Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Issues with custom built computer


  • Please log in to reply
9 replies to this topic

#1 shywolf91

shywolf91

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 02 July 2013 - 11:09 PM

Specs: Windows 7 64bit OS w/ 16GB RAM.

Recently the dllhost.exe has been using up almost all my physical ram (amount of ram installed is 16GB). When this happens my computer is slow. don't what caused it. Right now (after restarting, runing DDS, task manager/resource monitor, and opening Firefox) my computer has used 5GB out of 16GB. dllhost.exe is using the most. also when I open my computer it takes a long time to load and the left sidebar on the explorer is not showing links.

 

My protection software is Bitdefender sphere 2013 (2-yr key). Should I be using BD or should I use something else? The only thing BD detects is a possible virus from an email in thunderbird, which I think I deleted. I did a clean install in June.

 

I sometimes use my computer as a miner (BTC or LTC) when I am not using it.

 

Yesterday there was a message saying bitcoin-qt had to quit because there was no more memory. This has never happened before.

 

I turn my computer off everynight (is this a good thing?)

 

I also play Ace of spades and minecraft on my computer. I also run mirc for long periods.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16618  BrowserJavaVersion: 10.25.2
Run by shywolf91 at 20:56:00 on 2013-07-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16365.13389 [GMT -7:00]
.
AV: Bitdefender Antivirus *Disabled/Outdated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall *Enabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Gigabyte\ET6\GUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\PerfMon4x\PerfMon.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [PerfMon] C:\Program Files (x86)\PerfMon4x\PerfMon.exe
uRun: [Google Update] "C:\Users\shywolf91\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [HP Photosmart 7520 series (NET)] "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BQ3B0XQ05VV:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [EasyTuneVI] C:\Program Files (x86)\Gigabyte\ET6\ETCall.exe
StartupFolder: C:\Users\SHYWOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Bitcoin.lnk - C:\Program Files (x86)\Bitcoin\bitcoin-qt.exe
StartupFolder: C:\Users\SHYWOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.11.1
TCP: Interfaces\{19483843-DA29-4EFB-B1A7-406077145639} : DHCPNameServer = 192.168.11.1
TCP: Interfaces\{9D9A61D3-790B-4E12-923A-B23397B7E207} : DHCPNameServer = 192.168.11.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
FF - prefs.js: network.proxy.ftp - 119.167.231.183
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 119.167.231.183
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 119.167.231.183
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 119.167.231.183
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\shywolf91\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-6-14 718840]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-6-14 147232]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-6-15 55280]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-6-14 17720]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-6-14 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-6-14 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2013-6-14 76944]
R1 VirtDiskBus;3TB+ Unlock;C:\Windows\System32\drivers\VirtDiskBus64.sys [2013-6-14 66160]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-9 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2013-6-14 68136]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2013-6-14 32544]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-6-14 95184]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-6-14 68856]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-6-14 46136]
R3 AODDriver;AODDriver;C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-3-12 52280]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-6-14 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-6-14 593144]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-7-28 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-7-28 79104]
R3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2013-6-14 30528]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-6-14 565352]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2010-12-3 1105000]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-6-14 82384]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2013-6-14 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan620.sys [2013-6-14 32360]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2013-6-14 48416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-14 1255736]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-6-14 69392]
.
=============== Created Last 30 ================
.
2013-07-01 16:41:17    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Build and Shoot
2013-07-01 16:41:15    --------    d-----w-    C:\Program Files (x86)\Build and Shoot
2013-06-30 23:42:50    867240    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2013-06-30 23:42:47    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-30 02:52:46    --------    d-----w-    C:\Program Files (x86)\SimpleAct
2013-06-29 15:34:15    --------    d-----w-    C:\Program Files (x86)\Bitcoin
2013-06-26 02:00:28    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Bitcoin
2013-06-26 02:00:24    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Armory
2013-06-26 01:56:34    --------    d-----w-    C:\Program Files (x86)\Armory
2013-06-22 18:27:11    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\TeamViewer
2013-06-21 15:35:25    --------    d-----w-    C:\ProgramData\Visan
2013-06-21 15:35:25    --------    d-----w-    C:\ProgramData\HP Photo Creations
2013-06-21 15:35:25    --------    d-----w-    C:\Program Files (x86)\HP Photo Creations
2013-06-21 15:34:25    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\HpUpdate
2013-06-21 15:34:23    741480    ------w-    C:\Windows\System32\HPDiscoPMBC11.dll
2013-06-21 15:32:05    --------    d-----w-    C:\Program Files (x86)\HP
2013-06-21 15:29:37    --------    d-----w-    C:\Program Files\HP
2013-06-21 15:22:48    --------    d-----w-    C:\Users\shywolf91\AppData\Local\HP
2013-06-19 03:35:21    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-06-18 03:35:09    --------    d-----w-    C:\Program Files (x86)\Audacity
2013-06-17 19:24:15    --------    d-----w-    C:\Users\shywolf91\FrostWire
2013-06-17 19:24:12    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\FrostWire
2013-06-17 19:23:33    789416    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-06-17 19:21:43    --------    d-----w-    C:\Program Files (x86)\FrostWire
2013-06-17 04:27:39    --------    d-----w-    C:\Program Files (x86)\Mobipocket.com
2013-06-17 04:27:39    --------    d-----w-    C:\Program Files (x86)\Common Files\Mobipocket Shared
2013-06-17 04:26:31    --------    d-----w-    C:\Users\shywolf91\AppData\Local\webkit
2013-06-17 04:24:41    --------    d-----w-    C:\Users\shywolf91\.kindle
2013-06-17 04:23:44    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Amazon
2013-06-17 03:36:35    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\DuckLink
2013-06-17 03:36:31    --------    d-----w-    C:\Program Files (x86)\DuckLink
2013-06-16 16:32:57    --------    d-----w-    C:\Program Files (x86)\VideoLAN
2013-06-16 05:04:45    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2013-06-16 05:04:45    785512    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2013-06-16 05:04:45    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2013-06-16 05:04:45    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-06-16 04:59:34    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2013-06-16 04:59:34    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2013-06-16 04:59:34    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2013-06-16 04:59:34    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2013-06-16 04:59:33    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2013-06-16 04:59:33    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2013-06-16 04:59:33    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2013-06-16 03:42:09    17018248    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-16 03:17:15    --------    d-----w-    C:\Users\shywolf91\AppData\Local\TechSmith
2013-06-16 03:16:24    --------    d-----w-    C:\Windows\SysWow64\QuickTime
2013-06-16 03:16:05    --------    d-----w-    C:\Program Files (x86)\Common Files\TechSmith Shared
2013-06-16 03:01:14    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-16 03:01:14    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-16 02:55:00    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Sublime Text 2
2013-06-16 02:54:38    --------    d-----w-    C:\Program Files\Sublime Text 2
2013-06-15 22:14:44    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\KDPublishingPro
2013-06-15 22:14:27    --------    d-----w-    C:\Program Files (x86)\KDPublishingPro.com
2013-06-15 21:56:56    950128    ----a-w-    C:\Windows\System32\drivers\ndis.sys
2013-06-15 21:55:59    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-06-15 21:00:43    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\UBot Studio
2013-06-15 20:53:12    245408    ----a-w-    C:\Windows\SysWow64\unicows.dll
2013-06-15 20:53:11    --------    d-----w-    C:\Program Files (x86)\PerfMon4x
2013-06-15 16:58:34    --------    d-----w-    C:\Program Files (x86)\x264vfw
2013-06-15 16:58:27    --------    d-----w-    C:\Program Files\x264vfw64
2013-06-15 16:57:16    --------    d-----w-    C:\Users\shywolf91\AppData\Local\VisualBeeClient
2013-06-15 16:57:07    --------    d-----w-    C:\Users\shywolf91\AppData\Local\VisualBeeExe
2013-06-15 16:57:01    --------    d-----w-    C:\ProgramData\VisualBee
2013-06-15 16:56:25    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Foxit Software
2013-06-15 16:56:25    --------    d-----w-    C:\Program Files (x86)\Foxit Software
2013-06-15 16:53:14    --------    d-----w-    C:\Program Files (x86)\Cisco
2013-06-15 16:52:01    451072    ----a-w-    C:\Windows\SysWow64\ISSRemoveSP.exe
2013-06-15 16:52:01    --------    d-----w-    C:\Program Files (x86)\ENCORE Wireless LAN Driver - PCIE Adapter
2013-06-15 16:39:36    --------    d-----w-    C:\Dxtory
2013-06-15 16:38:36    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\PACE Anti-Piracy
2013-06-15 16:38:36    --------    d-----w-    C:\Users\shywolf91\AppData\Local\PACE Anti-Piracy
2013-06-15 16:38:36    --------    d-----w-    C:\ProgramData\PACE Anti-Piracy
2013-06-15 16:38:31    --------    d-----w-    C:\ProgramData\regid.1986-12.com.adobe
2013-06-15 16:34:50    --------    d-----w-    C:\Program Files (x86)\Adobe Story
2013-06-15 16:34:18    55280    ------w-    C:\Windows\System32\drivers\PxHlpa64.sys
2013-06-15 16:34:18    10224    ------w-    C:\Windows\System32\drivers\cdralw2k.sys
2013-06-15 16:34:18    10224    ------w-    C:\Windows\System32\drivers\cdr4_xp.sys
2013-06-15 16:34:18    --------    d-----w-    C:\Program Files (x86)\My Company Name
2013-06-15 16:34:18    --------    d-----w-    C:\Program Files (x86)\Common Files\Sonic Shared
2013-06-15 16:34:18    --------    d-----w-    C:\Program Files (x86)\Common Files\PX Storage Engine
2013-06-15 16:25:38    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Adobe
2013-06-15 03:24:28    80384    ----a-w-    C:\Windows\System32\drivers\BTHUSB.SYS
2013-06-15 03:16:19    32600    ----a-w-    C:\Windows\System32\SmartDefragBootTime.exe
2013-06-15 03:16:13    --------    d-----w-    C:\ProgramData\IObit
2013-06-15 03:15:55    17720    ----a-w-    C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-06-15 03:15:55    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\IObit
2013-06-15 03:15:51    --------    d-----w-    C:\Program Files (x86)\IObit
2013-06-15 03:13:48    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Dxtory Software
2013-06-15 03:13:43    8043008    ----a-w-    C:\Windows\System32\DxtoryCodec.dll
2013-06-15 03:13:42    8300544    ----a-w-    C:\Windows\SysWow64\DxtoryCodec.dll
2013-06-15 03:13:39    --------    d-----w-    C:\Program Files (x86)\Dxtory Software
2013-06-15 03:08:58    --------    d-----w-    C:\Windows\AutoKMS
2013-06-15 03:03:03    --------    d-----w-    C:\Program Files\Microsoft Synchronization Services
2013-06-15 03:02:52    --------    d-----w-    C:\Windows\PCHEALTH
2013-06-15 03:02:52    --------    d-----w-    C:\Program Files\Microsoft SQL Server Compact Edition
2013-06-15 03:01:33    --------    d-----w-    C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-15 03:01:07    --------    d-----w-    C:\Program Files\Microsoft Analysis Services
2013-06-15 03:01:07    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2013-06-15 03:01:00    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Microsoft Help
2013-06-15 02:58:09    --------    d-----w-    C:\Program Files\Paint.NET
2013-06-15 02:56:39    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Paint.NET
2013-06-15 02:54:10    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Programs
2013-06-15 02:52:29    --------    d-----w-    C:\Ace of Spades
2013-06-15 01:54:52    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\.minecraft
2013-06-15 01:49:11    971680    ----a-w-    C:\Windows\System32\deployJava1.dll
2013-06-15 01:49:11    1092512    ----a-w-    C:\Windows\System32\npDeployJava1.dll
2013-06-15 01:49:08    108448    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-15 01:43:04    --------    d-----w-    C:\Program Files\CCleaner
2013-06-15 01:42:46    --------    d-----w-    C:\Users\shywolf91\AppData\Local\gmvault
2013-06-15 01:37:52    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Google
2013-06-15 00:34:50    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\mIRC
2013-06-15 00:34:50    --------    d-----w-    C:\Program Files (x86)\mIRC
2013-06-14 23:36:43    32699904    ----a-w-    C:\Windows\System32\imageres.dll
2013-06-14 23:35:39    --------    d-----w-    C:\ProgramData\Stardock
2013-06-14 23:35:36    --------    d-----w-    C:\Program Files (x86)\Stardock
2013-06-14 23:28:38    25640    ----a-w-    C:\Windows\gdrv.sys
2013-06-14 21:36:41    --------    d-----w-    C:\Windows\SysWow64\Wat
2013-06-14 21:36:40    --------    d-----w-    C:\Windows\System32\Wat
2013-06-14 15:58:53    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 15:53:17    70656    ----a-w-    C:\Windows\SysWow64\fontsub.dll
2013-06-14 15:53:17    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2013-06-14 15:53:17    367616    ----a-w-    C:\Windows\System32\atmfd.dll
2013-06-14 15:53:17    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2013-06-14 15:53:17    295424    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2013-06-14 15:53:17    100864    ----a-w-    C:\Windows\System32\fontsub.dll
2013-06-14 15:51:11    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-06-14 15:51:11    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2013-06-14 15:51:11    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-06-14 15:51:10    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2013-06-14 15:51:10    5120    ----a-w-    C:\Windows\System32\wmi.dll
2013-06-14 14:59:57    288768    ----a-w-    C:\Windows\System32\drivers\mrxsmb10.sys
2013-06-14 14:58:57    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2013-06-14 14:56:34    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Thunderbird
2013-06-14 14:54:19    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Mozilla
2013-06-14 14:53:50    --------    d-----w-    C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-14 14:53:32    --------    d-----w-    C:\Program Files\Waterfox
2013-06-14 14:52:54    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Waterfox Limited
2013-06-14 14:50:40    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Deployment
2013-06-14 14:50:40    --------    d-----w-    C:\Users\shywolf91\AppData\Local\Apps
2013-06-14 14:48:52    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2013-06-14 14:48:52    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2013-06-14 14:48:52    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2013-06-14 14:48:12    550350    ----a-w-    C:\ProgramData\1371221097.bdinstall.bin
2013-06-14 14:47:29    --------    d-----w-    C:\ProgramData\BDLogging
2013-06-14 14:47:25    93600    ----a-w-    C:\Windows\System32\drivers\BdfNdisf6.sys
2013-06-14 14:47:25    82384    ----a-w-    C:\Windows\System32\drivers\bdsandbox.sys
2013-06-14 14:47:25    76944    ----a-w-    C:\Windows\System32\drivers\bdvedisk.sys
2013-06-14 14:47:25    511328    ----a-w-    C:\Windows\capicom.dll
2013-06-14 14:47:22    718840    ----a-w-    C:\Windows\System32\drivers\avc3.sys
2013-06-14 14:47:22    593144    ----a-w-    C:\Windows\System32\drivers\avckf.sys
2013-06-14 14:47:22    261056    ----a-w-    C:\Windows\System32\drivers\avchv.sys
2013-06-14 14:46:49    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\Bitdefender
2013-06-14 14:46:47    --------    d-----w-    C:\ProgramData\Bitdefender
2013-06-14 14:45:56    --------    d-----w-    C:\Users\shywolf91\AppData\Roaming\QuickScan
2013-06-14 14:45:37    147232    ----a-w-    C:\Windows\System32\drivers\gzflt.sys
2013-06-14 14:45:36    382536    ----a-w-    C:\Windows\System32\drivers\trufos.sys
2013-06-14 14:45:36    --------    d-----w-    C:\Program Files\Bitdefender
2013-06-14 14:45:09    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2013-06-14 14:45:04    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2013-06-14 14:44:56    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2013-06-14 14:44:56    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2013-06-14 14:44:50    --------    d-----w-    C:\Program Files\Common Files\Bitdefender
2013-06-14 14:34:10    --------    d-----w-    C:\Users\shywolf91\AppData\Local\AMD
2013-06-14 14:34:00    --------    d-----w-    C:\Users\shywolf91\AppData\Local\ATI
2013-06-14 14:33:37    0    ----a-w-    C:\Windows\ativpsrm.bin
2013-06-14 14:31:38    --------    d-----w-    C:\Program Files (x86)\AMD APP
2013-06-14 14:31:29    --------    d-----w-    C:\Program Files (x86)\Common Files\ATI Technologies
2013-06-14 14:30:51    46136    ----a-w-    C:\Windows\System32\drivers\amdiox64.sys
2013-06-14 14:30:51    --------    d-----w-    C:\ProgramData\AMD
2013-06-14 14:30:45    --------    d-----w-    C:\Program Files\Common Files\ATI Technologies
2013-06-14 14:30:37    58880    ----a-w-    C:\Windows\System32\coinst.dll
2013-06-14 14:30:36    466944    ----a-w-    C:\Windows\System32\ATIDEMGX.dll
2013-06-14 14:30:08    --------    d-----w-    C:\Program Files (x86)\ATI Technologies
2013-06-14 14:29:38    --------    d-----w-    C:\Program Files\ATI
2013-06-14 14:28:26    --------    d-----w-    C:\Program Files\ATI Technologies
2013-06-14 14:26:14    30528    ----a-w-    C:\Windows\GVTDrv64.sys
2013-06-14 14:24:34    66160    ----a-w-    C:\Windows\System32\drivers\VirtDiskBus64.sys
2013-06-14 14:24:34    1721576    ----a-w-    C:\Windows\System32\WdfCoInstaller01009.dll
2013-06-14 14:23:53    48416    ----a-r-    C:\Windows\System32\drivers\RtTeam60.sys
2013-06-14 14:23:51    32360    ----a-r-    C:\Windows\System32\drivers\RtVlan620.sys
2013-06-14 14:23:49    32544    ----a-r-    C:\Windows\System32\drivers\RtNdPt60.sys
2013-06-14 14:20:50    --------    d-----w-    C:\Program Files (x86)\AMD
2013-06-14 14:20:06    --------    d-----w-    C:\Program Files (x86)\Etron Technology
2013-06-14 14:18:24    565352    ----a-w-    C:\Windows\System32\drivers\Rt64win7.sys
2013-06-14 14:18:23    74272    ----a-w-    C:\Windows\System32\RtNicProp64.dll
2013-06-14 14:18:23    107552    ----a-w-    C:\Windows\System32\RTNUninst64.dll
2013-06-14 14:14:26    --------    d-----w-    C:\Program Files (x86)\Dolby Home Theater v4
2013-06-14 14:14:24    --------    d-sh--w-    C:\Windows\Installer
2013-06-14 14:14:00    --------    d-----w-    C:\Windows\SysWow64\RTCOM
2013-06-14 14:14:00    --------    d-----w-    C:\Program Files\Realtek
2013-06-14 14:12:36    --------    d-----w-    C:\Program Files (x86)\Gigabyte
2013-06-14 14:12:24    63488    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2013-06-14 14:12:24    32768    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-06-14 14:12:24    274432    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-06-14 14:12:24    184320    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-06-14 14:12:23    753664    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-06-14 14:12:23    69714    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-06-14 14:12:23    5632    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-06-14 14:12:23    331908    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-06-14 14:12:23    200836    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-06-14 05:56:35    --------    d-----w-    C:\Windows\Panther
.
==================== Find3M  ====================
.
2013-06-14 15:58:53    9728    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 05:51:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-05-13 04:45:55    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-04-26 05:51:36    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23    135168    ----a-w-    C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19    350208    ----a-w-    C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19    308736    ----a-w-    C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19    111104    ----a-w-    C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16    474624    ----a-w-    C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15    2176512    ----a-w-    C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53    983400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50    3153920    ----a-w-    C:\Windows\System32\win32k.sys
.
============= FINISH: 20:56:32.99 ===============
 

