok
21:09:54.0794 4040 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
21:09:54.0794 4040 C:\Windows\SysWOW64\AltTab.dll - ok
21:09:54.0794 4040 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
21:09:54.0794 4040 C:\Windows\System32\AltTab.dll - ok
21:09:54.0810 4040 [ BF54AC0E5AAA80767792AADDEE4980C4 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
21:09:54.0810 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll - ok
21:09:54.0810 4040 [ B4E14BED5C1D5801792EEA18BDD5A6FE ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
21:09:54.0810 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll - ok
21:09:54.0810 4040 [ F5EB1E039498D6F1D106E96CE7C1F3C6 ] C:\Windows\SysWOW64\WPDShServiceObj.dll
21:09:54.0810 4040 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
21:09:54.0810 4040 [ 58C596F78CE3ECCAA921004DA923BB1F ] C:\Program Files (x86)\Steam\bin\SteamService.dll
21:09:54.0810 4040 C:\Program Files (x86)\Steam\bin\SteamService.dll - ok
21:09:54.0825 4040 [ AB01C36BCC34CCFE5B0BB5FFB2605135 ] C:\Windows\System32\WPDShServiceObj.dll
21:09:54.0825 4040 C:\Windows\System32\WPDShServiceObj.dll - ok
21:09:54.0825 4040 [ 6D42B6D2C5B935F6C081218D475BDC56 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
21:09:54.0825 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll - ok
21:09:54.0825 4040 [ 78837A10485BD818E83B4ADBAB360ACF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
21:09:54.0825 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll - ok
21:09:54.0825 4040 [ C6EF4BC967F1764FD8A6B703077E21CF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
21:09:54.0825 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll - ok
21:09:54.0841 4040 [ 2862A3819BBC9757DD27BAC41A4E0A3E ] C:\Windows\SysWOW64\pnidui.dll
21:09:54.0841 4040 C:\Windows\SysWOW64\pnidui.dll - ok
21:09:54.0841 4040 [ 06D78317D32DD55B97BD645B88B808F3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
21:09:54.0841 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll - ok
21:09:54.0841 4040 [ FD4F95ABDE5603478C929B6CB0BDCFFF ] C:\Windows\System32\pnidui.dll
21:09:54.0841 4040 C:\Windows\System32\pnidui.dll - ok
21:09:54.0841 4040 [ E949A5CB9D5F90734290905DE47532EB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
21:09:54.0841 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll - ok
21:09:54.0857 4040 [ 84A83F11696F1C983DFF1B5686D0F361 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
21:09:54.0857 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll - ok
21:09:54.0857 4040 [ 135D65E490C9DACB2791FBCF9DDAC3BC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
21:09:54.0857 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll - ok
21:09:54.0857 4040 [ 750CF3E5F53E1A7CCEA6338027E4243F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
21:09:54.0857 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll - ok
21:09:54.0857 4040 [ 7B320667E99AFE3CD0AFEA34646B42E5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
21:09:54.0857 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll - ok
21:09:54.0872 4040 [ 45F0F12A11861CE0FB682B87A310FE41 ] C:\Windows\SysWOW64\QUTIL.DLL
21:09:54.0872 4040 C:\Windows\SysWOW64\QUTIL.DLL - ok
21:09:54.0872 4040 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
21:09:54.0872 4040 C:\Windows\SysWOW64\wevtapi.dll - ok
21:09:54.0872 4040 [ 723091726A85D332109B162CD5C1AECF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
21:09:54.0872 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll - ok
21:09:54.0888 4040 [ D019538EDB1238B6D65033A57B1CF9ED ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
21:09:54.0888 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll - ok
21:09:54.0888 4040 [ F4055BF49A90375FD7672A604F3B0B8E ] C:\Windows\SysWOW64\ActionCenter.dll
21:09:54.0888 4040 C:\Windows\SysWOW64\ActionCenter.dll - ok
21:09:54.0888 4040 [ 8BC00C736E67A75D936E5B440917359B ] C:\Windows\System32\ActionCenter.dll
21:09:54.0888 4040 C:\Windows\System32\ActionCenter.dll - ok
21:09:54.0888 4040 [ 36060A75D9EDB1AEF0825988C7DD8511 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
