Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware Removal


  • This topic is locked This topic is locked
6 replies to this topic

#1 Shedada

Shedada

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:46 PM

Posted 04 May 2014 - 01:55 PM

I'm not sure how it happened but two days ago my Google Chrome started acting up: redirecting me to ads, overlaying video player ads over my webpages, and placing article suggestions on pages. I guess I must have clicked on a bad link, though I do not remember which. Before posting here I have run a few MBAM, AdAware, SUPERAntiSpyware, and AdwCleaner scans which have found some adware files but the problems persist. The ads also seem to pop up on other browsers and on my Steam. Before posting here, I attempted to download DDS as per you request, though it says that it "Is not meant to run in Compatibility Mode." So I am not able to run it. I won't be able to access this computer until this Friday, so I will need an extension on the expiration date of this thread.

BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:46 AM

Posted 06 May 2014 - 10:29 AM

:welcome:

Hello Shedada,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 Jo*

Jo*

  • Malware Response Team
  • 3,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:46 AM

Posted 10 May 2014 - 01:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 Shedada

Shedada
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:46 PM

Posted 11 May 2014 - 02:46 PM

Here are the text documents:
checkup.txt:
Results of screen317's Security Check version 0.99.83
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Ad-Aware Antivirus
Windows Defender
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Adobe Flash Player 13.0.0.206
Google Chrome 34.0.1847.131
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareService.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

OTL.txt:
OTL logfile created on: 5/10/2014 1:00:15 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shedd\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.89 Gb Total Physical Memory | 8.78 Gb Available Physical Memory | 73.78% Memory free
13.71 Gb Paging File | 10.02 Gb Available in Paging File | 73.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 680.28 Gb Total Space | 452.35 Gb Free Space | 66.49% Space Free | Partition Type: NTFS

Computer Name: CHARLES | User Name: Charles | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Shedd\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Shedd\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Motorola Mobility LLC)
PRC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Motorola Mobility LLC)
PRC - C:\Program Files (x86)\doubleTwist\DoubleTwist.Light.exe (doubleTwist Corporation)
PRC - C:\Program Files (x86)\doubleTwist\Transcoder.server.exe (doubleTwist Corporation)
PRC - C:\Program Files (x86)\Razer\Core\RazerCore.exe (Razer, Inc.)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Program Files (x86)\WizMouse\WizMouse.exe ()
PRC - C:\Program Files (x86)\SCM\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
PRC - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Motorola)
PRC - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)


========== Modules (No Company Name) ==========

MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\_ssl.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._controls_.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._windows_.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._gdi_.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\_hashlib.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\unicodedata.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\pyexpat.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32file.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\pywintypes27.dll ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32security.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._html2.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32inet.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32process.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\_multiprocessing.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32pdh.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32pipe.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32event.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32profile.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\select.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._core_.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._misc_.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\pythoncom27.dll ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32com.shell.shell.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32gui.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\_elementtree.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._wizard.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32api.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\_ctypes.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\wx._animate.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\_socket.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32ts.pyd ()
MOD - C:\Users\Shedd\AppData\Local\Temp\_MEI15082\win32crypt.pyd ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\9db094774e9db914aedfcad797c955d7\System.ComponentModel.Composition.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windc7c43db6#\59d66a6af1d34d616084808844e2f362\System.Windows.Interactivity.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\15e0783372e02bd437cab8ac76420124\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\10f2f39cba585d78f816d743c6a7a11e\IAStorDataMgrSvcInterfaces.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\4d93031edc301acdd626f23de7937cac\IAStorCommon.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\8dd5d48acfdc4ce750166ebe36623926\Microsoft.VisualC.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\7845e0cf7da2edf653fbcc126cda2f48\System.ComponentModel.DataAnnotations.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\90285827b1300835ca1aaff1dff83a01\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\fbbbde7677ccfbda7cb6fbce3899cbe5\System.EnterpriseServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\fbbbde7677ccfbda7cb6fbce3899cbe5\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\5c466395a19c1518fbdf48912336643b\IAStorUtil.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\8e945b32dd6b4b00c900f6c01c0f3c62\System.Numerics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\ee53227bcc4430088d0b560752c1cd02\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\352d34797f7cd44cd0973c33539200f1\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\39bc23d9592ef276c70a36ef0311070a\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3be4139a741b447ab35a2c788a2f4559\UIAutomationTypes.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6f7a4225a199ad7894379512ca6ae50c\System.Xml.Linq.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\95c749867e5f72a09ed1e59a57931301\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4c3126aec3364546e4ade89c24c4e742\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\0139b8d6c29df85226a7fe833e5cc4f1\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.Http\5ba9e9e2d2253e30f3f28e12016e441d\System.Net.Http.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\d1e6b39e15536aaa5fb9b1cacf8b18aa\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\8a7f63a63249ceccb5c51a9a372aaf64\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e1c86f334a29d92ca264950085cd817e\PresentationFramework.Aero2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\288e4f2cf5b7a96028c8bb3fce6dc043\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\libavutil-53.dll ()
MOD - C:\Program Files (x86)\Steam\libavresample-1.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Users\Shedd\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll ()
MOD - C:\Users\Shedd\AppData\Roaming\Curse Client\Bin\opus.dll ()
MOD - C:\Program Files (x86)\doubleTwist\WmdmDevice.dll ()
MOD - C:\Program Files (x86)\doubleTwist\WIA.dll ()
MOD - C:\Program Files (x86)\doubleTwist\Transcoder.Managed.dll ()
MOD - C:\Program Files (x86)\doubleTwist\Transcoder.Native.dll ()
MOD - C:\Program Files (x86)\doubleTwist\transcoder.interfaces.dll ()
MOD - C:\Program Files (x86)\doubleTwist\avformat-52.dll ()
MOD - C:\Program Files (x86)\doubleTwist\avcodec-52.dll ()
MOD - C:\Program Files (x86)\doubleTwist\swscale-0.dll ()
MOD - C:\Program Files (x86)\doubleTwist\avutil-49.dll ()
MOD - C:\Program Files (x86)\WizMouse\WizMouse.exe ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe ()
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (Qualcomm Atheros Killer Service) -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe ()
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (System Update kb70007) -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Motorola Device Manager) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Motorola Mobility LLC)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (RzOvlMon) -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe (Razer, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Micro Star SCM) -- C:\Program Files (x86)\SCM\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (MSI_SuperCharger) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
SRV - (PST Service) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Motorola)