Attached Files


Edited by shywolf91, 02 July 2013 - 11:18 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:54 PM

Posted 07 July 2013 - 11:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/499963 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:54 PM

Posted 07 July 2013 - 11:27 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!


#4 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:05:54 PM

Posted 08 July 2013 - 06:58 PM

This topic has been re-opened at the request of the person who originally posted.

#5 shywolf91

shywolf91
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 08 July 2013 - 07:51 PM

 

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

 

 

Okay the problem is back. I will also attach images of some issues. My security software is bitdefender sphere 2013 (AV, firewall, etc)

 

STEPS (What I did today):

1. Turn on computer (turn on PSU and press power button)

2.Login 

3.Open chrome (sometimes after a few min)

4.run dds

RAM used: ~10 GB of my 16GB

 

dllhost.exe is using most of the ram and cpu according to taskmanager and resource monitor. 

 

I do have my windows 7 home premium 64-bit OEM install disc.

 

log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16618  BrowserJavaVersion: 10.25.2
Run by shywolf91 at 17:39:42 on 2013-07-08
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16365.4908 [GMT -7:00]
.
AV: Bitdefender Antivirus *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antispyware *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
C:\Program Files (x86)\Gigabyte\ET6\GUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\PerfMon4x\PerfMon.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\shywolf91\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [PerfMon] C:\Program Files (x86)\PerfMon4x\PerfMon.exe
uRun: [HP Photosmart 7520 series (NET)] "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BQ3B0XQ05VV:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Google Update] "C:\Users\shywolf91\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [EasyTuneVI] C:\Program Files (x86)\Gigabyte\ET6\ETCall.exe
StartupFolder: C:\Users\SHYWOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.11.1
TCP: Interfaces\{19483843-DA29-4EFB-B1A7-406077145639} : DHCPNameServer = 192.168.11.1
TCP: Interfaces\{9D9A61D3-790B-4E12-923A-B23397B7E207} : DHCPNameServer = 192.168.11.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
FF - prefs.js: network.proxy.ftp - 119.167.231.183
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 119.167.231.183
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 119.167.231.183
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 119.167.231.183
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\shywolf91\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-6-14 718840]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-6-14 147232]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-6-15 55280]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-6-14 17720]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-6-14 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-6-14 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2013-6-14 76944]
R1 VirtDiskBus;3TB+ Unlock;C:\Windows\System32\drivers\VirtDiskBus64.sys [2013-6-14 66160]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-9 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2013-6-14 68136]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2013-6-14 32544]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-6-14 95184]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-6-14 68856]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-6-14 46136]
R3 AODDriver;AODDriver;C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-3-12 52280]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-6-14 261056]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-7-28 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-7-28 79104]
R3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2013-6-14 30528]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-6-14 593144]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-6-14 82384]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-6-14 565352]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2010-12-3 1105000]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2013-6-14 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan620.sys [2013-6-14 32360]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2013-6-14 48416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-14 1255736]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-6-14 69392]
.
=============== Created Last 30 ================
.
2013-07-08 20:19:35 -------- d-----w- C:\ProgramData\IsolatedStorage
2013-07-08 20:07:41 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\uTorrent
2013-07-03 22:57:05 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-07-03 22:57:04 -------- d-----w- C:\Program Files (x86)\Steam
2013-07-03 14:11:58 -------- d-sh--w- C:\found.000
2013-07-03 04:22:38 -------- d-----w- C:\Stinger_Quarantine
2013-07-03 04:22:33 -------- d-----w- C:\Program Files\stinger
2013-07-03 04:21:53 -------- d-----w- C:\Program Files (x86)\stinger
2013-07-01 16:41:17 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Build and Shoot
2013-07-01 16:41:15 -------- d-----w- C:\Program Files (x86)\Build and Shoot
2013-06-30 23:42:50 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-30 23:42:47 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-30 02:52:46 -------- d-----w- C:\Program Files (x86)\SimpleAct
2013-06-29 15:34:15 -------- d-----w- C:\Program Files (x86)\Bitcoin
2013-06-26 02:00:28 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Bitcoin
2013-06-26 02:00:24 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Armory
2013-06-26 01:56:34 -------- d-----w- C:\Program Files (x86)\Armory
2013-06-23 16:59:40 -------- d-----w- C:\Users\shywolf91\AppData\Local\Macromedia
2013-06-22 18:27:11 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\TeamViewer
2013-06-21 15:35:25 -------- d-----w- C:\ProgramData\Visan
2013-06-21 15:35:25 -------- d-----w- C:\ProgramData\HP Photo Creations
2013-06-21 15:35:25 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2013-06-21 15:34:25 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\HpUpdate
2013-06-21 15:34:23 741480 ------w- C:\Windows\System32\HPDiscoPMBC11.dll
2013-06-21 15:32:05 -------- d-----w- C:\Program Files (x86)\HP
2013-06-21 15:29:37 -------- d-----w- C:\Program Files\HP
2013-06-21 15:22:48 -------- d-----w- C:\Users\shywolf91\AppData\Local\HP
2013-06-19 03:35:21 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-06-18 03:35:09 -------- d-----w- C:\Program Files (x86)\Audacity
2013-06-17 19:24:15 -------- d-----w- C:\Users\shywolf91\FrostWire
2013-06-17 19:24:12 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\FrostWire
2013-06-17 19:23:33 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-17 19:21:43 -------- d-----w- C:\Program Files (x86)\FrostWire
2013-06-17 04:27:39 -------- d-----w- C:\Program Files (x86)\Mobipocket.com
2013-06-17 04:27:39 -------- d-----w- C:\Program Files (x86)\Common Files\Mobipocket Shared
2013-06-17 04:26:31 -------- d-----w- C:\Users\shywolf91\AppData\Local\webkit
2013-06-17 04:24:41 -------- d-----w- C:\Users\shywolf91\.kindle
2013-06-17 04:23:44 -------- d-----w- C:\Users\shywolf91\AppData\Local\Amazon
2013-06-17 03:36:35 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\DuckLink
2013-06-17 03:36:31 -------- d-----w- C:\Program Files (x86)\DuckLink
2013-06-16 16:32:57 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-06-16 05:04:45 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-06-16 05:04:45 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-06-16 05:04:45 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-06-16 05:04:45 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-06-16 04:59:34 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-06-16 04:59:34 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-06-16 04:59:34 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-06-16 04:59:34 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-06-16 04:59:33 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-06-16 04:59:33 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-06-16 04:59:33 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-06-16 03:42:09 17018248 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-16 03:17:15 -------- d-----w- C:\Users\shywolf91\AppData\Local\TechSmith
2013-06-16 03:16:24 -------- d-----w- C:\Windows\SysWow64\QuickTime
2013-06-16 03:16:05 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared
2013-06-16 03:01:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-16 03:01:14 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-16 02:55:00 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Sublime Text 2
2013-06-16 02:54:38 -------- d-----w- C:\Program Files\Sublime Text 2
2013-06-15 22:14:44 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\KDPublishingPro
2013-06-15 22:14:27 -------- d-----w- C:\Program Files (x86)\KDPublishingPro.com
2013-06-15 21:56:56 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-06-15 21:55:59 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-15 21:00:43 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\UBot Studio
2013-06-15 20:53:12 245408 ----a-w- C:\Windows\SysWow64\unicows.dll
2013-06-15 20:53:11 -------- d-----w- C:\Program Files (x86)\PerfMon4x
2013-06-15 16:58:34 -------- d-----w- C:\Program Files (x86)\x264vfw
2013-06-15 16:58:27 -------- d-----w- C:\Program Files\x264vfw64
2013-06-15 16:57:16 -------- d-----w- C:\Users\shywolf91\AppData\Local\VisualBeeClient
2013-06-15 16:57:07 -------- d-----w- C:\Users\shywolf91\AppData\Local\VisualBeeExe
2013-06-15 16:57:01 -------- d-----w- C:\ProgramData\VisualBee
2013-06-15 16:56:25 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Foxit Software
2013-06-15 16:56:25 -------- d-----w- C:\Program Files (x86)\Foxit Software
2013-06-15 16:53:14 -------- d-----w- C:\Program Files (x86)\Cisco
2013-06-15 16:52:01 451072 ----a-w- C:\Windows\SysWow64\ISSRemoveSP.exe
2013-06-15 16:52:01 -------- d-----w- C:\Program Files (x86)\ENCORE Wireless LAN Driver - PCIE Adapter
2013-06-15 16:39:36 -------- d-----w- C:\Dxtory
2013-06-15 16:38:36 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\PACE Anti-Piracy
2013-06-15 16:38:36 -------- d-----w- C:\Users\shywolf91\AppData\Local\PACE Anti-Piracy
2013-06-15 16:38:36 -------- d-----w- C:\ProgramData\PACE Anti-Piracy
2013-06-15 16:38:31 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-06-15 16:34:50 -------- d-----w- C:\Program Files (x86)\Adobe Story
2013-06-15 16:34:18 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2013-06-15 16:34:18 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2013-06-15 16:34:18 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2013-06-15 16:34:18 -------- d-----w- C:\Program Files (x86)\My Company Name
2013-06-15 16:34:18 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2013-06-15 16:34:18 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2013-06-15 16:25:38 -------- d-----w- C:\Users\shywolf91\AppData\Local\Adobe
2013-06-15 03:24:28 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2013-06-15 03:16:19 32600 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2013-06-15 03:16:13 -------- d-----w- C:\ProgramData\IObit
2013-06-15 03:15:55 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-06-15 03:15:55 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\IObit
2013-06-15 03:15:51 -------- d-----w- C:\Program Files (x86)\IObit
2013-06-15 03:13:48 -------- d-----w- C:\Users\shywolf91\AppData\Local\Dxtory Software
2013-06-15 03:13:43 8043008 ----a-w- C:\Windows\System32\DxtoryCodec.dll
2013-06-15 03:13:42 8300544 ----a-w- C:\Windows\SysWow64\DxtoryCodec.dll
2013-06-15 03:13:39 -------- d-----w- C:\Program Files (x86)\Dxtory Software
2013-06-15 03:08:58 -------- d-----w- C:\Windows\AutoKMS
2013-06-15 03:03:03 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2013-06-15 03:02:52 -------- d-----w- C:\Windows\PCHEALTH
2013-06-15 03:02:52 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2013-06-15 03:01:33 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-15 03:01:07 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-06-15 03:01:07 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-06-15 03:01:00 -------- d-----w- C:\Users\shywolf91\AppData\Local\Microsoft Help
2013-06-15 02:58:09 -------- d-----w- C:\Program Files\Paint.NET
2013-06-15 02:56:39 -------- d-----w- C:\Users\shywolf91\AppData\Local\Paint.NET
2013-06-15 02:54:10 -------- d-----w- C:\Users\shywolf91\AppData\Local\Programs
2013-06-15 02:52:29 -------- d-----w- C:\Ace of Spades
2013-06-15 01:54:52 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\.minecraft
2013-06-15 01:49:11 971680 ----a-w- C:\Windows\System32\deployJava1.dll
2013-06-15 01:49:11 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-06-15 01:49:08 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-15 01:43:04 -------- d-----w- C:\Program Files\CCleaner
2013-06-15 01:42:46 -------- d-----w- C:\Users\shywolf91\AppData\Local\gmvault
2013-06-15 01:37:52 -------- d-----w- C:\Users\shywolf91\AppData\Local\Google
2013-06-15 00:34:50 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\mIRC
2013-06-15 00:34:50 -------- d-----w- C:\Program Files (x86)\mIRC
2013-06-14 23:36:43 32699904 ----a-w- C:\Windows\System32\imageres.dll
2013-06-14 23:35:39 -------- d-----w- C:\ProgramData\Stardock
2013-06-14 23:35:36 -------- d-----w- C:\Program Files (x86)\Stardock
2013-06-14 23:28:38 25640 ----a-w- C:\Windows\gdrv.sys
2013-06-14 21:36:41 -------- d-----w- C:\Windows\SysWow64\Wat
2013-06-14 21:36:40 -------- d-----w- C:\Windows\System32\Wat
2013-06-14 15:58:53 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 15:53:17 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-06-14 15:53:17 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-06-14 15:53:17 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-06-14 15:53:17 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-06-14 15:53:17 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-06-14 15:53:17 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-06-14 15:51:11 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-06-14 15:51:11 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-06-14 15:51:11 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-06-14 15:51:10 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-06-14 15:51:10 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-06-14 14:59:57 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2013-06-14 14:58:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-06-14 14:56:34 -------- d-----w- C:\Users\shywolf91\AppData\Local\Thunderbird
2013-06-14 14:54:19 -------- d-----w- C:\Users\shywolf91\AppData\Local\Mozilla
2013-06-14 14:53:50 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-14 14:53:32 -------- d-----w- C:\Program Files\Waterfox
2013-06-14 14:52:54 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Waterfox Limited
2013-06-14 14:50:40 -------- d-----w- C:\Users\shywolf91\AppData\Local\Deployment
2013-06-14 14:50:40 -------- d-----w- C:\Users\shywolf91\AppData\Local\Apps
2013-06-14 14:48:52 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-06-14 14:48:52 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-06-14 14:48:52 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-06-14 14:48:12 550350 ----a-w- C:\ProgramData\1371221097.bdinstall.bin
2013-06-14 14:47:29 -------- d-----w- C:\ProgramData\BDLogging
2013-06-14 14:47:25 93600 ----a-w- C:\Windows\System32\drivers\BdfNdisf6.sys
2013-06-14 14:47:25 82384 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2013-06-14 14:47:25 76944 ----a-w- C:\Windows\System32\drivers\bdvedisk.sys
2013-06-14 14:47:25 511328 ----a-w- C:\Windows\capicom.dll
2013-06-14 14:47:22 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-06-14 14:47:22 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-06-14 14:47:22 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2013-06-14 14:46:49 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\Bitdefender
2013-06-14 14:46:47 -------- d-----w- C:\ProgramData\Bitdefender
2013-06-14 14:45:56 -------- d-----w- C:\Users\shywolf91\AppData\Roaming\QuickScan
2013-06-14 14:45:37 147232 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2013-06-14 14:45:36 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-06-14 14:45:36 -------- d-----w- C:\Program Files\Bitdefender
2013-06-14 14:45:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-06-14 14:45:04 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-06-14 14:44:56 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-06-14 14:44:56 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-06-14 14:44:50 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2013-06-14 14:34:10 -------- d-----w- C:\Users\shywolf91\AppData\Local\AMD
2013-06-14 14:34:00 -------- d-----w- C:\Users\shywolf91\AppData\Local\ATI
2013-06-14 14:33:37 0 ----a-w- C:\Windows\ativpsrm.bin
2013-06-14 14:31:38 -------- d-----w- C:\Program Files (x86)\AMD APP
2013-06-14 14:31:29 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2013-06-14 14:30:51 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2013-06-14 14:30:51 -------- d-----w- C:\ProgramData\AMD
2013-06-14 14:30:45 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2013-06-14 14:30:37 58880 ----a-w- C:\Windows\System32\coinst.dll
2013-06-14 14:30:36 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2013-06-14 14:30:08 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2013-06-14 14:29:38 -------- d-----w- C:\Program Files\ATI
2013-06-14 14:28:26 -------- d-----w- C:\Program Files\ATI Technologies
2013-06-14 14:26:14 30528 ----a-w- C:\Windows\GVTDrv64.sys
2013-06-14 14:24:34 66160 ----a-w- C:\Windows\System32\drivers\VirtDiskBus64.sys
2013-06-14 14:24:34 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-06-14 14:23:53 48416 ----a-r- C:\Windows\System32\drivers\RtTeam60.sys
2013-06-14 14:23:51 32360 ----a-r- C:\Windows\System32\drivers\RtVlan620.sys
2013-06-14 14:23:49 32544 ----a-r- C:\Windows\System32\drivers\RtNdPt60.sys
2013-06-14 14:20:50 -------- d-----w- C:\Program Files (x86)\AMD
2013-06-14 14:20:06 -------- d-----w- C:\Program Files (x86)\Etron Technology
2013-06-14 14:18:24 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-06-14 14:18:23 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-06-14 14:18:23 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-06-14 14:14:26 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4
2013-06-14 14:14:24 -------- d-sh--w- C:\Windows\Installer
2013-06-14 14:14:00 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-06-14 14:14:00 -------- d-----w- C:\Program Files\Realtek
2013-06-14 14:12:36 -------- d-----w- C:\Program Files (x86)\Gigabyte
2013-06-14 14:12:24 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2013-06-14 14:12:24 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-06-14 14:12:24 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-06-14 14:12:24 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-06-14 14:12:23 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-06-14 14:12:23 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-06-14 14:12:23 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-06-14 14:12:23 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-06-14 14:12:23 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-06-14 05:56:35 -------- d-----w- C:\Windows\Panther
.
==================== Find3M  ====================
.
2013-06-14 15:58:53 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 17:40:06.31 ===============