21:09:54.0888 4040 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
21:09:54.0903 4040 [ D4C438883154C3D082FB2E629191C45F ] C:\Windows\SysWOW64\srchadmin.dll
21:09:54.0903 4040 C:\Windows\SysWOW64\srchadmin.dll - ok
21:09:54.0903 4040 [ 6D17CFCD070D7E68E24CDCEC0ACE4678 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\f6514b690596d60ca9f4fa64e14a8355\System.Web.ni.dll
21:09:54.0903 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\f6514b690596d60ca9f4fa64e14a8355\System.Web.ni.dll - ok
21:09:54.0903 4040 [ 2C5B8A680A90E96B1EC0D6DA0505E685 ] C:\Windows\System32\srchadmin.dll
21:09:54.0903 4040 C:\Windows\System32\srchadmin.dll - ok
21:09:54.0903 4040 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Weeny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
21:09:54.0903 4040 C:\Users\Weeny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
21:09:54.0919 4040 [ 2D15C41214F518FC3C72A4C01C30882F ] C:\Windows\SysWOW64\bthprops.cpl
21:09:54.0919 4040 C:\Windows\SysWOW64\bthprops.cpl - ok
21:09:54.0919 4040 [ 71402C7923F6B7F8ACB48E50F35463E7 ] C:\Windows\SysWOW64\SearchIndexer.exe
21:09:54.0919 4040 C:\Windows\SysWOW64\SearchIndexer.exe - ok
21:09:54.0919 4040 [ 0D2A4C5E608398FD9E138E68DB316616 ] C:\Windows\SysWOW64\dxdiagn.dll
21:09:54.0919 4040 C:\Windows\SysWOW64\dxdiagn.dll - ok
21:09:54.0919 4040 [ 92AAF75C3EB344A098DC026BC9DDF42A ] C:\Windows\System32\bthprops.cpl
21:09:54.0919 4040 C:\Windows\System32\bthprops.cpl - ok
21:09:54.0935 4040 [ F7B5DB67838A4DB019957B2B9647663B ] C:\Windows\System32\dxdiagn.dll
21:09:54.0935 4040 C:\Windows\System32\dxdiagn.dll - ok
21:09:54.0935 4040 [ 8CD2A697B18069A62A035E756E51E934 ] C:\Windows\System32\SearchIndexer.exe
21:09:54.0935 4040 C:\Windows\System32\SearchIndexer.exe - ok
21:09:54.0935 4040 [ DD76301614636306414EFA94A9AC5A03 ] C:\Windows\SysWOW64\dxgi.dll
21:09:54.0935 4040 C:\Windows\SysWOW64\dxgi.dll - ok
21:09:54.0935 4040 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
21:09:54.0935 4040 C:\Windows\SysWOW64\d3d10.dll - ok
21:09:54.0950 4040 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
21:09:54.0950 4040 C:\Windows\System32\d3d10.dll - ok
21:09:54.0950 4040 [ 3F2DEAFC463D75611CB9C5E36A8CCF15 ] C:\Windows\SysWOW64\ncsi.dll
21:09:54.0950 4040 C:\Windows\SysWOW64\ncsi.dll - ok
21:09:54.0950 4040 [ 62B88005C2E593163D428F30135BDDC2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\fb0a7c597f43ec6c1fa7eb5c1404cac3\System.Core.ni.dll
21:09:54.0950 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\fb0a7c597f43ec6c1fa7eb5c1404cac3\System.Core.ni.dll - ok
21:09:54.0950 4040 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
21:09:54.0950 4040 C:\Windows\SysWOW64\d3d10core.dll - ok
21:09:54.0966 4040 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
21:09:54.0966 4040 C:\Windows\System32\d3d10core.dll - ok
21:09:54.0966 4040 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
21:09:54.0966 4040 C:\Windows\SysWOW64\mssprxy.dll - ok
21:09:54.0966 4040 [ 93C8EB7AF857F6005F2E44F802E0FA69 ] C:\Windows\SysWOW64\KBDUK.DLL
21:09:54.0966 4040 C:\Windows\SysWOW64\KBDUK.DLL - ok
21:09:54.0966 4040 [ B194142BEADC49C7742C78FFABA3F3F5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
21:09:54.0966 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll - ok
21:09:54.0981 4040 [ AD8F6914F7A9AC28047389BE7AF56EBF ] C:\Windows\SysWOW64\d3d10_1.dll
21:09:54.0981 4040 C:\Windows\SysWOW64\d3d10_1.dll - ok
21:09:54.0981 4040 [ 7271B48B193C9624416BD5006CD8B92F ] C:\Windows\SysWOW64\tquery.dll
21:09:54.0981 4040 C:\Windows\SysWOW64\tquery.dll - ok
21:09:54.0981 4040 [ CCE69BC85D019F49691C592DDCC2FA97 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
21:09:54.0981 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll - ok
21:09:54.0981 4040 [ 110D2A7BBFBA80AAE36B5F229FE800AD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
21:09:54.0981 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll - ok
21:09:54.0997 4040 [ 9103E020906FC7A166F380EF2D2516B2 ] C:\Windows\SysWOW64\d3d10_1core.dll
21:09:54.0997 4040 C:\Windows\SysWOW64\d3d10_1core.dll - ok