========== Driver Services (SafeList) ==========

DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (RzDxgk) -- C:\Windows\SysNative\drivers\RzDxgk.sys (Razer, Inc.)
DRV:64bit: - (RzFilter) -- C:\Windows\SysNative\drivers\RzFilter.sys (Razer, Inc.)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (rzmpos) -- C:\Windows\SysNative\drivers\rzmpos.sys (Razer Inc)
DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\drivers\NETwew00.sys (Intel Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys (BitDefender LLC)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (pmxdrv) -- C:\Windows\SysNative\drivers\pmxdrv.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bwcW8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (Ke2200) -- C:\Windows\SysNative\drivers\e22w8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Motorola Solutions, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Almico Software)
DRV - (RTCore64) -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys ()
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (ipadtst) -- C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys (Windows ® Win 7 DDK provider)
DRV - (NTIOLib_1_0_4) -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI)
DRV - (NTIOLib_1_0_3) -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys (MSI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@keydownload.com/keyplayer,version=2.2.0-git: C:\Program Files (x86)\KeyDownload\KEYPLAYER\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BEE7841B-3C8B-46ea-AFE9-8461458BB2C1}: C:\PROGRAM FILES\KEYPLAYER CLASSIC\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BEE7841B-3C8B-46ea-AFE9-8461458BB2C1}: C:\Program Files\Keyplayer Classic\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9E752E4A-98AF-5478-FECD-8324FEE58CC9}: C:\Program Files (x86)\BlockAndSurf-soft\161.xpi