Attached Files


Edited by shywolf91, 08 July 2013 - 07:52 PM.


#6 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:54 AM

Posted 10 July 2013 - 04:33 PM

Hello and welcome to BleepingComputer. I am The Dark Knight and will be assisting you. Please ask questions if anything is unclear. :welcome:

 

My apologies for the long wait.

Please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#7 shywolf91

shywolf91
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 10 July 2013 - 05:41 PM

ComboFix 13-07-09.01 - shywolf91 07/10/2013  15:35:17.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16365.10269 [GMT -7:00]
Running from: c:\users\shywolf91\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Antispyware *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-06-10 to 2013-07-10  )))))))))))))))))))))))))))))))
.
.
2013-07-10 22:38 . 2013-07-10 22:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-09 18:57 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-09 18:56 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-09 18:56 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-08 20:19 . 2013-07-08 20:19 -------- d-----w- c:\programdata\IsolatedStorage
2013-07-03 22:57 . 2013-07-10 20:30 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-07-03 22:57 . 2013-07-10 22:18 -------- d-----w- c:\program files (x86)\Steam
2013-07-03 14:11 . 2013-07-03 14:11 -------- d-----w- C:\found.000
2013-07-03 04:22 . 2013-07-03 04:22 -------- d-----w- C:\Stinger_Quarantine
2013-07-03 04:22 . 2013-07-03 05:31 -------- d-----w- c:\program files\stinger
2013-07-03 04:21 . 2013-07-03 04:22 -------- d-----w- c:\program files (x86)\stinger
2013-07-01 16:41 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\Build and Shoot
2013-06-30 23:42 . 2013-06-30 23:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-30 23:42 . 2013-06-30 23:42 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-30 23:42 . 2013-06-30 23:42 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-30 23:42 . 2013-06-30 23:42 -------- d-----w- c:\program files (x86)\Java
2013-06-30 23:41 . 2013-06-30 23:41 -------- d-----w- c:\programdata\McAfee
2013-06-30 02:52 . 2013-06-30 02:52 -------- d-----w- c:\program files (x86)\SimpleAct
2013-06-29 15:34 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\Bitcoin
2013-06-26 01:56 . 2013-06-26 01:56 -------- d-----w- c:\program files (x86)\Armory
2013-06-21 15:35 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\HP Photo Creations
2013-06-21 15:35 . 2013-07-10 20:14 -------- d-----w- c:\programdata\HP Photo Creations
2013-06-21 15:35 . 2013-06-21 15:35 -------- d-----w- c:\programdata\Visan
2013-06-21 15:34 . 2012-10-17 11:31 741480 ------w- c:\windows\system32\HPDiscoPMBC11.dll
2013-06-21 15:32 . 2013-06-21 15:32 -------- d-----w- c:\programdata\HP
2013-06-21 15:32 . 2013-06-21 15:34 -------- d-----w- c:\program files (x86)\HP
2013-06-21 15:29 . 2013-06-21 15:29 -------- d-----w- c:\program files\HP
2013-06-19 05:37 . 2013-06-19 05:37 -------- d-----w- c:\program files (x86)\Common Files\logishrd
2013-06-19 05:37 . 2013-06-19 05:37 -------- d-----w- c:\program files\Common Files\logishrd
2013-06-18 03:35 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\Audacity
2013-06-17 19:23 . 2013-06-30 23:42 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-17 19:21 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\FrostWire
2013-06-17 04:27 . 2013-06-17 04:27 -------- d-----w- c:\program files (x86)\Mobipocket.com
2013-06-17 04:27 . 2013-06-17 04:27 -------- d-----w- c:\program files (x86)\Common Files\Mobipocket Shared
2013-06-17 03:36 . 2013-06-17 03:36 -------- d-----w- c:\program files (x86)\DuckLink
2013-06-16 16:32 . 2013-06-16 16:32 -------- d-----w- c:\program files (x86)\VideoLAN
2013-06-16 05:04 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-06-16 05:04 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-06-16 05:04 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-06-16 05:04 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-06-16 04:59 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-06-16 04:59 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-06-16 04:59 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-06-16 04:59 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-06-16 04:59 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-06-16 04:59 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-06-16 04:59 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-06-16 04:57 . 2013-06-16 04:57 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-06-16 03:42 . 2013-06-16 03:42 17018248 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-16 03:16 . 2013-06-16 03:16 -------- d-----w- c:\windows\SysWow64\QuickTime
2013-06-16 03:16 . 2013-06-16 03:16 -------- d-----w- c:\program files (x86)\QuickTime
2013-06-16 03:16 . 2013-06-16 03:16 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
2013-06-16 03:16 . 2013-06-16 03:16 -------- d-----w- c:\programdata\TechSmith
2013-06-16 03:16 . 2013-06-16 03:16 -------- d-----w- c:\program files (x86)\TechSmith
2013-06-16 03:01 . 2013-06-16 03:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-16 03:01 . 2013-06-16 03:42 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-16 03:01 . 2013-06-16 03:01 -------- d-----w- c:\windows\system32\Macromed
2013-06-16 02:54 . 2013-07-10 20:14 -------- d-----w- c:\program files\Sublime Text 2
2013-06-15 22:14 . 2013-06-15 22:14 -------- d-----w- c:\program files (x86)\KDPublishingPro.com
2013-06-15 21:56 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-06-15 21:55 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-15 20:53 . 2003-04-21 22:09 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2013-06-15 20:53 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\PerfMon4x
2013-06-15 16:59 . 2013-07-09 19:54 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-15 16:58 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\x264vfw
2013-06-15 16:58 . 2013-07-10 20:14 -------- d-----w- c:\program files\x264vfw64
2013-06-15 16:57 . 2013-06-15 16:57 -------- d-----w- c:\programdata\VisualBee
2013-06-15 16:56 . 2013-06-15 16:56 -------- d-----w- c:\program files (x86)\Foxit Software
2013-06-15 16:53 . 2013-06-15 16:53 -------- d-----w- c:\program files (x86)\Cisco
2013-06-15 16:52 . 2013-06-15 16:53 -------- d-----w- c:\program files (x86)\ENCORE Wireless LAN Driver - PCIE Adapter
2013-06-15 16:52 . 2009-02-05 09:49 451072 ----a-w- c:\windows\SysWow64\ISSRemoveSP.exe
2013-06-15 16:39 . 2013-07-08 01:54 -------- d-----w- C:\Dxtory
2013-06-15 16:38 . 2013-06-19 03:36 -------- d-----w- c:\programdata\PACE Anti-Piracy
2013-06-15 16:38 . 2013-06-15 16:38 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-06-15 16:34 . 2013-06-15 16:34 -------- d-----w- c:\program files (x86)\Adobe Story
2013-06-15 16:34 . 2013-06-15 16:34 -------- d-----w- c:\program files (x86)\My Company Name
2013-06-15 16:34 . 2013-06-15 16:34 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2013-06-15 16:34 . 2013-06-15 16:34 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2013-06-15 16:34 . 2009-07-09 10:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2013-06-15 16:34 . 2009-06-23 10:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2013-06-15 16:34 . 2009-06-23 10:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2013-06-15 16:33 . 2013-06-15 16:37 -------- d-----w- c:\program files\Common Files\Adobe
2013-06-15 16:33 . 2013-06-15 16:37 -------- d-----w- c:\program files\Adobe
2013-06-15 16:32 . 2013-06-15 16:32 -------- d-----w- c:\windows\SysWow64\Macromed
2013-06-15 16:32 . 2013-06-15 16:32 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-06-15 16:30 . 2013-06-15 16:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-06-15 03:24 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2013-06-15 03:16 . 2013-05-23 01:49 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-06-15 03:16 . 2013-06-15 03:16 -------- d-----w- c:\programdata\IObit
2013-06-15 03:15 . 2013-05-23 01:49 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-06-15 03:15 . 2013-06-15 03:15 -------- d-----w- c:\program files (x86)\IObit
2013-06-15 03:13 . 2013-02-16 05:44 8043008 ----a-w- c:\windows\system32\DxtoryCodec.dll
2013-06-15 03:13 . 2013-02-16 05:44 8300544 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll
2013-06-15 03:13 . 2013-06-15 17:08 -------- d-----w- c:\program files (x86)\Dxtory Software
2013-06-15 03:08 . 2013-06-15 03:20 -------- d-----w- c:\windows\AutoKMS
2013-06-15 03:03 . 2013-07-10 20:14 -------- d-----w- c:\program files\Common Files\DESIGNER
2013-06-15 03:03 . 2013-06-15 03:03 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-06-15 03:02 . 2013-06-15 03:02 -------- d-----w- c:\windows\PCHEALTH
2013-06-15 03:02 . 2013-06-15 03:02 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-06-15 03:02 . 2013-06-15 03:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-06-15 03:01 . 2013-06-15 03:01 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-06-15 03:01 . 2013-06-15 03:01 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-06-15 03:01 . 2013-06-15 03:01 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-06-15 03:00 . 2013-07-09 19:53 -------- d-----w- c:\programdata\Microsoft Help
2013-06-15 03:00 . 2013-06-15 03:02 -------- d-----w- c:\program files\Microsoft Office
2013-06-15 02:59 . 2013-06-15 02:59 -------- d-----r- C:\MSOCache
2013-06-15 02:58 . 2013-07-10 20:14 -------- d-----w- c:\program files\Paint.NET
2013-06-15 02:56 . 2013-06-15 03:02 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-06-15 02:52 . 2013-07-10 20:14 -------- d-----w- C:\Ace of Spades
2013-06-15 01:50 . 2013-07-10 20:14 -------- d-----w- c:\program files\WinRAR
2013-06-15 01:49 . 2013-06-15 01:49 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-15 01:49 . 2013-06-15 01:49 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-15 01:49 . 2013-06-15 01:49 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-15 01:49 . 2013-06-15 01:49 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-15 01:49 . 2013-06-15 01:49 188320 ----a-w- c:\windows\system32\java.exe
2013-06-15 01:49 . 2013-06-15 01:49 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-15 01:49 . 2013-06-15 01:49 -------- d-----w- c:\program files\Java
2013-06-15 01:43 . 2013-07-10 20:14 -------- d-----w- c:\program files\CCleaner
2013-06-15 01:37 . 2013-06-15 01:38 -------- d-----w- c:\program files (x86)\Google
2013-06-15 00:34 . 2013-07-10 20:14 -------- d-----w- c:\program files (x86)\mIRC
2013-06-14 23:36 . 2013-06-14 23:36 32699904 ----a-w- c:\windows\system32\imageres.dll
2013-06-14 23:35 . 2013-06-14 23:35 -------- d-----w- c:\programdata\Stardock
2013-06-14 23:35 . 2013-06-14 23:35 -------- d-----w- c:\program files (x86)\Stardock
2013-06-14 23:28 . 2013-07-10 22:17 25640 ----a-w- c:\windows\gdrv.sys
2013-06-14 21:36 . 2013-06-14 21:36 -------- d-----w- c:\windows\SysWow64\Wat
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 05:49 . 2013-06-15 21:57 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-06-15 21:57 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-06-15 21:57 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-06-15 21:57 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-06-15 21:57 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-06-15 21:57 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PerfMon"="c:\program files (x86)\PerfMon4x\PerfMon.exe" [2012-05-02 1150976]
"HP Photosmart 7520 series (NET)"="c:\program files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-07-10 1672616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-10 343168]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTuneVI"="c:\program files (x86)\Gigabyte\ET6\ETCall.exe" [2011-11-24 40960]
.
c:\users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2BQ3B0XQ05VV;CONNECTION=NW;MONITOR=1; [2009-7-13 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VirtDiskBus64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AODDriver;AODDriver;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 19:43 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-16 03:42]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15 01:37]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15 01:37]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709273398-3811409067-3964558954-1000Core.job
- c:\users\shywolf91\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-18 03:52]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709273398-3811409067-3964558954-1000UA.job
- c:\users\shywolf91\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-18 03:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-02-27 22:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-02-27 22:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-02-27 22:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-02-27 22:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 2278504]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-04-24 1569536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-16 499608]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.11.1
FF - ProfilePath - c:\users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
FF - prefs.js: network.proxy.ftp - 119.167.231.183
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 119.167.231.183
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 119.167.231.183
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 119.167.231.183
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-10  15:39:20
ComboFix-quarantined-files.txt  2013-07-10 22:39
ComboFix2.txt  2013-07-10 22:33
ComboFix3.txt  2013-07-10 22:28
.
Pre-Run: 872,990,478,336 bytes free
Post-Run: 872,924,852,224 bytes free
.
- - End Of File - - 2B1E4F06DDFA250321E47BE663327601
A36C5E4F47E84449FF07ED3517B43A31