21:09:54.0997 4040 [ 19CF8AA75D878A30A86EBB96342BFA5F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
21:09:54.0997 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll - ok
21:09:54.0997 4040 [ D436FF2CBB5653E376A65F7A8874AC04 ] C:\Windows\SysWOW64\d3d11.dll
21:09:54.0997 4040 C:\Windows\SysWOW64\d3d11.dll - ok
21:09:54.0997 4040 [ 3DB5F6FF8A0D7E2BDF420B3F969BC26F ] C:\Windows\System32\ATIDEMGX.dll
21:09:54.0997 4040 C:\Windows\System32\ATIDEMGX.dll - ok
21:09:55.0013 4040 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
21:09:55.0013 4040 C:\Windows\System32\FXSST.dll - ok
21:09:55.0013 4040 [ C0F45B1A543024B40C13E523B44D97A6 ] C:\Windows\System32\d3d11.dll
21:09:55.0013 4040 C:\Windows\System32\d3d11.dll - ok
21:09:55.0013 4040 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
21:09:55.0013 4040 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
21:09:55.0013 4040 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
21:09:55.0013 4040 C:\Windows\SysWOW64\FXSAPI.dll - ok
21:09:55.0013 4040 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:09:55.0013 4040 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:09:55.0028 4040 [ A5C47C3E4D34ABA18BEE65674E53516C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
21:09:55.0028 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll - ok
21:09:55.0028 4040 [ 96F3F676B4D0DF4DA9C4081358C4662F ] C:\Windows\SysWOW64\wbemcomn.dll
21:09:55.0028 4040 C:\Windows\SysWOW64\wbemcomn.dll - ok
21:09:55.0028 4040 [ 34E6D8C67E7FD7C917BECFECA326B168 ] C:\Windows\System32\FXSAPI.dll
21:09:55.0028 4040 C:\Windows\System32\FXSAPI.dll - ok
21:09:55.0028 4040 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:09:55.0028 4040 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:09:55.0044 4040 [ 8541447303958819ADB46B557ADD3750 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\dcadcfb938ccdd3f70859fdcdd329ec5\System.Configuration.ni.dll
21:09:55.0044 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\dcadcfb938ccdd3f70859fdcdd329ec5\System.Configuration.ni.dll - ok
21:09:55.0044 4040 [ 1CEDFE91F527858CACA1B08B04666BC0 ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:09:55.0044 4040 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:09:55.0044 4040 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
21:09:55.0044 4040 C:\Windows\SysWOW64\FXSRESM.dll - ok
21:09:55.0044 4040 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
21:09:55.0044 4040 C:\Windows\System32\FXSRESM.dll - ok
21:09:55.0059 4040 [ 107325D3033A802AC19C67302783F4CF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
21:09:55.0059 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll - ok
21:09:55.0059 4040 [ 64D757051B5B273E55C93E4503EA4F3E ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:09:55.0059 4040 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:09:55.0059 4040 [ 203C3380A744CA5B9B1A9CAEB57F7D57 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
21:09:55.0059 4040 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
21:09:55.0059 4040 [ 5A39C11B78C39EF0A1817E87BE3E2421 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
21:09:55.0059 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll - ok
21:09:55.0075 4040 [ BC0E9E971EED64A5CC95427B331BA50B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
21:09:55.0075 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll - ok
21:09:55.0075 4040 [ AF7B90272B5A4E4B3D347B39702435CC ] C:\Windows\SysWOW64\mssrch.dll
21:09:55.0075 4040 C:\Windows\SysWOW64\mssrch.dll - ok
21:09:55.0075 4040 [ 40261429E4139A04D27BC9489F3ED7EB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
21:09:55.0075 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll - ok
21:09:55.0075 4040 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
21:09:55.0075 4040 C:\Windows\SysWOW64\msidle.dll - ok
21:09:55.0091 4040 [ D78960057ECE9539A56A12A2766D0B8C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
21:09:55.0091 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll - ok
21:09:55.0091 4040 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] C:\Windows\System32\FXSSVC.exe