[2014/05/04 12:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shedd\AppData\Roaming\mozilla\Extensions
[2013/11/09 22:12:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://youtube.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Uploads Only for Youtube = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdnlgehefnmaiighnbaibekhdfhnipd\0.4_0\
CHR - Extension: Reverse Youtube Playlist = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhonbaagcobjdmbocblbebcmbmmbfmi\1.0_0\
CHR - Extension: BetterTTV = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped\6.6_0\
CHR - Extension: Google Drive = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google News = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: Chromebleed = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic\2.0_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.6.3.1_1\
CHR - Extension: LastPass: Free Password Manager = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.21_0\
CHR - Extension: Motorola Connect = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigmoblgooahdmdibodmcnffgnejlndh\1.5.1_0\
CHR - Extension: LastPass Vault = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf\2.0.21_0\
CHR - Extension: Google Wallet = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Shedd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Radio Manager] C:\Program Files (x86)\SCM\Radio Manager.exe (MSI)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe (MSI)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\WINDOWS\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VGAOCAP] C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe ()
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_FC296BFFF9153121FC12EA354B5FF2D2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [WizMouse] C:\Program Files (x86)\WizMouse\WizMouse.exe ()
O4 - Startup: C:\Users\Shedd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk = C:\Users\Shedd\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA793496-7D30-444B-825E-EA28BB601E7A}: DhcpNameServer = 10.101.0.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6A660CC-9094-49F0-88E5-E81FAFD22FAD}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/10 00:44:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Shedd\Desktop\OTL.exe
[2014/05/09 20:15:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/05/04 13:45:03 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/05/04 12:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/05/04 12:50:45 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\SUPERAntiSpyware.com
[2014/05/04 12:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/05/04 12:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/05/04 12:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/05/04 12:46:03 | 000,000,000 | -HSD | C] -- C:\Users\Shedd\AppData\Local\EmieUserList
[2014/05/04 12:46:03 | 000,000,000 | -HSD | C] -- C:\Users\Shedd\AppData\Local\EmieSiteList
[2014/05/04 12:41:14 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Local\Macromedia
[2014/05/04 12:40:26 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\Mozilla
[2014/05/04 12:40:26 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Local\Mozilla
[2014/05/04 12:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/05/03 19:23:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/03 19:23:52 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/05/03 19:22:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/05/03 19:22:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/05/03 19:22:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/05/03 19:22:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/05/03 19:22:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/05/03 19:21:56 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/05/03 19:21:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/05/03 19:21:46 | 000,233,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/05/03 19:21:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/05/03 19:21:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/05/03 15:55:41 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/03 15:55:40 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/03 15:55:40 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/03 15:55:40 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/03 15:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/03 15:05:39 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/03 15:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/03 15:05:22 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/03 15:05:22 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/05/03 15:05:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/03 14:56:55 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\Lavasoft
[2014/05/03 14:49:05 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/03 14:48:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/03 14:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/05/03 14:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/05/03 14:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/05/03 14:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/05/03 03:10:14 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/03 03:10:14 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/05/03 03:10:13 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/05/03 03:10:13 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/03 03:10:12 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/03 03:10:10 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/03 03:10:10 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/03 03:10:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/03 03:10:09 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/03 03:10:08 | 013,286,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/05/03 03:10:07 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/05/03 03:10:07 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/03 03:10:07 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/03 03:10:06 | 011,791,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/05/03 03:10:05 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/05/03 03:10:05 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/05/03 03:10:04 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/03 03:10:03 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/05/03 03:10:02 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/05/03 03:10:02 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/05/03 03:10:02 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/05/03 03:10:02 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/03 03:10:01 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/05/03 03:10:01 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/05/03 03:10:01 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/05/03 03:10:01 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014/05/03 03:10:01 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/03 03:10:00 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/05/03 03:10:00 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/03 03:10:00 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/05/03 03:10:00 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/03 03:09:59 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/03 03:09:59 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/03 03:09:59 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/03 03:09:58 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/05/03 03:09:58 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/05/03 03:09:58 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/03 03:09:58 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/03 03:09:58 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/03 03:09:58 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014/05/03 03:09:58 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014/05/03 03:09:57 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/05/03 03:09:57 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/05/03 03:09:57 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/03 03:09:57 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/05/03 03:09:56 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/03 03:09:56 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/05/03 03:09:56 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/05/03 03:09:56 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/03 03:09:56 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/05/03 03:09:55 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014/05/03 03:09:55 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014/05/03 03:09:55 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/03 03:09:55 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/03 03:09:55 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/03 03:09:54 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/03 03:09:54 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/03 03:09:53 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/03 03:09:53 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/05/03 03:09:53 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/03 03:09:53 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/05/03 03:09:52 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/03 03:09:52 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/03 03:09:52 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/03 03:09:52 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/03 03:09:52 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/03 03:09:51 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/03 03:09:51 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/05/03 03:09:51 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/05/03 03:09:51 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/03 03:09:51 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/03 03:09:51 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/03 03:09:51 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/03 03:09:51 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/03 03:09:50 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/03 03:09:50 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/03 03:09:50 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/05/03 03:09:50 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/05/03 03:09:50 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/03 03:09:50 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/03 03:09:50 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/03 03:09:49 