Edited by shywolf91, 10 July 2013 - 05:42 PM.


#8 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:54 AM

Posted 12 July 2013 - 06:19 PM

Hey shywolf91,

 

OK nothing of concern showing there.

 

Please download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • In the "Custom Scans/Fixes" window (under the light green bar) paste the following in bold:

    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click Run Scan and let the program run uninterrupted.
  • When the scan completes, it will open two Notepad windows. OTL.txt and Extras.txt. These are saved in the same location as OTL. Post both logs in this thread.
  • You may need to use two posts to get it all.


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#9 shywolf91

shywolf91
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 12 July 2013 - 07:38 PM

OTL logfile created on: 7/12/2013 5:21:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\shywolf91\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.98 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.18% Memory free
31.96 Gb Paging File | 28.94 Gb Available in Paging File | 90.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 812.42 Gb Free Space | 87.22% Space Free | Partition Type: NTFS
 
Computer Name: SHYWOLF91-PC | User Name: shywolf91 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2013/07/12 17:20:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shywolf91\Desktop\OTL.exe
PRC - [2013/07/12 12:02:07 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2012/05/02 15:42:44 | 001,150,976 | ---- | M] (Lorenzi Davide (hexagora.com)) -- C:\Program Files (x86)\PerfMon4x\PerfMon.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/10/07 19:08:38 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\GUI.exe
PRC - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/11/24 11:08:20 | 002,662,471 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\Normal.dll
MOD - [2011/11/24 10:41:36 | 000,548,931 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\work.dll
MOD - [2011/11/23 14:29:36 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\MFCCPU.dll
MOD - [2011/11/22 17:12:22 | 001,474,628 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\OCK.dll
MOD - [2011/11/02 13:48:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\HM.dll
MOD - [2011/10/20 14:47:40 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\GVTunner.dll
MOD - [2011/10/18 09:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\STT.dll
MOD - [2011/10/07 19:08:38 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\GUI.exe
MOD - [2011/10/05 18:23:14 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\SF.dll
MOD - [2011/09/14 17:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\ycc.dll
MOD - [2011/03/01 19:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\StabilityLib.dll
MOD - [2010/10/19 10:59:46 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\GPTT.dll
MOD - [2010/06/24 15:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\IccLibDll.dll
MOD - [2010/06/10 15:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\AMD8.dll
MOD - [2010/03/12 05:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\platform.dll
MOD - [2010/03/12 05:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\device.dll
MOD - [2008/05/07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\CIAMIB.dll
MOD - [2007/09/05 13:13:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\PerfMon4x\dplib.dll
MOD - [2003/02/14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\ET6\Sound.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/05/27 11:37:59 | 001,646,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/26 17:50:29 | 000,068,856 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013/02/26 17:22:43 | 000,069,392 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2012/06/25 18:45:56 | 000,095,184 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2011/11/09 22:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/11/09 20:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/07/09 18:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/02 21:12:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/15 20:42:18 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/05/28 12:12:19 | 000,382,536 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/04/17 14:59:58 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013/04/17 14:59:56 | 000,718,840 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013/02/22 19:46:52 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/12/19 08:42:10 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t_mouse.sys -- (t_mouse.sys)
DRV:64bit: - [2012/11/12 18:11:19 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2012/11/02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012/10/04 14:30:19 | 000,147,232 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2012/04/17 14:34:26 | 000,076,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011/11/14 20:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/11/09 20:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/11/09 19:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/16 00:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/08/23 06:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/07/28 20:40:00 | 000,079,104 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/07/28 20:40:00 | 000,056,960 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/07/06 03:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011/06/24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/06/15 06:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011/06/15 06:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 06:11:20 | 000,032,544 | R--- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 16:02:44 | 000,066,160 | ---- | M] (Giga-Byte Technology CO., LTD.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VirtDiskBus64.sys -- (VirtDiskBus)
DRV:64bit: - [2010/12/03 11:29:00 | 001,105,000 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/07/12 17:18:42 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013/07/12 17:18:30 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/03/12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EA 3A 60 7B 0E 69 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: greasefire%40skrul.com:1.0.8
FF - prefs.js..extensions.enabledAddons: sessionmanagerexporttool%40tijtij.com:0.2
FF - prefs.js..extensions.enabledAddons: %7BAE93811A-5C9A-4d34-8462-F7B864FC4696%7D:4.16
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.3.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.9
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.1pre.130625a
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.2.2
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.9.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
FF - prefs.js..network.proxy.backup.ftp: "119.195.32.211"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "119.195.32.211"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "119.195.32.211"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "119.167.231.183"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.http: "119.167.231.183"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "119.167.231.183"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "119.167.231.183"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\shywolf91\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\shywolf91\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\shywolf91\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013/06/14 07:47:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/06/14 07:53:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013/06/14 07:47:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Components: C:\Program Files\\Waterfox\components [2013/06/14 07:53:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Plugins: C:\Program Files\\Waterfox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/06/14 07:54:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Extensions
[2013/07/06 14:37:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions
[2013/06/14 07:56:16 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013/06/14 07:56:16 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013/06/28 09:56:59 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\foxmarks@kei.com
[2013/06/14 07:56:16 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\support@lastpass.com
[2013/07/06 14:37:05 | 000,316,582 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\artur.dubovoy@gmail.com.xpi
[2012/11/18 19:49:34 | 005,438,448 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\greasefire@skrul.com.xpi
[2012/11/01 17:07:30 | 000,029,967 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\sessionmanagerexporttool@tijtij.com.xpi
[2012/09/23 09:55:20 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\testpilot@labs.mozilla.com.xpi
[2013/05/28 18:45:18 | 000,534,431 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013/01/01 17:22:18 | 000,377,738 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2013/05/08 13:57:10 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/06/27 10:20:34 | 000,813,531 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/05/29 08:45:34 | 000,269,448 | ---- | M] () (No name found) -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/12/16 16:38:36 | 000,002,337 | ---- | M] () -- C:\Users\shywolf91\AppData\Roaming\Mozilla\Firefox\Profiles\6pdqzo8e.default\searchplugins\askcom.xml
[2013/07/02 21:12:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/02 21:12:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/02 21:12:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Xmarks Bookmark Sync = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.25_0\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.25_0\.bak
CHR - Extension: Angry Birds = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Session Manager = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: YouTube = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Daum Equation Editor = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe\1.3.2_0\
CHR - Extension: Crazy Rollercoaster = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\eafhgomkapdagnpmmgilphbolnejepoc\1.3_0\
CHR - Extension: Session Buddy = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.2.1_0\
CHR - Extension: Pockie Ninja = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnllmdekhoodfjggoncakndldjihiiol\1.71_0\
CHR - Extension: Tab Menu = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\galfofdpepkcahkfobimileafiobdplb\7_0\
CHR - Extension: Ancient Odyssey Mahjong = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejnoiphkikhmpkfpilploabdnnpfpgm\1.2_0\
CHR - Extension: Cut the Rope = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\
CHR - Extension: LastPass = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.24_0\
CHR - Extension: Isoball 3 = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\
CHR - Extension: FlashControl = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.2.10_0\
CHR - Extension: Cargo Bridge 2 = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcnojolnkjhpkibbhgjobimmihcpnep\2.0.2_0\
CHR - Extension: Flow Colors = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk\1.3_0\
CHR - Extension: Gmail = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Canvas Rider = C:\Users\shywolf91\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_0\
 