21:09:55.0091 4040 C:\Windows\System32\FXSSVC.exe - ok
21:09:55.0091 4040 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
21:09:55.0091 4040 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
21:09:55.0091 4040 [ EFBC1DD333C99CA52A1371C74D4BA7A7 ] C:\Windows\SysWOW64\vssapi.dll
21:09:55.0091 4040 C:\Windows\SysWOW64\vssapi.dll - ok
21:09:55.0106 4040 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
21:09:55.0106 4040 C:\Windows\SysWOW64\Wpc.dll - ok
21:09:55.0106 4040 [ CCA7032EEF7804C4196DE2FDBBACAE96 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
21:09:55.0106 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll - ok
21:09:55.0106 4040 [ 173ACF6C35627AF10D8A449AB8D61C0E ] C:\Windows\SysWOW64\framedynos.dll
21:09:55.0106 4040 C:\Windows\SysWOW64\framedynos.dll - ok
21:09:55.0106 4040 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
21:09:55.0106 4040 C:\Windows\SysWOW64\vsstrace.dll - ok
21:09:55.0122 4040 [ B2C7B3AE8B5A7EB139ECDC4038F16FBE ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
21:09:55.0122 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll - ok
21:09:55.0122 4040 [ A81AF063D965A321D577AE3C24ADA449 ] C:\Windows\SysWOW64\browcli.dll
21:09:55.0122 4040 C:\Windows\SysWOW64\browcli.dll - ok
21:09:55.0122 4040 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
21:09:55.0122 4040 C:\Windows\SysWOW64\ncobjapi.dll - ok
21:09:55.0122 4040 [ 7F9A009E33940087FDE0FA25D8AA5706 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
21:09:55.0122 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll - ok
21:09:55.0137 4040 [ E36431CA70B26EE1D3CFEA8C8F7CE307 ] C:\Windows\System32\srwmi.dll
21:09:55.0137 4040 C:\Windows\System32\srwmi.dll - ok
21:09:55.0137 4040 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
21:09:55.0137 4040 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
21:09:55.0137 4040 [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
21:09:55.0137 4040 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
21:09:55.0137 4040 [ 1C9289324B5558AA5A59FB98359B3FD7 ] C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe
21:09:55.0137 4040 C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe - ok
21:09:55.0153 4040 [ 07DD9DCD1CC2840751A1F8772F3C0195 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
21:09:55.0153 4040 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
21:09:55.0153 4040 [ AB0A8849029B4CE1109BA4E86481AB4F ] C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe
21:09:55.0153 4040 C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe - ok
21:09:55.0153 4040 [ F8F532C7509C3238C9827BAE861A48D7 ] C:\Windows\System32\tquery.dll
21:09:55.0153 4040 C:\Windows\System32\tquery.dll - ok
21:09:55.0153 4040 [ A03B68BC65AEF8E058218CE6DA530477 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
21:09:55.0153 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
21:09:55.0169 4040 [ 89F37FFA37B28807B1E7628BE13664C5 ] C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe
21:09:55.0169 4040 C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe - ok
21:09:55.0169 4040 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
21:09:55.0169 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
21:09:55.0169 4040 [ B9980FCD160D1EC1422B111C74B56DB2 ] C:\Windows\SysWOW64\quartz.dll
21:09:55.0169 4040 C:\Windows\SysWOW64\quartz.dll - ok
21:09:55.0169 4040 [ BEF8BE93965EC65C51D70030B9B6B058 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
21:09:55.0169 4040 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
21:09:55.0184 4040 [ BA4A19DE93FBDFE6DB5F0EBC99732A06 ] C:\Windows\System32\mssrch.dll
21:09:55.0184 4040 C:\Windows\System32\mssrch.dll - ok
21:09:55.0184 4040 [ 7459301D21C2E21468823F73042D9F87 ] C:\Windows\SysWOW64\d3d9.dll
21:09:55.0184 4040 C:\Windows\SysWOW64\d3d9.dll - ok
21:09:55.0184 4040 ============================================================
21:09:55.0184 4040 Scan finished
21:09:55.0184 4040 ============================================================
21:09:55.0184 4032 Detected object count: 0
21:09:55.0184 4032 Actual detected object count: 0