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/05/03 03:09:49 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/05/03 03:09:49 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014/05/03 03:09:49 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014/05/03 03:09:49 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/03 03:09:49 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/03 03:09:49 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014/05/03 03:09:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014/05/03 03:09:48 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014/05/03 03:09:48 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/03 03:09:48 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/03 03:09:48 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/03 03:09:48 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/05/03 03:09:48 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014/05/03 03:09:47 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/05/03 03:09:47 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/03 03:09:47 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/03 03:09:47 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014/05/03 03:09:47 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/03 03:09:46 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/05/03 03:09:46 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014/05/03 03:09:46 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/03 03:09:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/05/03 03:09:45 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/05/03 03:09:45 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/05/03 03:09:45 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/05/03 03:09:45 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/03 03:09:45 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014/05/03 03:09:44 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/05/03 03:09:44 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/03 03:09:44 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014/05/03 03:09:44 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/03 03:09:44 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/05/03 03:09:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014/05/03 03:09:44 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/05/03 03:09:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/03 03:09:44 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/03 03:09:43 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/03 03:09:43 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/03 03:09:43 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/03 03:09:43 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014/05/03 03:09:43 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/03 03:09:43 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014/05/03 03:09:43 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/05/03 03:09:42 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/05/03 03:09:42 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014/05/03 03:09:42 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/05/03 03:09:42 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/03 03:09:42 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/03 03:09:42 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/03 03:09:42 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/03 03:09:42 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014/05/03 03:09:42 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014/05/03 03:09:41 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/03 03:09:41 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/03 03:09:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/03 03:09:40 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/05/03 03:09:40 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/03 03:09:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/03 03:09:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/03 03:09:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/03 03:09:39 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/05/03 03:09:39 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/03 03:09:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/03 03:07:51 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/05/03 03:07:28 | 001,705,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/05/03 03:07:28 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/03 03:07:27 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014/05/03 03:07:27 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/05/03 03:04:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/05/03 03:04:41 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/05/03 03:04:40 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/05/03 03:04:38 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/05/03 03:04:22 | 011,742,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2014/05/03 03:04:22 | 003,394,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/05/03 03:04:22 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/05/03 03:04:21 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OobeFldr.dll
[2014/05/03 03:04:21 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OobeFldr.dll
[2014/05/03 03:04:16 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/05/03 03:04:15 | 008,946,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2014/05/03 03:04:12 | 008,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2014/05/03 03:04:12 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/05/03 03:04:12 | 002,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/05/03 03:04:11 | 001,927,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/05/03 03:04:09 | 013,933,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2014/05/03 03:04:09 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/05/03 03:04:09 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/05/03 03:04:08 | 001,435,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2014/05/03 03:04:07 | 003,494,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2014/05/03 03:04:07 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/05/03 03:04:06 | 012,027,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2014/05/03 03:04:06 | 011,776,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2014/05/03 03:04:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/05/03 03:04:05 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/05/03 03:04:03 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2014/05/03 03:04:02 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2014/05/03 03:04:00 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2014/05/03 03:03:59 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/05/03 03:03:59 | 001,728,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2014/05/03 03:03:58 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2014/05/03 03:03:57 | 002,574,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014/05/03 03:03:53 | 001,445,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webservices.dll
[2014/05/03 03:03:52 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/05/03 03:03:51 | 001,132,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2014/05/03 03:03:49 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/05/03 03:03:48 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/05/03 03:03:47 | 002,588,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/05/03 03:03:47 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/05/03 03:03:46 | 001,290,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2014/05/03 03:03:45 | 001,341,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2014/05/03 03:03:44 | 001,640,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2014/05/03 03:03:44 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/05/03 03:03:44 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014/05/03 03:03:44 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msTextPrediction.dll
[2014/05/03 03:03:42 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2014/05/03 03:03:42 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/05/03 03:03:40 | 001,727,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/05/03 03:03:40 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/05/03 03:03:40 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2014/05/03 03:03:39 | 002,648,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/05/03 03:03:39 | 001,215,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2014/05/03 03:03:39 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/05/03 03:03:39 | 001,000,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2014/05/03 03:03:39 | 000,800,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2014/05/03 03:03:39 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/05/03 03:03:38 | 001,496,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2014/05/03 03:03:38 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/05/03 03:03:38 | 000,461,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014/05/03 03:03:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014/05/03 03:03:37 | 001,077,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webservices.dll
[2014/05/03 03:03:37 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2014/05/03 03:03:37 | 000,410,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014/05/03 03:03:37 | 000,407,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014/05/03 03:03:37 | 000,369,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014/05/03 03:03:37 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014/05/03 03:03:36 | 002,825,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2014/05/03 03:03:36 | 002,410,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/05/03 03:03:36 | 001,487,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/05/03 03:03:36 | 001,356,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/05/03 03:03:35 | 001,659,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/05/03 03:03:35 | 001,519,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/05/03 03:03:35 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/05/03 03:03:35 | 000,526,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2014/05/03 03:03:34 | 001,929,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2014/05/03 03:03:34 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014/05/03 03:03:34 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2014/05/03 03:03:34 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DfpCommon.dll
[2014/05/03 03:03:34 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofTasks.dll