O1 HOSTS File: ([2013/07/10 15:26:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [MouseDriver] C:\Windows\SysNative\TiltWheelMouse.exe (Pixart Imaging Inc)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [HP Photosmart 7520 series (NET)] C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [PerfMon] C:\Program Files (x86)\PerfMon4x\PerfMon.exe (Lorenzi Davide (hexagora.com))
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\Gigabyte\ET6\ETcall.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19483843-DA29-4EFB-B1A7-406077145639}: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D9A61D3-790B-4E12-923A-B23397B7E207}: DhcpNameServer = 192.168.11.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32:64bit: vidc.x264 - C:\PROGRA~1\X264VF~1\X264VF~1.DLL ()
Drivers32:64bit: vidc.xtor - DxtoryCodec.dll (Dxtory Software)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.x264 - C:\Program Files (x86)\x264vfw\x264vfw.dll ()
Drivers32: vidc.xtor - C:\Windows\SysWow64\DxtoryCodec.dll (Dxtory Software)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/07/12 17:20:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\shywolf91\Desktop\OTL.exe
[2013/07/12 09:58:39 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Malwarebytes
[2013/07/12 09:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/12 09:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/12 09:58:32 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/07/12 09:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/07/10 15:52:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/10 15:21:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/07/10 15:21:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/07/10 15:21:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/07/10 15:21:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/07/10 15:21:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/07/09 12:53:58 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/09 12:53:58 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/09 12:53:57 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/09 12:53:57 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/09 12:53:57 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/09 12:53:57 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/09 12:53:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/09 12:53:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/09 12:53:57 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/09 12:53:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/09 12:53:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/09 12:53:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/09 12:53:56 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/09 12:53:56 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/09 12:53:56 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/09 11:57:09 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/09 11:57:09 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/09 11:57:08 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/09 11:57:08 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/09 11:56:55 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/08 13:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013/07/08 13:19:35 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Documents\FW-Sim
[2013/07/08 13:15:36 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013/07/08 13:15:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/07/08 13:15:36 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013/07/08 13:15:36 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013/07/08 13:15:36 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013/07/08 13:15:36 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013/07/08 13:15:36 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013/07/08 13:15:36 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013/07/08 13:15:35 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013/07/08 13:15:35 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013/07/08 13:15:35 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013/07/08 13:15:35 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013/07/08 13:15:34 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013/07/08 13:15:34 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/07/08 13:15:34 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013/07/08 13:15:34 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013/07/08 13:15:33 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013/07/08 13:15:33 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013/07/08 13:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FWsim Pro
[2013/07/08 13:15:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FW-Sim
[2013/07/08 13:15:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FWsim Pro
[2013/07/08 13:07:41 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\uTorrent
[2013/07/08 13:07:07 | 001,126,480 | ---- | C] (BitTorrent Inc.) -- C:\Users\shywolf91\Desktop\utorrent.exe
[2013/07/03 15:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/07/03 15:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/07/03 15:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/07/03 07:11:58 | 000,000,000 | ---D | C] -- C:\found.000
[2013/07/02 21:22:38 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013/07/02 21:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013/07/02 21:21:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2013/07/02 21:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/02 20:36:35 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\bleeping computer virus help
[2013/07/01 09:41:37 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/07/01 09:41:17 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Build and Shoot
[2013/07/01 09:41:15 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Build and Shoot
[2013/07/01 09:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot
[2013/07/01 09:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Build and Shoot
[2013/06/30 16:42:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/06/30 16:42:50 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/06/30 16:42:50 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/06/30 16:42:47 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/06/30 16:42:47 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/06/30 16:42:47 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/06/30 16:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/06/30 16:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/06/29 19:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickMark
[2013/06/29 19:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SimpleAct
[2013/06/29 08:34:19 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin
[2013/06/29 08:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bitcoin
[2013/06/28 20:18:13 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\MONEY
[2013/06/25 19:00:28 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Bitcoin
[2013/06/25 19:00:24 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Armory
[2013/06/25 18:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Armory Bitcoin Client
[2013/06/25 18:56:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Armory
[2013/06/24 20:40:18 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\iceballfornoobs-0.0-53
[2013/06/23 09:59:40 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Macromedia
[2013/06/23 09:58:52 | 021,289,608 | ---- | C] (Mozilla) -- C:\Users\shywolf91\Desktop\Firefox Setup 21.0.exe
[2013/06/22 11:27:11 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\TeamViewer
[2013/06/22 11:26:48 | 004,870,608 | ---- | C] (TeamViewer GmbH) -- C:\Users\shywolf91\Desktop\TeamViewer_Setup_en.exe
[2013/06/21 08:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2013/06/21 08:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2013/06/21 08:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2013/06/21 08:34:25 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\HpUpdate
[2013/06/21 08:34:23 | 000,741,480 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPMBC11.dll
[2013/06/21 08:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/06/21 08:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/06/21 08:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013/06/21 08:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/06/21 08:22:48 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\HP
[2013/06/18 22:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013/06/18 22:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2013/06/18 20:35:21 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/06/17 20:35:38 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Audacity
[2013/06/17 20:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/06/17 20:34:46 | 021,281,052 | ---- | C] (Audacity Team                                               ) -- C:\Users\shywolf91\Desktop\audacity-win-2.0.3.exe
[2013/06/17 20:09:37 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\DCIM
[2013/06/17 12:24:15 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\FrostWire
[2013/06/17 12:24:12 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\FrostWire
[2013/06/17 12:23:58 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire
[2013/06/17 12:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/06/17 12:23:33 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/06/17 12:21:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrostWire
[2013/06/16 21:27:41 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com
[2013/06/16 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobipocket.com
[2013/06/16 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Mobipocket Shared
[2013/06/16 21:26:32 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Amazon
[2013/06/16 21:26:31 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\webkit
[2013/06/16 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\.kindle
[2013/06/16 21:24:22 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/06/16 21:23:44 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Amazon
[2013/06/16 20:36:35 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\DuckLink
[2013/06/16 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckLink
[2013/06/16 20:36:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DuckLink
[2013/06/16 09:33:18 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\vlc
[2013/06/16 09:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/06/16 09:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/06/15 22:04:45 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/06/15 22:04:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/06/15 21:59:34 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/06/15 21:59:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/06/15 21:59:33 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/06/15 21:59:33 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/06/15 20:42:09 | 017,018,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/06/15 20:17:15 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\TechSmith
[2013/06/15 20:17:09 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Documents\Camtasia Studio
[2013/06/15 20:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2013/06/15 20:16:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2013/06/15 20:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/06/15 20:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2013/06/15 20:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2013/06/15 20:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013/06/15 20:01:14 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/15 20:01:14 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/15 20:01:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/06/15 19:55:00 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Sublime Text 2
[2013/06/15 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\Sublime Text 2
[2013/06/15 15:14:44 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\KDPublishingPro
[2013/06/15 15:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KDPublishingPro.com
[2013/06/15 15:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDPublishingPro
[2013/06/15 14:57:17 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/06/15 14:57:15 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/06/15 14:57:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/06/15 14:57:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/06/15 14:57:12 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/06/15 14:57:12 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/06/15 14:57:08 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/06/15 14:57:06 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/06/15 14:57:06 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/06/15 14:57:06 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/06/15 14:57:06 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/06/15 14:57:06 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/06/15 14:57:06 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/06/15 14:57:06 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/06/15 14:57:06 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/06/15 14:57:06 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/06/15 14:57:06 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/06/15 14:57:06 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/06/15 14:57:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/06/15 14:57:06 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/06/15 14:57:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/06/15 14:57:04 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/06/15 14:57:04 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/06/15 14:57:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/06/15 14:57:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/06/15 14:57:01 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/06/15 14:57:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/06/15 14:57:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/06/15 14:57:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/06/15 14:56:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/06/15 14:56:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/06/15 14:56:52 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/06/15 14:56:51 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/06/15 14:56:48 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/06/15 14:56:48 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/06/15 14:56:48 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/06/15 14:56:48 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/06/15 14:56:48 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/06/15 14:56:48 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/06/15 14:56:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/06/15 14:56:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/06/15 14:56:48 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/06/15 14:56:48 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/06/15 14:56:48 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/06/15 14:56:48 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/06/15 14:56:48 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/06/15 14:56:48 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/06/15 14:56:48 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/06/15 14:56:48 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/06/15 14:56:48 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/06/15 14:56:48 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/06/15 14:56:48 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/06/15 14:56:48 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/06/15 14:56:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/06/15 14:56:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/06/15 14:56:48 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/06/15 14:56:48 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/06/15 14:56:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/06/15 14:56:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/06/15 14:56:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/06/15 14:56:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/06/15 14:56:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/06/15 14:56:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/06/15 14:56:48 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/06/15 14:56:48 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/06/15 14:56:38 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/06/15 14:56:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/06/15 14:56:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/06/15 14:56:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/06/15 14:56:31 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/06/15 14:56:31 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/06/15 14:56:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/06/15 14:56:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/06/15 14:56:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/06/15 14:56:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/06/15 14:56:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/06/15 14:56:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/06/15 14:56:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/06/15 14:56:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/06/15 14:56:07 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/06/15 14:56:07 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/06/15 14:55:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/06/15 14:55:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/06/15 14:55:44 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/06/15 14:55:44 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/06/15 14:55:44 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/06/15 14:55:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/06/15 14:55:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/06/15 14:55:44 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/06/15 14:55:43 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/06/15 14:55:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/06/15 14:55:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/06/15 14:55:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/06/15 14:55:28 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/06/15 14:55:26 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/06/15 14:55:26 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/06/15 14:55:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/06/15 14:00:43 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\UBot Studio
[2013/06/15 13:53:12 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll
[2013/06/15 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Performance Monitor 4.x
[2013/06/15 13:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PerfMon4x
[2013/06/15 13:52:33 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\Isorender
[2013/06/15 13:24:07 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\redstone power -kindle
[2013/06/15 09:59:46 | 003,792,502 | ---- | C] (ExKode Co. Ltd.                                             ) -- C:\Users\shywolf91\Desktop\DxtorySetup2.0.123.exe
[2013/06/15 09:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
[2013/06/15 09:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\x264vfw
[2013/06/15 09:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw64
[2013/06/15 09:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\x264vfw64
[2013/06/15 09:57:16 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\VisualBeeClient
[2013/06/15 09:57:07 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\VisualBeeExe
[2013/06/15 09:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\VisualBee
[2013/06/15 09:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/06/15 09:56:25 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Foxit Software
[2013/06/15 09:56:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/06/15 09:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013/06/15 09:52:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Manage Network Connection.{7007ACC7-3202-11D1-AAD2-00805FC1270E}
[2013/06/15 09:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ENCORE Wireless LAN Driver - PCIE Adapter
[2013/06/15 09:39:36 | 000,000,000 | ---D | C] -- C:\Dxtory
[2013/06/15 09:38:36 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\PACE Anti-Piracy
[2013/06/15 09:38:36 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\PACE Anti-Piracy
[2013/06/15 09:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2013/06/15 09:38:35 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Documents\Adobe
[2013/06/15 09:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013/06/15 09:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2013/06/15 09:34:18 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2013/06/15 09:34:18 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2013/06/15 09:34:18 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2013/06/15 09:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013/06/15 09:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/06/15 09:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013/06/15 09:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/06/15 09:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/06/15 09:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013/06/15 09:32:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/06/15 09:32:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/06/15 09:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/06/15 09:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/06/15 09:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/06/15 09:26:11 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Macromedia
[2013/06/15 09:25:38 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Adobe
[2013/06/14 20:16:19 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013/06/14 20:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/06/14 20:15:55 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\IObit
[2013/06/14 20:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/06/14 20:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/06/14 20:13:48 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Dxtory Software
[2013/06/14 20:13:43 | 008,043,008 | ---- | C] (Dxtory Software) -- C:\Windows\SysNative\DxtoryCodec.dll
[2013/06/14 20:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
[2013/06/14 20:13:42 | 008,300,544 | ---- | C] (Dxtory Software) -- C:\Windows\SysWow64\DxtoryCodec.dll
[2013/06/14 20:13:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dxtory Software
[2013/06/14 20:08:58 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2013/06/14 20:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/06/14 20:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/06/14 20:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/06/14 20:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013/06/14 20:02:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/06/14 20:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2013/06/14 20:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/06/14 20:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[2013/06/14 20:01:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/06/14 20:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/06/14 20:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/06/14 20:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/06/14 20:01:00 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Microsoft Help
[2013/06/14 20:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/06/14 20:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/06/14 19:59:40 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013/06/14 19:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2013/06/14 19:56:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/06/14 19:56:39 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Paint.NET
[2013/06/14 19:54:33 | 000,889,416 | ---- | C] (Microsoft Corporation) -- C:\Users\shywolf91\Desktop\dotNetFx40_Full_setup.exe
[2013/06/14 19:54:10 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Programs
[2013/06/14 19:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace of Spades
[2013/06/14 19:52:29 | 000,000,000 | ---D | C] -- C:\Ace of Spades
[2013/06/14 19:05:13 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\WinRAR
[2013/06/14 18:54:52 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\.minecraft
[2013/06/14 18:51:01 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/06/14 18:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/06/14 18:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/06/14 18:50:17 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\cgminer-3.1.1-windows
[2013/06/14 18:49:11 | 001,092,512 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013/06/14 18:49:11 | 000,971,680 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013/06/14 18:49:11 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/06/14 18:49:08 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/06/14 18:49:08 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/06/14 18:49:08 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/06/14 18:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/06/14 18:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/06/14 18:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/14 18:42:46 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gmvault
[2013/06/14 18:42:46 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\gmvault
[2013/06/14 18:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/06/14 18:37:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/06/14 18:37:52 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Google
[2013/06/14 17:34:50 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\mIRC
[2013/06/14 17:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2013/06/14 17:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2013/06/14 16:36:43 | 032,699,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imageres.dll
[2013/06/14 16:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2013/06/14 16:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2013/06/14 16:35:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2013/06/14 16:33:37 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\cpu-z_1.64-64bits-en
[2013/06/14 16:33:31 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\DBAN
[2013/06/14 16:28:38 | 000,025,640 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013/06/14 15:55:42 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Adobe