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,672 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:24 AM

Posted 17 October 2012 - 10:41 PM

Hi Kairyn,

Ultimately both Peer to Peer and Spybot are decisions for you to make. During the evaluation and cleaning process it is best if they are taken out of the equation.

I would like to get a deeper look at your Master Boot Record. Please do this for me.


===================================================


xPUD MBR Dump and Driver Scan using USB

--------------------

Try this please. You will need a USB drive with no less than 64 mb of space.

  • Insert your USB drive. Caution: The next step will remove all information from your USB device.
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Download xPUD 0.9.2 iso, saving the file to your Desktop.
  • Download UNetbootin and save it to your Desktop as well.
  • Double click the unetbootin-xpud-windows-581.exe that you just downloaded.
  • Press Run then OK. Note: If you receive the message "You must select a distribution to load" just follow the instructions/image below
  • Select the Diskimage Option then click the Browse Button located on the right side of the textbox field.


    Posted Image

  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download driver.sh to your USB
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?) If it is not there remove the USB device for 5 seconds then reinsert.
  • Confirm that you see driver.sh that you downloaded there
  • Click Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh and press Enter
  • After it has finished a report will be located on your USB device named report.txt
  • Now type bash driver.sh -af and press Enter
  • You will be prompted to input a file name. Please type the following then press Enter:

    Winlogon.exe
  • After the search is completed please type the following then press Enter:

    volsnap.sys
  • After the search is completed please type the following then press Enter:

    explorer.exe
  • After the search is completed please type the following then press Enter:

    Userinit.exe
  • After the search is complete please type Exit and press Enter
  • A report will be located in the USB drive as filefind.txt
  • Now please type the following and press Enter. Makes sure there is a space between the different colors.

    dd if=/dev/sda of=mbr.bin bs=512 count=1
  • After it has finished (within just a few seconds) a file will be located on your USB drive named mbr.bin.
  • Remove the USB drive, insert it back in your working computer
  • Navigate to mbr.bin, zip the file, and attach it to your next reply
  • Copy and paste the contents of report.txt and filefind.txt in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • mbr.zip (attach)
  • report.txt
  • filefind.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 17 October 2012 - 11:06 PM

I am unable to boot from the USB after reformatting and installing xpud-0.9.2.iso to it using unetbootin-xpud-windows-581.exe.

I recieve the prompt

"BOOTMGR IS MISSING
Press Ctrl+Alt+Del to restart."

Upon attempting to boot from USB.

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,672 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:24 AM

Posted 18 October 2012 - 07:39 AM

Hi Kairyn,

Let's try it booting from a CD. Please see below.


===================================================


GET xPUD MBR Dump and Driver Search

--------------------

For this step you will need a USB device and a blank CD. I have provided step by step instructions for this process in order to simplify the detailed task.

  • Download GETxPUD.exe to the desktop of your clean computer
  • Double click the Posted Image icon
  • Click Run
  • Double click the Posted Image folder which should now be on your desktop
  • Double click on Posted Image
  • The program will download xpud_0.9.2.iso, and when it is finished it will open a BurnCDCC window

    Posted Image
  • Click on Start, insert a blank CD when instructed, then click OK
  • When completed, the CD will eject for removal
  • Next download driver.sh to your USB drive
  • Remove the USB & CD and insert both into the infected computer
  • Boot the infected computer with the CD you just burned
  • As the computer boots up gently tap F12 and choose to boot from the CD by using the keyboard arrow keys to highlight CD/DVD and then hit Enter
  • At the first screen select English
  • A Welcome to xPUD screen will appear
  • Press File
  • Under File System on the left hand side click on the triangle symbol to expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB (you should see the driver.sh file)
  • Double click on the folder that represents your USB drive (sdb1 ?).
  • If you do not see the USB device show up, please remove it, wait about 5 seconds, reinsert it, then click on the Refresh icon. It should then be added under mnt
  • On the top bar select Tool then select Open Terminal
  • Type bash driver.sh and press Enter
  • After it has finished a report will be located on your USB device named report.txt
  • Now type bash driver.sh -af and press Enter
  • You will be prompted to input a file name. Please type the following then press Enter:

    Winlogon.exe
  • After the search is completed please type the following then press Enter:

    volsnap.sys
  • After the search is completed please type the following then press Enter:

    explorer.exe
  • After the search is completed please type the following then press Enter:

    Userinit.exe
  • After the search is complete please type Exit and press Enter
  • A report will be located in the USB drive as filefind.txt
  • Now please type the following and press Enter. Makes sure there is a space between the different colors.

    dd if=/dev/sda of=mbr.bin bs=512 count=1
  • After it has finished (within just a few seconds) a file will be located on your USB drive named mbr.bin.
  • Remove the USB drive, insert it back in your working computer
  • Navigate to mbr.bin, zip the file, and attach it to your next reply
  • Copy and paste the contents of report.txt and filefind.txt in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • mbr.zip
  • report.txt
  • filefind.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 18 October 2012 - 10:06 AM

Hi Gary,

I am unfortunately unable to purchase a CD. I literally don't have the financial means to do so. (When I said poor I really meant it, haha.)

Not only that, but if I did have one I wouldn't be able to burn it on a 'clean computer' as the laptop (Which isn't really mine and I have seldom access to) doesn't have a CD drive.

Are there any possible alternatives? IE: Any way to get it working so it'll boot xpud from USB? I initially had my Windows 7 (Which I booted from earlier.. But removed upon formatting it for xpud) on that USB so I know for a fact that it's functioning.

Thanks.

Edited by Kairyn, 18 October 2012 - 10:11 AM.


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,672 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:24 AM

Posted 18 October 2012 - 12:00 PM

Hi Kairyn,

Try the USB steps again but I want you to download this Unetbootin instead.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 18 October 2012 - 03:05 PM

Hi Gary,

Turns out that the issue was caused by formatting to NTFS (D'oh!) I must have had it set off the default (Fat32) from when I had earlier formatted the USB for Windows 7.

I recieve the error

"(EE) no devices detected"
"Fatal Error: no screens found"

A little poking around tells me that Xpud may have some compatibility issues with my videocard/chip. Seeing as my computer has 3, (Onboard, a 'backup card for a second monitor I don't have, and my main one.) I tried to switch between them to see if it would garner any results.

Unfortunately it didn't.

If you have any suggestions they would be appreciated. :)

Thanks.

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,672 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:24 AM

Posted 18 October 2012 - 04:31 PM

Hi Kairyn,

Yes, you are correct. Unfortunately there is potential for an issue with the video card. There is another file we can include which is for cases like this but to be honest I am not sure it will make a difference. Let's try it anyway. This is basically the same instructions but includes the driver.opt, both downloading and moving it into a folder in xPUD.


===================================================


xPUD MBR Dump and Driver Scan using USB With driver.opt

--------------------

Try this please. You will need a USB drive with no less than 64 mb of space.

  • Insert your USB drive. Caution: The next step will remove all information from your USB device
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Download the following 3 files and save them to your desktop

    UNetbootin
    xPUD 0.9.2 iso
    driver.opt
  • Double click the unetbootin-xpud-windows icon
  • Press Run if required
  • Select the Diskimage Option then click the Browse Button located on the right side of the textbox field.


    Posted Image

  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer (you may or may not see this screen)
  • Copy and paste the driver.opt file from your desktop into the opt folder on your USB device
  • Next download driver.sh to your USB
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?) If it is not there remove the USB device for 5 seconds then reinsert.
  • Confirm that you see driver.sh that you downloaded there
  • Click Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh and press Enter
  • After it has finished a report will be located on your USB device named report.txt
  • Now type bash driver.sh -af and press Enter
  • You will be prompted to input a file name. Please type the following then press Enter:

    Winlogon.exe
  • After the search is completed please type the following then press Enter:

    volsnap.sys
  • After the search is completed please type the following then press Enter:

    explorer.exe
  • After the search is completed please type the following then press Enter:

    Userinit.exe
  • After the search is complete please type Exit and press Enter
  • A report will be located in the USB drive as filefind.txt
  • Now please type the following and press Enter. Makes sure there is a space between the different colors.

    dd if=/dev/sda of=mbr.bin bs=512 count=1
  • After it has finished (within just a few seconds) a file will be located on your USB drive named mbr.bin.
  • Remove the USB drive, insert it back in your working computer
  • Navigate to mbr.bin, zip the file, and attach it to your next reply
  • Copy and paste the contents of report.txt and filefind.txt in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • mbr.zip (attach)
  • report.txt
  • filefind.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Kairyn

Kairyn
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:11:24 AM

Posted 18 October 2012 - 04:35 PM

Hi Gary,

I still receive the same error unfortunately. ):




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users