[2014/05/03 03:03:33 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014/05/03 03:03:32 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2014/05/03 03:03:31 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2014/05/03 03:03:31 | 000,609,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2014/05/03 03:03:31 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2014/05/03 03:03:31 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/05/03 03:03:30 | 001,011,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2014/05/03 03:03:30 | 000,422,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2014/05/03 03:03:29 | 001,653,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2014/05/03 03:03:29 | 000,650,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2014/05/03 03:03:29 | 000,645,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014/05/03 03:03:29 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/05/03 03:03:29 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2014/05/03 03:03:28 | 002,760,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpccpl.dll
[2014/05/03 03:03:28 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/05/03 03:03:27 | 002,428,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2014/05/03 03:03:27 | 002,220,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/05/03 03:03:27 | 001,392,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/05/03 03:03:27 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2014/05/03 03:03:26 | 001,519,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/05/03 03:03:26 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/03 03:03:26 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2014/05/03 03:03:25 | 000,881,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/05/03 03:03:25 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014/05/03 03:03:25 | 000,424,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/05/03 03:03:25 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2014/05/03 03:03:24 | 002,395,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014/05/03 03:03:24 | 001,757,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/05/03 03:03:24 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2014/05/03 03:03:24 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofUtil.dll
[2014/05/03 03:03:23 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/05/03 03:03:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/05/03 03:03:22 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/05/03 03:03:21 | 000,477,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/05/03 03:03:21 | 000,391,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2014/05/03 03:03:20 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2014/05/03 03:03:20 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014/05/03 03:03:20 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/03 03:03:20 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2014/05/03 03:03:20 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2014/05/03 03:03:19 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2014/05/03 03:03:19 | 001,063,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2014/05/03 03:03:19 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/05/03 03:03:19 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2014/05/03 03:03:19 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014/05/03 03:03:18 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/05/03 03:03:18 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/05/03 03:03:18 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recimg.exe
[2014/05/03 03:03:18 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014/05/03 03:03:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfp.exe
[2014/05/03 03:03:17 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2014/05/03 03:03:17 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014/05/03 03:03:17 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perftrack.dll
[2014/05/03 03:03:17 | 000,669,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2014/05/03 03:03:17 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/05/03 03:03:16 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2014/05/03 03:03:14 | 001,428,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2014/05/03 03:03:14 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2014/05/03 03:03:14 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2014/05/03 03:03:13 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2014/05/03 03:03:13 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/05/03 03:03:13 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/03 03:03:12 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/05/03 03:03:12 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014/05/03 03:03:12 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2014/05/03 03:03:12 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2014/05/03 03:03:12 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2014/05/03 03:03:11 | 000,745,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/05/03 03:03:11 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/05/03 03:03:10 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2014/05/03 03:03:10 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014/05/03 03:03:10 | 000,372,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2014/05/03 03:03:09 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2014/05/03 03:03:09 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014/05/03 03:03:09 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2014/05/03 03:03:09 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2014/05/03 03:03:08 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfuimanager.dll
[2014/05/03 03:03:08 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014/05/03 03:03:07 | 001,791,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2014/05/03 03:03:07 | 000,824,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/05/03 03:03:07 | 000,531,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2014/05/03 03:03:07 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2014/05/03 03:03:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/05/03 03:03:05 | 000,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2014/05/03 03:03:05 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfuimanager.dll
[2014/05/03 03:03:05 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/05/03 03:03:05 | 000,244,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2014/05/03 03:03:04 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014/05/03 03:03:04 | 000,761,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2014/05/03 03:03:04 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2014/05/03 03:03:04 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/05/03 03:03:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/05/03 03:03:03 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014/05/03 03:03:03 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/05/03 03:03:03 | 000,336,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014/05/03 03:03:03 | 000,317,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2014/05/03 03:03:03 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/05/03 03:03:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmIndexer.dll
[2014/05/03 03:03:02 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2014/05/03 03:03:02 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2014/05/03 03:03:02 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2014/05/03 03:03:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slc.dll
[2014/05/03 03:03:01 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2014/05/03 03:03:01 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2014/05/03 03:03:01 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2014/05/03 03:03:01 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014/05/03 03:03:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2014/05/03 03:02:59 | 000,324,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2014/05/03 03:02:58 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanMM.dll
[2014/05/03 03:02:58 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014/05/03 03:02:58 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014/05/03 03:02:58 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ninput.dll
[2014/05/03 03:02:58 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2014/05/03 03:02:57 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014/05/03 03:02:57 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2014/05/03 03:02:55 | 002,288,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2014/05/03 03:02:55 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2014/05/03 03:02:55 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014/05/03 03:02:55 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2014/05/03 03:02:54 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/03 03:02:54 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdbui.dll
[2014/05/03 03:02:54 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2014/05/03 03:02:54 | 000,123,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/05/03 03:02:54 | 000,105,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/05/03 03:02:53 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DismApi.dll
[2014/05/03 03:02:53 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/05/03 03:02:53 | 000,289,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqmapi.dll
[2014/05/03 03:02:53 | 000,258,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/05/03 03:02:52 | 003,596,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2014/05/03 03:02:51 | 002,811,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll
[2014/05/03 03:02:51 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2014/05/03 03:02:51 | 000,210,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014/05/03 03:02:51 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/05/03 03:02:50 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2014/05/03 03:02:50 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmIndexer.dll
[2014/05/03 03:02:49 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/05/03 03:02:49 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dism.exe
[2014/05/03 03:02:49 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/05/03 03:02:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014/05/03 03:02:48 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2014/05/03 03:02:48 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2014/05/03 03:02:48 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2014/05/03 03:02:45 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/05/03 03:02:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/03 03:02:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clrhost.dll