[2013/06/14 14:36:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/06/14 14:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/06/14 09:02:10 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/06/14 09:02:10 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/06/14 09:02:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/06/14 09:02:10 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/06/14 09:02:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/06/14 09:02:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/06/14 09:02:10 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/06/14 09:02:10 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/06/14 09:02:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/06/14 09:02:10 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/06/14 09:02:09 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/06/14 09:02:09 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/06/14 09:02:09 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/06/14 09:02:09 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/06/14 09:02:09 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/06/14 09:02:09 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/06/14 09:02:09 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/06/14 09:02:09 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/06/14 09:02:09 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/06/14 09:02:09 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/06/14 09:02:09 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/06/14 09:02:09 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/06/14 09:02:09 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/06/14 09:02:09 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/06/14 09:02:09 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/06/14 09:02:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/06/14 09:02:09 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/06/14 09:02:09 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/06/14 09:02:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/06/14 09:02:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/06/14 09:02:09 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/06/14 09:02:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/06/14 09:02:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/06/14 09:02:09 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/06/14 09:02:09 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/06/14 09:02:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/06/14 09:02:09 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/06/14 09:02:09 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/06/14 09:02:09 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/06/14 09:02:09 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/06/14 09:02:09 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/06/14 09:02:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/06/14 09:02:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/06/14 09:02:09 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/06/14 09:02:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/06/14 09:02:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/06/14 09:02:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/06/14 09:02:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/06/14 09:02:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/06/14 09:02:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/06/14 09:02:09 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/06/14 09:02:09 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/06/14 09:02:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/06/14 08:58:53 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/06/14 08:58:53 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/06/14 08:58:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/06/14 08:58:53 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/06/14 08:58:53 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/06/14 08:58:53 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/06/14 08:58:53 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/06/14 08:58:53 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/06/14 08:58:53 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/06/14 08:58:53 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/06/14 08:58:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/06/14 08:58:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/06/14 08:58:53 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/06/14 08:58:53 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/06/14 08:58:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/06/14 08:58:53 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/06/14 08:58:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/06/14 08:58:53 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/06/14 08:58:53 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/06/14 08:58:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/14 08:58:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/14 08:58:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/14 08:58:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/14 08:58:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/14 08:53:17 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/06/14 08:53:17 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/06/14 08:53:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/06/14 08:53:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/06/14 08:53:17 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/06/14 08:53:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/06/14 08:51:11 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/06/14 08:51:11 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/06/14 08:00:26 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\User files
[2013/06/14 08:00:24 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/06/14 08:00:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/06/14 08:00:23 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/06/14 08:00:23 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/06/14 08:00:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/06/14 08:00:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/06/14 08:00:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/06/14 08:00:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/06/14 08:00:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/06/14 08:00:23 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/06/14 08:00:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/06/14 08:00:16 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/06/14 08:00:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/06/14 08:00:15 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/06/14 08:00:14 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/06/14 08:00:14 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/06/14 08:00:14 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/06/14 08:00:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/06/14 08:00:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/06/14 08:00:11 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/06/14 08:00:11 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/06/14 08:00:04 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/06/14 08:00:04 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013/06/14 08:00:04 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/06/14 08:00:04 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013/06/14 08:00:04 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/06/14 08:00:04 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/06/14 08:00:03 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/06/14 08:00:03 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/06/14 08:00:03 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/06/14 08:00:03 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/06/14 08:00:01 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/06/14 08:00:01 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/06/14 08:00:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/06/14 08:00:01 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/06/14 07:59:56 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/06/14 07:59:56 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/06/14 07:59:51 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/06/14 07:59:51 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/06/14 07:59:51 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/06/14 07:59:51 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/06/14 07:59:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/06/14 07:59:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/06/14 07:59:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/06/14 07:59:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/06/14 07:59:48 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/06/14 07:59:48 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/06/14 07:59:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/06/14 07:59:48 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/06/14 07:59:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013/06/14 07:59:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013/06/14 07:59:36 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/06/14 07:59:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/06/14 07:59:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/06/14 07:59:35 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\AOS ALOHA GUARD
[2013/06/14 07:59:34 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/06/14 07:59:34 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/06/14 07:59:33 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/06/14 07:59:33 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/06/14 07:59:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/06/14 07:59:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/06/14 07:59:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/06/14 07:59:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/06/14 07:59:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/06/14 07:59:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/06/14 07:59:21 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/06/14 07:59:21 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/06/14 07:59:21 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/06/14 07:59:21 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/06/14 07:59:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/06/14 07:59:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/06/14 07:59:06 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/06/14 07:59:06 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/06/14 07:59:06 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/06/14 07:59:06 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/06/14 07:59:06 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/06/14 07:59:06 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/06/14 07:59:06 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/06/14 07:59:00 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/06/14 07:59:00 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/06/14 07:58:57 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/06/14 07:58:55 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/06/14 07:58:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/06/14 07:58:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/06/14 07:58:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/06/14 07:58:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/06/14 07:58:50 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/06/14 07:58:49 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/06/14 07:58:47 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/06/14 07:58:47 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/06/14 07:58:47 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/06/14 07:58:47 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/06/14 07:58:47 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/06/14 07:58:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/06/14 07:58:42 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/06/14 07:58:42 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\FileZilla
[2013/06/14 07:58:40 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/06/14 07:58:40 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/06/14 07:58:39 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/06/14 07:58:39 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/06/14 07:58:39 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/06/14 07:58:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/06/14 07:58:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/06/14 07:58:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/06/14 07:58:39 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013/06/14 07:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013/06/14 07:58:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/06/14 07:58:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/06/14 07:58:35 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013/06/14 07:58:35 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2013/06/14 07:58:33 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/06/14 07:58:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/06/14 07:58:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/06/14 07:56:34 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Thunderbird
[2013/06/14 07:56:34 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Thunderbird
[2013/06/14 07:54:19 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Mozilla
[2013/06/14 07:54:19 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Mozilla
[2013/06/14 07:53:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/06/14 07:53:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/06/14 07:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/06/14 07:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\Waterfox
[2013/06/14 07:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox
[2013/06/14 07:52:54 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Waterfox Limited
[2013/06/14 07:51:39 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\Desktop\MozBackup-1.5.2-beta1-EN
[2013/06/14 07:50:40 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Deployment
[2013/06/14 07:50:40 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Apps
[2013/06/14 07:48:52 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/06/14 07:48:52 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/06/14 07:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013/06/14 07:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013/06/14 07:47:25 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013/06/14 07:47:25 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2013/06/14 07:47:25 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2013/06/14 07:47:25 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013/06/14 07:47:22 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013/06/14 07:47:22 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013/06/14 07:47:22 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013/06/14 07:46:49 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Bitdefender
[2013/06/14 07:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013/06/14 07:45:56 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\QuickScan
[2013/06/14 07:45:37 | 000,147,232 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013/06/14 07:45:36 | 000,382,536 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013/06/14 07:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/06/14 07:45:09 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/06/14 07:45:09 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/06/14 07:45:09 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/06/14 07:45:04 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/06/14 07:45:04 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/06/14 07:45:04 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/06/14 07:44:56 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/06/14 07:44:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/06/14 07:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013/06/14 07:34:10 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\AMD
[2013/06/14 07:34:00 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\ATI
[2013/06/14 07:34:00 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\ATI
[2013/06/14 07:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/06/14 07:31:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013/06/14 07:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/06/14 07:31:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013/06/14 07:30:51 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2013/06/14 07:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/06/14 07:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/06/14 07:30:37 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2013/06/14 07:30:36 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2013/06/14 07:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/06/14 07:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/06/14 07:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/06/14 07:24:34 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2013/06/14 07:24:34 | 000,066,160 | ---- | C] (Giga-Byte Technology CO., LTD.) -- C:\Windows\SysNative\drivers\VirtDiskBus64.sys
[2013/06/14 07:23:53 | 000,048,416 | R--- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys
[2013/06/14 07:23:51 | 000,032,360 | R--- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys
[2013/06/14 07:23:49 | 000,032,544 | R--- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
[2013/06/14 07:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
[2013/06/14 07:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2013/06/14 07:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2013/06/14 07:18:24 | 000,565,352 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/06/14 07:18:23 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013/06/14 07:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dolby Home Theater v4
[2013/06/14 07:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
[2013/06/14 07:14:24 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/06/14 07:14:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/06/14 07:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/06/14 07:13:49 | 003,147,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2013/06/14 07:13:49 | 000,367,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2013/06/14 07:13:48 | 002,432,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2013/06/14 07:13:48 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2013/06/14 07:13:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2013/06/14 07:13:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2013/06/14 07:13:48 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2013/06/14 07:13:48 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2013/06/14 07:13:48 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2013/06/14 07:13:48 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2013/06/14 07:13:47 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2013/06/14 07:13:47 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2013/06/14 07:13:47 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2013/06/14 07:13:47 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2013/06/14 07:13:47 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2013/06/14 07:13:45 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2013/06/14 07:13:45 | 000,177,088 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2013/06/14 07:13:45 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2013/06/14 07:13:45 | 000,065,432 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2013/06/14 07:13:43 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/06/14 07:13:42 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/06/14 07:13:42 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013/06/14 07:13:42 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/06/14 07:13:42 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/06/14 07:13:42 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/06/14 07:13:42 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013/06/14 07:13:42 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013/06/14 07:13:42 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013/06/14 07:13:42 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/06/14 07:13:41 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013/06/14 07:13:40 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013/06/14 07:13:39 | 001,914,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013/06/14 07:13:38 | 003,213,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013/06/14 07:13:38 | 002,528,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013/06/14 07:13:38 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013/06/14 07:13:37 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/06/14 07:13:36 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/06/14 07:13:36 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/06/14 07:13:36 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/06/14 07:13:36 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/06/14 07:13:35 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/06/14 07:13:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/06/14 07:13:34 | 000,099,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013/06/14 07:13:29 | 001,873,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013/06/14 07:13:19 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013/06/14 07:13:19 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013/06/14 07:13:19 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/06/14 07:13:19 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013/06/14 07:13:19 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013/06/14 07:13:19 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013/06/14 07:13:18 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2013/06/14 07:13:17 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/06/14 07:13:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/06/14 07:13:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/06/14 07:13:16 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2013/06/14 07:13:11 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/06/14 07:13:10 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013/06/14 07:13:10 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/06/14 07:13:10 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2013/06/14 07:13:10 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2013/06/14 07:13:10 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2013/06/14 07:13:09 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/06/14 07:13:09 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/06/14 07:13:09 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/06/14 07:13:09 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/06/14 07:13:09 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/06/14 07:13:08 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/06/14 07:13:08 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/06/14 07:13:08 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/06/14 07:13:08 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/06/14 07:13:08 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013/06/14 07:13:06 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013/06/14 07:13:06 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013/06/14 07:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/06/14 07:13:05 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/06/14 07:13:05 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/06/14 07:12:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte
[2013/06/14 07:12:35 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/06/14 07:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2013/06/14 07:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/06/13 22:56:35 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/06/13 22:04:29 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/06/13 22:04:29 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Searches
[2013/06/13 22:04:29 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/06/13 22:04:29 | 000,000,000 | -H-D | C] -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/06/13 22:04:21 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Identities
[2013/06/13 22:04:20 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Contacts
[2013/06/13 22:04:18 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\VirtualStore
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\AppData\Local\Temporary Internet Files
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Templates
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Start Menu
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\SendTo
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Recent
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\PrintHood
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\NetHood
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Documents\My Videos
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Documents\My Pictures
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Documents\My Music
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\My Documents
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Local Settings
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\AppData\Local\History
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Cookies
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\Application Data
[2013/06/13 22:04:11 | 000,000,000 | -HSD | C] -- C:\Users\shywolf91\AppData\Local\Application Data
[2013/06/13 22:04:10 | 000,000,000 | --SD | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Videos
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Saved Games
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Pictures
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Music
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Links
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Favorites
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Downloads
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Documents
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\Desktop
[2013/06/13 22:04:10 | 000,000,000 | R--D | C] -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/06/13 22:04:10 | 000,000,000 | -H-D | C] -- C:\Users\shywolf91\AppData
[2013/06/13 22:04:10 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Temp
[2013/06/13 22:04:10 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Local\Microsoft
[2013/06/13 22:04:10 | 000,000,000 | ---D | C] -- C:\Users\shywolf91\AppData\Roaming\Media Center Programs
[2013/06/13 22:04:05 | 000,000,000 | ---D | C] -- C:\Recovery
[2013/06/13 22:04:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/06/13 21:57:44 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/06/13 21:57:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/12 17:25:27 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/12 17:25:27 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/12 17:20:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shywolf91\Desktop\OTL.exe
[2013/07/12 17:18:42 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013/07/12 17:18:41 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013/07/12 17:18:38 | 000,001,946 | ---- | M] () -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
[2013/07/12 17:18:30 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013/07/12 17:18:25 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/12 17:18:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/12 17:17:56 | 4280,213,502 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/12 12:10:26 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/12 12:10:24 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/12 12:03:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2709273398-3811409067-3964558954-1000UA.job
[2013/07/12 11:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/12 09:58:33 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/12 09:55:42 | 000,007,612 | ---- | M] () -- C:\Users\shywolf91\AppData\Local\Resmon.ResmonCfg
[2013/07/10 18:43:27 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/10 18:43:27 | 000,660,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/10 18:43:27 | 000,121,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/10 15:26:35 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/07/10 14:03:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2709273398-3811409067-3964558954-1000Core.job
[2013/07/10 13:39:54 | 000,033,279 | ---- | M] () -- C:\Users\shywolf91\Desktop\attach (1).zip
[2013/07/10 12:07:37 | 004,968,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/09 12:12:55 | 163,711,716 | ---- | M] () -- C:\Users\shywolf91\Desktop\bigbang1.ts
[2013/07/09 11:59:21 | 735,940,608 | ---- | M] () -- C:\Users\shywolf91\Desktop\Stargate SG-1 [1x01] Children Of The Gods.avi
[2013/07/09 11:58:22 | 089,095,079 | ---- | M] () -- C:\Users\shywolf91\Desktop\The Big Bang Theory S06E10 HDTV x264.mkv
[2013/07/08 17:51:30 | 000,172,314 | ---- | M] () -- C:\Users\shywolf91\Desktop\Snap 2013-07-08 at 17.37.22.png