[2014/05/03 03:02:44 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014/05/03 03:02:44 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2014/05/03 03:02:44 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WLanConn.dll
[2014/05/03 03:02:44 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014/05/03 03:02:44 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PkgMgr.exe
[2014/05/03 03:02:44 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2014/05/03 03:02:43 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014/05/03 03:02:43 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2014/05/03 03:02:43 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2014/05/03 03:02:43 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2014/05/03 03:02:43 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/05/03 03:02:42 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PurchaseWindowsLicense.dll
[2014/05/03 03:02:41 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2014/05/03 03:02:41 | 002,165,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncCenter.dll
[2014/05/03 03:02:41 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/05/03 03:02:40 | 000,943,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WlanMM.dll
[2014/05/03 03:02:40 | 000,722,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeui.exe
[2014/05/03 03:02:40 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2014/05/03 03:02:40 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/05/03 03:02:40 | 000,180,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014/05/03 03:02:40 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2014/05/03 03:02:39 | 000,506,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2014/05/03 03:02:38 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2014/05/03 03:02:38 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmdskmgr.dll
[2014/05/03 03:02:38 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2014/05/03 03:02:38 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014/05/03 03:02:38 | 000,083,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2014/05/03 03:02:37 | 000,170,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2014/05/03 03:02:36 | 000,139,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2014/05/03 03:02:35 | 003,085,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2014/05/03 03:02:35 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srchadmin.dll
[2014/05/03 03:02:34 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ninput.dll
[2014/05/03 03:02:34 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/05/03 03:02:34 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/03 03:02:34 | 000,151,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2014/05/03 03:02:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clrhost.dll
[2014/05/03 03:02:30 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014/05/03 03:02:30 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2014/05/03 03:02:30 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2014/05/03 03:02:30 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014/05/03 03:02:30 | 000,209,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2014/05/03 03:02:30 | 000,142,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smss.exe
[2014/05/03 03:02:30 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AltTab.dll
[2014/05/03 03:02:29 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2014/05/03 03:02:29 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2014/05/03 03:02:29 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2014/05/03 03:02:29 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2014/05/03 03:02:29 | 000,188,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2014/05/03 03:02:28 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timedate.cpl
[2014/05/03 03:02:28 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqmapi.dll
[2014/05/03 03:02:28 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netid.dll
[2014/05/03 03:02:28 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsutil.exe
[2014/05/03 03:02:27 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\das.dll
[2014/05/03 03:02:27 | 000,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sharemediacpl.dll
[2014/05/03 03:02:27 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/05/03 03:02:27 | 000,080,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2014/05/03 03:02:26 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2014/05/03 03:02:26 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2014/05/03 03:02:26 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014/05/03 03:02:26 | 000,043,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2014/05/03 03:02:25 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014/05/03 03:02:25 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2014/05/03 03:02:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fsutil.exe
[2014/05/03 03:02:25 | 000,041,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2014/05/03 03:02:24 | 000,924,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2014/05/03 03:02:24 | 000,275,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powrprof.dll
[2014/05/03 03:02:24 | 000,140,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2014/05/03 03:02:24 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2014/05/03 03:02:23 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2014/05/03 03:02:23 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2014/05/03 03:02:23 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2014/05/03 03:02:23 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2014/05/03 03:02:23 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/05/03 03:02:23 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/05/03 03:02:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2014/05/03 03:02:22 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthLEEnum.sys
[2014/05/03 03:02:22 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2014/05/03 03:02:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2014/05/03 03:02:22 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RestoreOptIn.exe
[2014/05/03 03:02:22 | 000,079,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2014/05/03 03:02:21 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timedate.cpl
[2014/05/03 03:02:21 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwizeng.dll
[2014/05/03 03:02:21 | 000,137,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2014/05/03 03:02:20 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/05/03 03:02:20 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2014/05/03 03:02:20 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2014/05/03 03:02:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContent.dll
[2014/05/03 03:02:20 | 000,032,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountBroker.exe
[2014/05/03 03:02:19 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WLanConn.dll
[2014/05/03 03:02:19 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2014/05/03 03:02:19 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MicrosoftAccountTokenProvider.dll
[2014/05/03 03:02:19 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2014/05/03 03:02:18 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2014/05/03 03:02:17 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3mm.dll
[2014/05/03 03:02:17 | 000,094,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcd.dll
[2014/05/03 03:02:17 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RestoreOptIn.exe
[2014/05/03 03:02:17 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014/05/03 03:02:17 | 000,029,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountBroker.exe
[2014/05/03 03:02:16 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srchadmin.dll
[2014/05/03 03:02:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2014/05/03 03:02:16 | 000,131,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014/05/03 03:02:16 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2014/05/03 03:02:15 | 003,312,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2014/05/03 03:02:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAMM.dll
[2014/05/03 03:02:14 | 000,079,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcd.dll
[2014/05/03 03:02:14 | 000,071,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2014/05/03 03:02:14 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2014/05/03 03:02:12 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cleanmgr.exe
[2014/05/03 03:02:11 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cleanmgr.exe
[2014/05/03 03:02:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2014/05/03 03:02:11 | 000,054,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys
[2014/05/03 03:02:10 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpchttp.dll
[2014/05/03 03:02:09 | 000,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2014/05/03 03:02:08 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2014/05/03 03:02:08 | 000,189,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2014/05/03 03:02:08 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014/05/03 03:02:07 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2014/05/03 03:02:07 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\korwbrkr.dll
[2014/05/03 03:02:07 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netid.dll
[2014/05/03 03:02:07 | 000,036,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2014/05/03 03:02:07 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2014/05/03 03:02:06 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2014/05/03 03:02:06 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2014/05/03 03:02:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll
[2014/05/03 03:02:04 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2014/05/03 03:02:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2014/05/03 03:02:04 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2014/05/03 03:02:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acppage.dll
[2014/05/03 03:02:03 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2014/05/03 03:02:03 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmdskmgr.dll
[2014/05/03 03:02:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014/05/03 03:02:03 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/05/03 03:02:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpchttp.dll