[2013/07/08 17:49:44 | 000,001,126 | ---- | M] () -- C:\Users\shywolf91\Desktop\Adobe Premiere Pro CS5.5.lnk
[2013/07/08 13:15:01 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\FWsim Pro.lnk
[2013/07/08 13:08:48 | 000,000,859 | ---- | M] () -- C:\Users\shywolf91\Desktop\µTorrent.lnk
[2013/07/08 13:08:48 | 000,000,839 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/07/08 13:07:08 | 001,126,480 | ---- | M] (BitTorrent Inc.) -- C:\Users\shywolf91\Desktop\utorrent.exe
[2013/07/07 22:07:57 | 000,399,437 | ---- | M] () -- C:\Users\shywolf91\Desktop\portal.gif
[2013/07/07 18:24:24 | 000,015,186 | ---- | M] () -- C:\Users\shywolf91\Desktop\white-cocacola-can.png
[2013/07/04 09:35:19 | 000,033,279 | ---- | M] () -- C:\Users\shywolf91\Desktop\attach.zip
[2013/07/03 15:57:08 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/07/03 15:52:44 | 001,669,632 | ---- | M] () -- C:\Users\shywolf91\Desktop\SteamInstall.msi
[2013/07/02 22:31:58 | 000,000,118 | RH-- | M] () -- C:\Users\shywolf91\Desktop\Stinger.opt
[2013/07/02 20:55:46 | 000,000,000 | ---- | M] () -- C:\Users\shywolf91\defogger_reenable
[2013/07/02 20:25:07 | 000,046,309 | ---- | M] () -- C:\Users\shywolf91\Desktop\Eva_unit_01_berserk_coloured_by_r7ll_s.jpg
[2013/07/01 09:41:15 | 000,001,060 | ---- | M] () -- C:\Users\shywolf91\Desktop\Build and Shoot Launcher.lnk
[2013/07/01 09:29:18 | 000,571,238 | ---- | M] () -- C:\Users\shywolf91\Desktop\BuildandShootSetup.exe
[2013/06/30 19:30:06 | 000,001,566 | ---- | M] () -- C:\Users\shywolf91\Desktop\MagicLauncher_1.1.6.exe - Shortcut.lnk
[2013/06/30 16:46:55 | 000,001,048 | ---- | M] () -- C:\Users\shywolf91\Desktop\Bitcoin.lnk
[2013/06/30 16:42:44 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/06/30 16:42:44 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/06/30 16:42:44 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/06/30 16:42:44 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/06/30 16:42:44 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/06/30 16:42:44 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/06/30 12:49:18 | 017,298,268 | ---- | M] () -- C:\Users\shywolf91\Desktop\Christmas During the Great Depression (3D HD).mp4
[2013/06/29 19:52:05 | 000,000,279 | ---- | M] () -- C:\Users\shywolf91\Desktop\PaperBak.ini
[2013/06/29 19:42:21 | 000,001,219 | ---- | M] () -- C:\Users\shywolf91\Desktop\Miners.bat - Shortcut.lnk
[2013/06/28 16:04:56 | 000,107,391 | ---- | M] () -- C:\Users\shywolf91\Desktop\Coke-Super-Bowl-commercials-2013.jpg
[2013/06/25 19:50:32 | 000,232,448 | ---- | M] () -- C:\Users\shywolf91\Desktop\PaperBak.exe
[2013/06/25 18:56:38 | 000,001,025 | ---- | M] () -- C:\Users\shywolf91\Desktop\Armory.lnk
[2013/06/25 18:55:31 | 018,703,872 | ---- | M] () -- C:\Users\shywolf91\Desktop\armory_0.88.1-beta_win64.msi
[2013/06/23 09:59:14 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/06/23 09:58:56 | 021,289,608 | ---- | M] (Mozilla) -- C:\Users\shywolf91\Desktop\Firefox Setup 21.0.exe
[2013/06/23 08:56:22 | 000,027,285 | ---- | M] () -- C:\Users\shywolf91\gnutella.net
[2013/06/22 11:26:49 | 004,870,608 | ---- | M] (TeamViewer GmbH) -- C:\Users\shywolf91\Desktop\TeamViewer_Setup_en.exe
[2013/06/21 17:33:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/06/21 08:35:25 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2013/06/21 08:34:22 | 000,002,248 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 7520 series.lnk
[2013/06/21 08:34:22 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7520 series.lnk
[2013/06/21 08:29:34 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013/06/18 14:09:44 | 000,003,021 | ---- | M] () -- C:\Users\shywolf91\Desktop\Microsoft Word 2010.lnk
[2013/06/17 20:35:17 | 000,001,011 | ---- | M] () -- C:\Users\shywolf91\Desktop\Audacity.lnk
[2013/06/17 20:34:55 | 021,281,052 | ---- | M] (Audacity Team                                               ) -- C:\Users\shywolf91\Desktop\audacity-win-2.0.3.exe
[2013/06/17 12:23:58 | 000,001,239 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2013/06/17 12:23:58 | 000,001,215 | ---- | M] () -- C:\Users\shywolf91\Desktop\FrostWire 4.21.8.lnk
[2013/06/16 22:05:51 | 000,772,990 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/16 21:27:41 | 000,000,948 | ---- | M] () -- C:\Users\shywolf91\Desktop\Mobipocket Creator.lnk
[2013/06/16 21:09:19 | 010,606,592 | ---- | M] () -- C:\Users\shywolf91\Desktop\creator.msi
[2013/06/16 20:36:32 | 000,002,134 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\DuckCapture.lnk
[2013/06/16 20:36:32 | 000,002,110 | ---- | M] () -- C:\Users\shywolf91\Desktop\DuckCapture.lnk
[2013/06/16 09:33:13 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/15 20:42:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/15 20:42:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/15 20:42:10 | 017,018,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/06/15 20:29:48 | 104,175,226 | ---- | M] () -- C:\Users\shywolf91\Desktop\Minecraft 1.5.2  Automatic Revolving Lighthouse Tutorial (Low).flv
[2013/06/15 20:17:41 | 000,002,581 | ---- | M] () -- C:\Users\shywolf91\Desktop\Camtasia Recorder.lnk
[2013/06/15 20:16:27 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2013/06/15 15:48:54 | 000,001,176 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2013/06/15 15:14:27 | 000,002,633 | ---- | M] () -- C:\Users\Public\Desktop\KDPublishingPro.lnk
[2013/06/15 13:53:12 | 000,000,945 | ---- | M] () -- C:\Users\shywolf91\Desktop\Performance Monitor 4.1.lnk
[2013/06/15 10:08:19 | 000,001,186 | ---- | M] () -- C:\Users\shywolf91\Desktop\Dxtory.lnk
[2013/06/15 09:59:48 | 003,792,502 | ---- | M] (ExKode Co. Ltd.                                             ) -- C:\Users\shywolf91\Desktop\DxtorySetup2.0.123.exe
[2013/06/15 09:56:35 | 000,002,078 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/06/15 09:56:35 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013/06/15 09:52:06 | 000,002,262 | ---- | M] () -- C:\Users\Public\Desktop\ENEWI-1XN4x 2XN4x User Manual.lnk
[2013/06/15 09:25:20 | 000,000,924 | ---- | M] () -- C:\Users\shywolf91\Desktop\Downloads - Shortcut.lnk
[2013/06/14 20:20:26 | 000,002,283 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/14 20:15:54 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/06/14 19:54:33 | 000,889,416 | ---- | M] (Microsoft Corporation) -- C:\Users\shywolf91\Desktop\dotNetFx40_Full_setup.exe
[2013/06/14 19:53:56 | 000,001,680 | ---- | M] () -- C:\Users\shywolf91\Desktop\AlohaSelector.bat - Shortcut.lnk
[2013/06/14 19:52:14 | 005,793,280 | ---- | M] () -- C:\Users\shywolf91\Desktop\aos075install.msi
[2013/06/14 18:51:04 | 000,001,100 | ---- | M] () -- C:\Windows\SysNative\bddel.dat
[2013/06/14 18:49:05 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013/06/14 18:49:05 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013/06/14 18:49:05 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/06/14 18:49:05 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/06/14 18:49:05 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/06/14 18:49:05 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/06/14 18:48:56 | 000,000,937 | ---- | M] () -- C:\Users\shywolf91\Desktop\Game Files - Shortcut.lnk
[2013/06/14 18:43:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/06/14 18:42:48 | 000,001,942 | ---- | M] () -- C:\Users\shywolf91\Desktop\gmvault-shell.lnk
[2013/06/14 17:34:50 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013/06/14 16:36:43 | 032,699,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imageres.dll
[2013/06/14 16:35:00 | 142,072,872 | ---- | M] () -- C:\Users\shywolf91\Desktop\KindlePreviewerInstall.exe
[2013/06/14 16:34:51 | 011,514,483 | ---- | M] () -- C:\Users\shywolf91\Desktop\MCEdit-0.1.7.1.win-amd64.zip
[2013/06/14 16:34:48 | 009,791,080 | ---- | M] () -- C:\Users\shywolf91\Desktop\LogonStudio_public.exe
[2013/06/14 16:34:43 | 000,263,186 | ---- | M] () -- C:\Users\shywolf91\Desktop\Minecraft.exe
[2013/06/14 16:34:25 | 001,855,915 | ---- | M] () -- C:\Users\shywolf91\Desktop\Snap 2013-06-12 at 21.17.14.png
[2013/06/14 16:20:15 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2013/06/14 09:02:10 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/06/14 09:02:10 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/06/14 09:02:10 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/06/14 09:02:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/06/14 09:02:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/06/14 09:02:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/06/14 09:02:10 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/06/14 09:02:10 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/06/14 09:02:10 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/06/14 09:02:10 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/06/14 09:02:09 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/06/14 09:02:09 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/06/14 09:02:09 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/06/14 09:02:09 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/06/14 09:02:09 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/06/14 09:02:09 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/06/14 09:02:09 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/06/14 09:02:09 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/06/14 09:02:09 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/06/14 09:02:09 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/06/14 09:02:09 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/06/14 09:02:09 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/06/14 09:02:09 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/06/14 09:02:09 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/06/14 09:02:09 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/06/14 09:02:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/06/14 09:02:09 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/06/14 09:02:09 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/06/14 09:02:09 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/06/14 09:02:09 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/06/14 09:02:09 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/06/14 09:02:09 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/06/14 09:02:09 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/06/14 09:02:09 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/06/14 09:02:09 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/06/14 09:02:09 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/06/14 09:02:09 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/06/14 09:02:09 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/06/14 09:02:09 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/06/14 09:02:09 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/06/14 09:02:09 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/06/14 09:02:09 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/06/14 09:02:09 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/06/14 09:02:09 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/06/14 09:02:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/06/14 09:02:09 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/06/14 09:02:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/06/14 09:02:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/06/14 09:02:09 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/06/14 09:02:09 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/06/14 09:02:09 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/06/14 09:02:09 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/06/14 09:02:09 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/06/14 09:02:09 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/06/14 09:02:09 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/06/14 08:58:53 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/06/14 08:58:53 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/06/14 08:58:53 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/06/14 08:58:53 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/06/14 08:58:53 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/06/14 08:58:53 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/06/14 08:58:53 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/06/14 08:58:53 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/06/14 08:58:53 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/06/14 08:58:53 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/06/14 08:58:53 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/06/14 08:58:53 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/06/14 08:58:53 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/06/14 08:58:53 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/06/14 08:58:53 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/06/14 08:58:53 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/06/14 08:58:53 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/06/14 08:58:53 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/06/14 08:58:53 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/06/14 08:58:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/14 08:58:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/14 08:58:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/14 08:58:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/14 08:58:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/14 08:58:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/14 07:58:40 | 000,002,004 | ---- | M] () -- C:\Users\shywolf91\Desktop\FileZilla Client.lnk
[2013/06/14 07:56:45 | 000,002,114 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/06/14 07:53:54 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013/06/14 07:53:33 | 000,000,961 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Waterfox.lnk
[2013/06/14 07:53:33 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Waterfox.lnk
[2013/06/14 07:51:45 | 040,333,390 | ---- | M] () -- C:\Users\shywolf91\Desktop\Waterfox 18.0.1 Portable.zip
[2013/06/14 07:49:15 | 000,001,441 | ---- | M] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/14 07:47:52 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2013/06/14 07:47:42 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013/06/14 07:47:42 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/06/14 07:47:42 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2013/06/14 07:47:34 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/06/14 07:47:34 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2013/06/14 07:47:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/06/14 07:33:37 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/06/14 07:26:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/06/14 07:24:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_VirtDiskBus64_01009.Wdf
[2013/06/14 07:24:33 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\3TB+Unlock.lnk
[2013/06/14 07:20:52 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\ET6.lnk
[2013/06/14 07:16:50 | 000,001,461 | ---- | M] () -- C:\safecd.tgz
[2013/06/13 22:00:19 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/06/13 22:00:19 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2013/07/12 09:58:33 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/12 09:54:44 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2013/07/10 15:21:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/07/10 15:21:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/07/10 15:21:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/07/10 15:21:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/07/10 15:21:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/07/10 13:39:54 | 000,033,279 | ---- | C] () -- C:\Users\shywolf91\Desktop\attach (1).zip
[2013/07/09 12:07:33 | 163,711,716 | ---- | C] () -- C:\Users\shywolf91\Desktop\bigbang1.ts
[2013/07/09 11:58:53 | 735,940,608 | ---- | C] () -- C:\Users\shywolf91\Desktop\Stargate SG-1 [1x01] Children Of The Gods.avi
[2013/07/09 11:58:19 | 089,095,079 | ---- | C] () -- C:\Users\shywolf91\Desktop\The Big Bang Theory S06E10 HDTV x264.mkv
[2013/07/08 17:37:22 | 000,172,314 | ---- | C] () -- C:\Users\shywolf91\Desktop\Snap 2013-07-08 at 17.37.22.png
[2013/07/08 13:15:01 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\FWsim Pro.lnk
[2013/07/08 13:08:48 | 000,000,859 | ---- | C] () -- C:\Users\shywolf91\Desktop\µTorrent.lnk
[2013/07/08 13:08:48 | 000,000,839 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/07/07 22:07:56 | 000,399,437 | ---- | C] () -- C:\Users\shywolf91\Desktop\portal.gif
[2013/07/07 18:24:24 | 000,015,186 | ---- | C] () -- C:\Users\shywolf91\Desktop\white-cocacola-can.png
[2013/07/04 09:35:19 | 000,033,279 | ---- | C] () -- C:\Users\shywolf91\Desktop\attach.zip
[2013/07/03 15:57:08 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/07/03 15:52:43 | 001,669,632 | ---- | C] () -- C:\Users\shywolf91\Desktop\SteamInstall.msi
[2013/07/02 21:22:30 | 000,000,118 | RH-- | C] () -- C:\Users\shywolf91\Desktop\Stinger.opt
[2013/07/02 20:55:46 | 000,000,000 | ---- | C] () -- C:\Users\shywolf91\defogger_reenable
[2013/07/02 20:25:05 | 000,046,309 | ---- | C] () -- C:\Users\shywolf91\Desktop\Eva_unit_01_berserk_coloured_by_r7ll_s.jpg
[2013/07/01 09:41:15 | 000,001,060 | ---- | C] () -- C:\Users\shywolf91\Desktop\Build and Shoot Launcher.lnk
[2013/07/01 09:29:18 | 000,571,238 | ---- | C] () -- C:\Users\shywolf91\Desktop\BuildandShootSetup.exe
[2013/06/30 19:30:06 | 000,001,566 | ---- | C] () -- C:\Users\shywolf91\Desktop\MagicLauncher_1.1.6.exe - Shortcut.lnk
[2013/06/30 16:46:55 | 000,001,048 | ---- | C] () -- C:\Users\shywolf91\Desktop\Bitcoin.lnk
[2013/06/30 12:48:06 | 017,298,268 | ---- | C] () -- C:\Users\shywolf91\Desktop\Christmas During the Great Depression (3D HD).mp4
[2013/06/29 19:42:21 | 000,001,219 | ---- | C] () -- C:\Users\shywolf91\Desktop\Miners.bat - Shortcut.lnk
[2013/06/28 16:04:56 | 000,107,391 | ---- | C] () -- C:\Users\shywolf91\Desktop\Coke-Super-Bowl-commercials-2013.jpg
[2013/06/25 19:50:49 | 000,000,279 | ---- | C] () -- C:\Users\shywolf91\Desktop\PaperBak.ini
[2013/06/25 19:50:32 | 000,232,448 | ---- | C] () -- C:\Users\shywolf91\Desktop\PaperBak.exe
[2013/06/25 18:56:38 | 000,001,025 | ---- | C] () -- C:\Users\shywolf91\Desktop\Armory.lnk
[2013/06/25 18:55:27 | 018,703,872 | ---- | C] () -- C:\Users\shywolf91\Desktop\armory_0.88.1-beta_win64.msi
[2013/06/23 09:59:13 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/06/23 09:59:13 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/06/23 08:56:21 | 000,027,285 | ---- | C] () -- C:\Users\shywolf91\gnutella.net
[2013/06/21 17:33:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/06/21 08:49:04 | 000,001,946 | ---- | C] () -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
[2013/06/21 08:35:25 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2013/06/21 08:34:22 | 000,002,248 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 7520 series.lnk
[2013/06/21 08:34:22 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7520 series.lnk
[2013/06/21 08:29:34 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/06/18 14:09:44 | 000,003,021 | ---- | C] () -- C:\Users\shywolf91\Desktop\Microsoft Word 2010.lnk
[2013/06/17 20:52:34 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2709273398-3811409067-3964558954-1000UA.job
[2013/06/17 20:52:33 | 000,000,872 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2709273398-3811409067-3964558954-1000Core.job
[2013/06/17 20:35:17 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/06/17 20:35:17 | 000,001,011 | ---- | C] () -- C:\Users\shywolf91\Desktop\Audacity.lnk
[2013/06/17 12:21:47 | 000,001,239 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2013/06/17 12:21:47 | 000,001,215 | ---- | C] () -- C:\Users\shywolf91\Desktop\FrostWire 4.21.8.lnk
[2013/06/16 21:27:41 | 000,000,948 | ---- | C] () -- C:\Users\shywolf91\Desktop\Mobipocket Creator.lnk
[2013/06/16 21:09:06 | 010,606,592 | ---- | C] () -- C:\Users\shywolf91\Desktop\creator.msi
[2013/06/16 20:36:32 | 000,002,134 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\DuckCapture.lnk
[2013/06/16 20:36:32 | 000,002,110 | ---- | C] () -- C:\Users\shywolf91\Desktop\DuckCapture.lnk
[2013/06/16 09:33:13 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/15 22:04:46 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/06/15 21:59:33 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/06/15 20:17:41 | 000,002,581 | ---- | C] () -- C:\Users\shywolf91\Desktop\Camtasia Recorder.lnk
[2013/06/15 20:16:27 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2013/06/15 20:12:40 | 104,175,226 | ---- | C] () -- C:\Users\shywolf91\Desktop\Minecraft 1.5.2  Automatic Revolving Lighthouse Tutorial (Low).flv
[2013/06/15 20:01:16 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/15 19:54:39 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
[2013/06/15 15:48:54 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2013/06/15 15:48:54 | 000,001,176 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2013/06/15 15:14:27 | 000,002,633 | ---- | C] () -- C:\Users\Public\Desktop\KDPublishingPro.lnk
[2013/06/15 13:53:12 | 000,000,945 | ---- | C] () -- C:\Users\shywolf91\Desktop\Performance Monitor 4.1.lnk
[2013/06/15 09:56:35 | 000,002,078 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/06/15 09:56:35 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013/06/15 09:52:06 | 000,002,262 | ---- | C] () -- C:\Users\Public\Desktop\ENEWI-1XN4x 2XN4x User Manual.lnk
[2013/06/15 09:52:01 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013/06/15 09:38:26 | 000,001,126 | ---- | C] () -- C:\Users\shywolf91\Desktop\Adobe Premiere Pro CS5.5.lnk
[2013/06/15 09:32:36 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013/06/15 09:25:20 | 000,000,924 | ---- | C] () -- C:\Users\shywolf91\Desktop\Downloads - Shortcut.lnk
[2013/06/14 20:15:55 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/06/14 20:15:54 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/06/14 20:13:43 | 000,001,186 | ---- | C] () -- C:\Users\shywolf91\Desktop\Dxtory.lnk
[2013/06/14 20:11:33 | 000,772,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/14 19:53:56 | 000,001,680 | ---- | C] () -- C:\Users\shywolf91\Desktop\AlohaSelector.bat - Shortcut.lnk
[2013/06/14 19:52:12 | 005,793,280 | ---- | C] () -- C:\Users\shywolf91\Desktop\aos075install.msi
[2013/06/14 18:51:03 | 000,001,100 | ---- | C] () -- C:\Windows\SysNative\bddel.dat
[2013/06/14 18:48:56 | 000,000,937 | ---- | C] () -- C:\Users\shywolf91\Desktop\Game Files - Shortcut.lnk
[2013/06/14 18:43:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/06/14 18:42:48 | 000,001,942 | ---- | C] () -- C:\Users\shywolf91\Desktop\gmvault-shell.lnk
[2013/06/14 18:38:23 | 000,002,283 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/14 18:38:23 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/14 18:37:58 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/14 18:37:57 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/14 18:26:09 | 000,007,612 | ---- | C] () -- C:\Users\shywolf91\AppData\Local\Resmon.ResmonCfg
[2013/06/14 17:34:50 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013/06/14 16:34:55 | 142,072,872 | ---- | C] () -- C:\Users\shywolf91\Desktop\KindlePreviewerInstall.exe
[2013/06/14 16:34:51 | 011,514,483 | ---- | C] () -- C:\Users\shywolf91\Desktop\MCEdit-0.1.7.1.win-amd64.zip
[2013/06/14 16:34:48 | 009,791,080 | ---- | C] () -- C:\Users\shywolf91\Desktop\LogonStudio_public.exe
[2013/06/14 16:34:43 | 000,263,186 | ---- | C] () -- C:\Users\shywolf91\Desktop\Minecraft.exe
[2013/06/14 16:34:25 | 001,855,915 | ---- | C] () -- C:\Users\shywolf91\Desktop\Snap 2013-06-12 at 21.17.14.png
[2013/06/14 16:28:14 | 004,968,608 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/14 09:02:09 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/06/14 09:02:09 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/06/14 07:58:40 | 000,002,004 | ---- | C] () -- C:\Users\shywolf91\Desktop\FileZilla Client.lnk
[2013/06/14 07:53:54 | 000,002,114 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/06/14 07:53:54 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013/06/14 07:53:54 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013/06/14 07:53:33 | 000,000,961 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Waterfox.lnk
[2013/06/14 07:53:33 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Waterfox.lnk
[2013/06/14 07:51:45 | 040,333,390 | ---- | C] () -- C:\Users\shywolf91\Desktop\Waterfox 18.0.1 Portable.zip
[2013/06/14 07:49:15 | 000,001,441 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/14 07:47:52 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013/06/14 07:47:42 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2013/06/14 07:47:34 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/06/14 07:47:34 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2013/06/14 07:47:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/06/14 07:46:46 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2013/06/14 07:46:46 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013/06/14 07:46:45 | 038,516,263 | -H-- | C] () -- C:\bdr-im01.gz
[2013/06/14 07:46:45 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013/06/14 07:33:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/06/14 07:30:37 | 000,208,016 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/06/14 07:30:37 | 000,208,016 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/06/14 07:30:37 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/06/14 07:30:37 | 000,204,960 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/06/14 07:30:37 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/06/14 07:30:37 | 000,157,152 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/06/14 07:30:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/06/14 07:30:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/06/14 07:30:15 | 000,036,338 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/06/14 07:26:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/06/14 07:26:14 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2013/06/14 07:24:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_VirtDiskBus64_01009.Wdf
[2013/06/14 07:24:33 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\3TB+Unlock.lnk
[2013/06/14 07:20:52 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\ET6.lnk
[2013/06/14 07:18:23 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013/06/14 07:16:50 | 000,001,461 | ---- | C] () -- C:\safecd.tgz
[2013/06/14 07:13:36 | 000,150,996 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013/06/14 07:11:28 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013/06/13 22:04:31 | 000,001,417 | ---- | C] () -- C:\Users\shywolf91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/06/13 22:04:10 | 000,000,290 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/06/13 22:04:10 | 000,000,272 | ---- | C] () -- C:\Users\shywolf91\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/06/13 22:00:14 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/06/13 22:00:12 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/06/13 21:57:17 | 4280,213,502 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2013/07/12 12:39:46 | 000,040,786 | ---- | M] () -- C:\bdlog.txt
[2012/08/15 15:28:18 | 002,510,608 | -H-- | M] () -- C:\bdr-bz01
[2013/06/14 07:47:42 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2012/12/12 17:38:36 | 038,516,263 | -H-- | M] () -- C:\bdr-im01.gz
[2013/06/14 07:47:42 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013/06/14 07:47:42 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/07/10 15:39:20 | 000,029,226 | ---- | M] () -- C:\ComboFix.txt
[2013/06/14 07:21:26 | 000,000,156 | ---- | M] () -- C:\csb.log
[2013/07/12 17:17:56 | 4280,213,502 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/14 07:19:08 | 000,000,189 | ---- | M] () -- C:\Install.log
[2013/07/12 17:17:58 | 4275,298,301 | -HS- | M] () -- C:\pagefile.sys
[2013/06/14 07:14:28 | 000,003,608 | ---- | M] () -- C:\RHDSetup.log
[2013/06/14 07:16:50 | 000,001,461 | ---- | M] () -- C:\safecd.tgz
[2013/07/12 17:18:25 | 000,000,144 | ---- | M] () -- C:\service.log
[2013/07/08 16:47:59 | 000,135,002 | ---- | M] () -- C:\TDSSKiller.2.8.18.0_08.07.2013_16.47.33_log.txt
 
< %systemroot%\*. /mp /s >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
< End of report >

OTL Extras logfile created on: 7/12/2013 5:21:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\shywolf91\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.98 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.18% Memory free
31.96 Gb Paging File | 28.94 Gb Available in Paging File | 90.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 812.42 Gb Free Space | 87.22% Space Free | Partition Type: NTFS
 
Computer Name: SHYWOLF91-PC | User Name: shywolf91 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1199A329-03C8-46E8-A3ED-2430A23D0A0D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{14EF4DD6-76FE-4E83-BEB5-118949DC7827}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{51C04123-F40C-43BA-97D8-CB2771C110D0}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7249F5A6-A46C-447F-A92F-15C5980AAF23}" = rport=445 | protocol=6 | dir=out | app=system | 
"{76EE57D6-EFE1-4AE6-812F-C994AAD66A3E}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8EC3C9F6-C54F-44E9-A621-80E47CB7B026}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{912D586B-84DF-4195-8D66-02C16EB6403C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A1D0A7B8-F36A-4893-96F2-343021C6F78F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A479810B-7D60-47FC-9ABE-EC7E0659486C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{CF0BC273-4EBD-49E9-B01E-21F16AA2D4EE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{D3A76579-08B3-430F-A9B7-7BF2C7D526CA}" = lport=138 | protocol=17 | dir=in | app=system | 
"{DD52A83E-191A-4E34-8A19-43BDA615FF3B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E2D97A56-7597-45F5-8DB1-CA737AA4705C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE8FC641-657E-440C-A8F7-3147AF16C6AC}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{058E2BED-DCFE-4DB9-80B8-028D06AA65EF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{13974C54-97DA-4438-B92B-7FA07D3C76F2}" = dir=in | app=c:\program files\hp\hp photosmart 7520 series\bin\digitalwizards.exe | 
"{17701934-8127-43D6-96AC-3D2DB34A0199}" = dir=in | app=c:\program files\hp\hp photosmart 7520 series\bin\hpnetworkcommunicatorcom.exe | 
"{1E23ACEE-EB6B-44B6-A7B5-9BF64BFF4BE9}" = protocol=6 | dir=in | app=c:\users\shywolf91\appdata\roaming\utorrent\utorrent.exe | 
"{37DA464B-EA5B-4662-A0C6-3E6BD3BAE367}" = protocol=17 | dir=in | app=c:\users\shywolf91\appdata\roaming\utorrent\utorrent.exe | 
"{48846078-27B1-430F-9D94-69D28EC5447C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{515AF54D-4E14-45C6-84EF-428F9A9CDFCF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{5CA03605-1EF1-4B98-BC99-EB712A3BCA7A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{6248921A-EA94-436A-82D9-65C2CD848C80}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{67AC6355-70E1-4D22-B9BF-AD8C8BE2E650}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{84B40021-A548-4996-9850-01D9ABB7B3C7}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | 
"{89B61977-D31F-4C53-8B82-67CD0F24FA32}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{A9EE646D-DF5F-4F10-83C8-4D1FA46A3C89}" = dir=in | app=c:\program files\hp\hp photosmart 7520 series\bin\hpnetworkcommunicator.exe | 
"{B7A4FEC5-46B3-44CC-BA55-8A8BE083D08F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{BA2E2851-E00C-4021-B4AA-9AA49C3A1031}" = dir=in | app=c:\program files\hp\hp photosmart 7520 series\bin\devicesetup.exe | 
"{BC33DE11-21B5-4D23-B453-C8B568F643F4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C4284E38-D5DC-41D9-9FA0-B08B5E6C8440}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | 
"{CF2D10FE-01D2-4EE2-989C-D36A0C152F20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{F418E950-D63E-4467-8B67-274BB14BB3B0}" = dir=in | app=c:\program files\hp\hp photosmart 7520 series\bin\faxapplications.exe | 
"{FF5E301C-2464-4562-BD25-6AF06D48F9E3}" = dir=in | app=c:\program files\hp\hp photosmart 7520 series\bin\sendafax.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{115C101B-99FC-B3D0-753B-3FF6AF5A1859}" = AMD Drag and Drop Transcoding
"{16B872EE-C458-41BD-BEAE-52758A3F3168}" = HP Photosmart 7520 series Product Improvement Study
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{27ABA988-D480-4F44-B0FD-45E5656D2CFE}" = HP Photosmart 7520 series Basic Device Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{563BCBE4-D549-C011-EBB8-5AABB7473549}" = AMD Media Foundation Decoders
"{62478EFF-4C2D-7C34-3CE4-23E1CF4A53DD}" = ccc-utility64
"{76A9BB62-F6BC-83B7-B774-B4ED34009E62}" = AMD Fuel
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8BF6C901-8C9D-C663-F997-EC95A2CCA228}" = AMD AVIVO64 Codecs
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE42CFF5-F477-D440-6CFB-6CBAE0008B91}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD7DEB7B-8CEA-44E5-AB2D-7C66786C0563}" = Waterfox
"Bitdefender" = Bitdefender Total Security 2013
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Sublime Text 2_is1" = Sublime Text 2.0.1
"WinRAR archiver" = WinRAR 4.11 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1 
"{075751B7-CA32-097B-D453-E6084A0412E9}" = CCC Help Norwegian
"{08295D09-E002-48F8-905D-34E4B08509BA}" = HP Photosmart 7520 series Help
"{08493629-9CF7-4580-B63B-E79E120F2F60}" = KDPublishingPro
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B4DD594-ECFF-A884-A0DE-E7BB17F1B59D}" = CCC Help Korean
"{0D4D67AB-C830-1787-5868-7EB8CDE396FD}" = Catalyst Control Center InstallProxy
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}" = 3TB+Unlock B11.0919.1
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2911F8A7-8513-7A0C-E02B-B4BF3260376D}" = CCC Help Hungarian
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{337944EB-8A7B-9A4F-5616-BE20776318B0}" = Catalyst Control Center Graphics Previews Common
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{354D00E0-C7C9-4BC1-BC12-08C4977AA827}" = SlimDX Redistributable (June 2010)
"{376924D9-9D83-366E-8DF4-3785F7200572}" = CCC Help Greek
"{37D77500-8BAB-D917-A1E5-80DB5DBC90A4}" = CCC Help Polish
"{3DBF3B04-45ED-7839-A732-572F5132C87E}" = CCC Help French
"{3FCB5D68-F2EC-00BC-4F00-A921C894A670}" = Catalyst Control Center Localization All
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1124.1
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49FF645F-1060-B387-553B-42895BF876C9}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B0213C-CC0C-4340-90BF-BFC7D3FE5BB4}" = QuickMark
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{580A2212-7116-46E6-9229-472E23F1DCC8}" = Ace of Spades
"{58184585-45B7-AC59-3367-CC89814C2657}" = AMD VISION Engine Control Center
"{5D8D56AB-E212-4EDD-7BB2-60E29EBCBCBE}" = CCC Help Japanese
"{5DEFA1B7-C77D-967F-53B7-C5A9F82211E5}" = CCC Help Dutch
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67B2BDD4-B24E-68D2-2C1C-835EE753A426}" = CCC Help Chinese Standard
"{69AE354F-FABA-4D0A-1E36-81D1F2430D56}" = CCC Help Finnish
"{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7979234F-671C-6593-14F4-576F454C3F0C}" = CCC Help Swedish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B558624-36B9-7D51-AA9F-339E85E3C6CA}" = CCC Help Portuguese
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{960C091F-A830-2964-D775-05ECD97484B5}" = CCC Help Spanish
"{9B16EE09-F62D-662D-9BC5-7DDDD220ABE4}" = CCC Help Thai
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = ENCORE Wireless LAN Driver - PCIE Adapter
"{A4A9D179-DF6D-3876-F1C4-F4D2F5B77F23}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA835FDA-C377-4D29-8C22-FB257EC718CF}" = Armory Bitcoin Client
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D49F6E0E-60C5-E43B-836E-F80F7DC8CE72}" = CCC Help Danish
"{D6EAD3FC-530F-6EF0-22DB-778CFB9AD1D2}" = CCC Help Turkish
"{D82BEF61-A0DA-4B2F-B53C-038310FB32EB}" = HydraVision
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DB32230C-5CE1-8112-F793-A8124B25A60B}" = CCC Help Italian
"{DC8CCBA6-C2F2-50CF-1A56-C7DE956BABD0}" = CCC Help Chinese Traditional
"{DF9E978D-54DA-6E2B-E699-D161E31DA144}" = CCC Help German
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B41D9C-5833-CCA5-1D98-48E82FDF8E49}" = CCC Help Czech
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.3
"Build and Shoot Launcher" = Build and Shoot Launcher 1.1
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"DuckCapture_is1" = DuckCapture Standard 2.7
"Dxtory2.0_is1" = Dxtory version 2.0.122
"Foxit Reader_is1" = Foxit Reader
"FrostWire" = FrostWire 4.21.8
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1124.1
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"mIRC" = mIRC
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"Mozilla Thunderbird 17.0.6 (x86 en-US)" = Mozilla Thunderbird 17.0.6 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Performance Monitor 4.x_is1" = Performance Monitor 4.x
"Smart Defrag 2_is1" = Smart Defrag 2
"VLC media player" = VLC media player 2.0.7
"x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only)
"x264vfw64" = x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bitcoin" = Bitcoin
"FileZilla Client" = FileZilla Client 3.7.0.2
"Gmvault" = Gmvault
"KindlePreviewer" = Kindle Previewer
"uTorrent" = µTorrent
"VisualBee for Microsoft PowerPoint" = VisualBee for Microsoft PowerPoint
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/8/2013 7:50:33 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/8/2013 8:06:34 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/9/2013 2:52:25 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/10/2013 3:08:13 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/10/2013 4:18:25 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/10/2013 4:29:49 PM | Computer Name = shywolf91-PC | Source = System Restore | ID = 8210
Description = 
 
Error - 7/10/2013 6:18:36 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/12/2013 12:55:27 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/12/2013 1:49:26 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 7/12/2013 8:19:49 PM | Computer Name = shywolf91-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 7/10/2013 6:24:55 PM | Computer Name = shywolf91-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service.  However,
 the system is configured to not allow interactive services.  This service may not
 function properly.
 
Error - 7/10/2013 6:26:16 PM | Computer Name = shywolf91-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
 with this system. Please contact your software vendor for a compatible version 
of the driver.
 
Error - 7/10/2013 6:26:37 PM | Computer Name = shywolf91-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service.  However,
 the system is configured to not allow interactive services.  This service may not
 function properly.
 
Error - 7/10/2013 6:30:51 PM | Computer Name = shywolf91-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service.  However,
 the system is configured to not allow interactive services.  This service may not
 function properly.
 
Error - 7/10/2013 6:32:20 PM | Computer Name = shywolf91-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service.  However,
 the system is configured to not allow interactive services.  This service may not
 function properly.
 
Error - 7/10/2013 6:36:33 PM | Computer Name = shywolf91-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service.  However,
 the system is configured to not allow interactive services.  This service may not
 function properly.
 
Error - 7/10/2013 6:38:03 PM | Computer Name = shywolf91-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service.  However,
 the system is configured to not allow interactive services.  This service may not
 function properly.
 
Error - 7/12/2013 12:53:55 PM | Computer Name = shywolf91-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:47:41 PM on ?7/?10/?2013 was unexpected.
 
Error - 7/12/2013 1:46:32 PM | Computer Name = shywolf91-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 7/12/2013 3:39:21 PM | Computer Name = shywolf91-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >


#10 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:54 AM

Posted 12 July 2013 - 07:48 PM

Good morning shywolf91,

 

I notice some changes in your proxy settings. Do you use a proxy?

 

You have the Ask Toolbar (AskBarDis) installed. I strongly recommend you remove the Ask Toolbar from your computer because:

 

  • It promotes its toolbars on sites targeted at kids.
  • It promotes its toolbars through ads that appear to be part of other companies' sites.
  • It promotes its toolbars through other companies' spyware.
  • It is installed without any disclosure whatsoever and without any consent from the user whatsoever.
  • It solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
  • It makes confusing changes to user's browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

Please go to Start>Control Panel>Programs and remove the following program (if present):

   

  • AskBarDis

Please restart your computer after this program removal.

=====

Next, please run OTL.exe.
  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :OTL

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    :Commands
    [EmptyTemp]

  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

 

=====

 

I didn't see anything of concern in the log. What issues remain?
 

 


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users