[2014/05/03 03:02:02 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2014/05/03 03:02:02 | 000,038,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2014/05/03 03:02:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbrand.dll
[2014/05/03 03:02:01 | 001,152,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2014/05/03 03:02:01 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/05/03 03:02:01 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MicrosoftAccountTokenProvider.dll
[2014/05/03 03:02:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slpts.dll
[2014/05/03 03:02:00 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014/05/03 03:02:00 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2014/05/03 03:02:00 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2014/05/03 03:01:59 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2014/05/03 03:01:59 | 000,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2014/05/03 03:01:59 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2014/05/03 03:01:59 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbadmin.exe
[2014/05/03 03:01:59 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2014/05/03 03:01:59 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2014/05/03 03:01:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/03 03:01:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acppage.dll
[2014/05/03 03:01:58 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2014/05/03 03:01:58 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2014/05/03 03:01:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Renewal.dll
[2014/05/03 03:01:58 | 000,028,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2014/05/03 03:01:58 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysResetErr.exe
[2014/05/03 03:01:57 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014/05/03 03:01:57 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/05/03 03:01:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2014/05/03 03:01:57 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014/05/03 03:01:57 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdboot.exe
[2014/05/03 03:01:57 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2014/05/03 03:01:56 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2014/05/03 03:01:56 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/05/03 03:01:56 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spbcd.dll
[2014/05/03 03:01:56 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2014/05/03 03:01:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slpts.dll
[2014/05/03 03:01:55 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2014/05/03 03:01:55 | 000,780,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2014/05/03 03:01:55 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PkgMgr.exe
[2014/05/03 03:01:55 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2014/05/03 03:01:55 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/03 03:01:55 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbrand.dll
[2014/05/03 03:01:54 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2014/05/03 03:01:54 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/05/03 03:01:54 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2014/05/03 03:01:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeResults.exe
[2014/05/03 03:01:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/05/03 03:01:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2014/05/03 03:01:54 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAConn.dll
[2014/05/03 03:01:53 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014/05/03 03:01:53 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/03 03:01:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2014/05/03 03:01:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014/05/03 03:01:52 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2014/05/03 03:01:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2014/05/03 03:01:52 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spcompat.dll
[2014/05/03 03:01:52 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/03 03:01:52 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2014/05/03 03:01:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys
[2014/05/03 03:01:51 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgrade.exe
[2014/05/03 03:01:51 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2014/05/03 03:01:50 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwizeng.dll
[2014/05/03 03:01:50 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskpart.exe
[2014/05/03 03:01:50 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energytask.dll
[2014/05/03 03:01:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spbcd.dll
[2014/05/03 03:01:47 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/05/03 03:01:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2014/05/03 03:01:44 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.exe
[2014/05/03 03:01:41 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2014/05/03 03:01:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2014/05/03 03:01:40 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/05/03 03:01:40 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2014/05/03 03:01:40 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2014/05/03 03:01:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpclean.dll
[2014/05/03 03:01:40 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceassociation.dll
[2014/05/03 03:01:39 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dasHost.exe
[2014/05/03 03:01:38 | 001,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2014/05/03 03:01:38 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2014/05/03 03:01:38 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2014/05/03 03:01:37 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srrstr.dll
[2014/05/03 03:01:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2014/05/03 03:01:37 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2014/05/03 03:01:37 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/05/03 03:01:37 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/05/03 03:01:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2014/05/03 03:01:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/05/03 03:01:36 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfrgui.exe
[2014/05/03 03:01:36 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014/05/03 03:01:36 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2014/05/03 03:01:36 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winsku.dll
[2014/05/03 03:01:36 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2014/05/03 03:01:36 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2014/05/03 03:01:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SSShim.dll
[2014/05/03 03:01:36 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll
[2014/05/03 03:01:36 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/05/03 03:01:35 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2014/05/03 03:01:35 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2014/05/03 03:01:35 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll
[2014/05/03 03:01:35 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceassociation.dll
[2014/05/03 03:01:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2014/05/03 03:01:34 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2014/05/03 03:01:34 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2014/05/03 03:01:34 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.exe
[2014/05/03 03:01:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\f3ahvoas.dll
[2014/05/03 03:01:33 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2014/05/03 03:01:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SrTasks.exe
[2014/05/03 03:01:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2014/05/03 03:01:32 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsdyn.dll
[2014/05/03 03:01:32 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfrgui.exe
[2014/05/03 03:01:32 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsku.dll
[2014/05/03 03:01:32 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2014/05/03 03:01:32 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2014/05/03 03:01:31 | 002,566,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2014/05/03 03:01:31 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2014/05/03 03:01:31 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014/05/03 03:01:31 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AepRoam.dll
[2014/05/03 03:01:31 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentHost.dll
[2014/05/03 03:01:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2014/05/03 03:01:29 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014/05/03 03:01:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxshared.dll
[2014/05/03 03:01:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2014/05/03 03:01:27 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/05/03 03:01:27 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2014/05/03 03:01:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConfigureExpandedStorage.dll
[2014/05/03 03:01:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConfigureExpandedStorage.dll
[2014/05/03 03:01:26 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/03 03:01:26 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/03 03:01:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scavengeui.dll
[2014/05/03 03:01:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/03 03:01:23 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2014/05/03 03:01:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/03 03:01:21 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2014/05/03 03:01:21 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2014/05/03 03:01:17 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/05/03 03:01:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014/05/03 03:01:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syncui.dll
[2014/05/03 03:01:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncPolicy.dll
[2014/05/03 03:01:15 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/03 03:01:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\finger.exe
[2014/05/03 03:01:14 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/05/03 03:01:14 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpdxm.dll
[2014/05/03 03:01:13 | 002,544,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2014/05/03 03:01:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncPolicy.dll
[2014/05/03 03:01:12 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2014/05/03 03:01:12 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ocsetapi.dll
[2014/05/03 03:01:11 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2014/05/03 03:01:11 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ocsetapi.dll
[2014/05/03 03:01:11 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitagent.exe
[2014/05/03 03:01:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2014/05/03 03:01:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2014/05/03 03:01:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/03 03:01:10 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\korwbrkr.dll
[2014/05/03 03:01:09 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2014/05/03 03:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/03 03:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/03 03:01:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2014/05/03 03:01:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2014/05/03 03:01:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2014/05/03 03:01:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2014/05/03 03:01:07 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/03 03:01:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2014/05/03 03:01:06 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/05/03 03:01:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2014/05/03 03:01:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2014/05/03 03:01:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/03 03:01:05 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/05/03 03:01:05 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/05/03 03:01:05 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2014/05/03 03:01:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\finger.exe
[2014/05/03 03:01:05 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/03 03:01:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/03 03:01:04 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/05/03 03:01:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\f3ahvoas.dll
[2014/05/03 03:01:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-networking-wcmapi-l1-1-0.dll
[2014/05/03 00:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyDownload
[2014/05/03 00:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\69feb2f28f08a22
[2014/05/03 00:53:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft
[2014/05/03 00:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ZalmanInstaller_5390
[2014/05/03 00:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/05/03 00:52:34 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\GetPrivate
[2014/05/03 00:51:07 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\Wise
[2014/05/02 19:09:46 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\Curse Client
[2014/05/02 19:09:36 | 000,000,000 | ---D | C] -- C:\Users\Shedd\AppData\Roaming\Curse
[2014/04/19 18:43:13 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll
[2014/04/19 18:43:13 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll
[2014/04/19 18:43:13 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll
[2014/04/19 18:43:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll
[2014/04/19 18:43:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe
[2014/04/19 18:43:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe
[2014/04/19 18:43:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpmodemx.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll
[2014/04/19 18:43:12 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplayx.dll
[2014/04/19 18:43:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpwsockx.dll
[2014/04/19 18:43:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplaysvr.exe
[2014/04/19 01:12:59 | 000,000,000 | ---D | C] -- C:\Users\Shedd\Documents\Diablo III
[2014/04/18 14:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2014/04/18 14:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/10 01:02:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/05/10 00:53:00 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\FF Watcher {F0F8B0CF-39AE-4247-A349-9414A155F504}.job
[2014/05/10 00:44:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shedd\Desktop\OTL.exe
[2014/05/10 00:43:50 | 000,854,367 | ---- | M] () -- C:\Users\Shedd\Desktop\SecurityCheck.exe
[2014/05/10 00:14:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/09 20:14:01 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/09 19:46:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/04 14:05:39 | 000,002,339 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/05/04 14:05:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/04 14:05:06 | 1627,037,694 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/04 13:46:37 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/04 12:55:25 | 000,000,282 | ---- | M] () -- C:\Users\Shedd\Documents\cc_20140504_125523.reg
[2014/05/04 12:55:07 | 000,039,432 | ---- | M] () -- C:\Users\Shedd\Documents\cc_20140504_125505.reg
[2014/05/04 12:54:40 | 000,433,168 | ---- | M] () -- C:\Users\Shedd\Documents\cc_20140504_125433.reg
[2014/05/04 12:52:41 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/05/04 12:50:27 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/05/04 12:47:55 | 000,002,313 | ---- | M] () -- C:\Users\Shedd\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/03 20:29:39 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/05/03 20:29:39 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/05/03 20:29:38 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/03 19:30:54 | 000,436,224 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/03 19:23:53 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/03 19:23:52 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/05/03 19:22:07 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/05/03 19:22:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/05/03 19:22:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/05/03 19:22:05 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/05/03 19:22:01 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/05/03 19:21:56 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/05/03 19:21:51 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/05/03 19:21:46 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/05/03 19:21:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/05/03 19:21:33 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/05/03 15:05:24 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/03 14:49:24 | 000,001,171 | ---- | M] () -- C:\Users\Shedd\Desktop\AdwCleaner.lnk
[2014/05/03 01:11:27 | 000,000,218 | ---- | M] () -- C:\Users\Shedd\AppData\Local\recently-used.xbel
[2014/05/03 00:52:51 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/05/02 19:09:52 | 000,001,103 | ---- | M] () -- C:\Users\Shedd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
[2014/05/02 19:09:52 | 000,001,093 | ---- | M] () -- C:\Users\Shedd\Desktop\Curse.lnk
[2014/04/22 20:24:21 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/04/22 20:24:21 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/19 19:04:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/04/19 18:43:13 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll
[2014/04/19 18:43:13 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll
[2014/04/19 18:43:13 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll
[2014/04/19 18:43:13 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll
[2014/04/19 18:43:13 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe
[2014/04/19 18:43:13 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe
[2014/04/19 18:43:13 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpmodemx.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll
[2014/04/19 18:43:13 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll
[2014/04/19 18:43:12 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplayx.dll
[2014/04/19 18:43:12 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpwsockx.dll
[2014/04/19 18:43:12 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplaysvr.exe
[2014/04/19 18:41:25 | 000,281,872 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014/04/19 18:41:20 | 000,281,872 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0
[2014/04/19 18:41:18 | 000,076,888 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2014/04/14 20:13:43 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/04/14 20:05:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/04/14 20:05:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/04/14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/10 00:43:59 | 000,854,367 | ---- | C] () -- C:\Users\Shedd\Desktop\SecurityCheck.exe
[2014/05/04 12:55:24 | 000,000,282 | ---- | C] () -- C:\Users\Shedd\Documents\cc_20140504_125523.reg
[2014/05/04 12:55:06 | 000,039,432 | ---- | C] () -- C:\Users\Shedd\Documents\cc_20140504_125505.reg
[2014/05/04 12:54:35 | 000,433,168 | ---- | C] () -- C:\Users\Shedd\Documents\cc_20140504_125433.reg
[2014/05/04 12:52:41 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/05/04 12:50:27 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/05/03 14:49:24 | 000,001,171 | ---- | C] () -- C:\Users\Shedd\Desktop\AdwCleaner.lnk
[2014/05/03 14:40:53 | 000,002,339 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/05/03 03:09:39 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/03 03:04:36 | 000,139,600 | ---- | C] () -- C:\WINDOWS\SysNative\systemsf.ebd
[2014/05/03 03:03:17 | 000,262,335 | ---- | C] () -- C:\WINDOWS\SysNative\dfpinc.dat
[2014/05/03 03:01:49 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/05/03 03:01:49 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysNative\WimBootCompress.ini
[2014/05/03 03:01:13 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysWow64\RacRules.xml
[2014/05/03 03:01:13 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysNative\RacRules.xml
[2014/05/03 03:01:12 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-suggestions.searchconnector-ms
[2014/05/03 03:01:12 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-suggestions.searchconnector-ms
[2014/05/03 03:01:12 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-zeroinput.searchconnector-ms
[2014/05/03 03:01:12 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-zeroinput.searchconnector-ms
[2014/05/03 03:01:03 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/05/03 03:01:03 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/05/03 03:01:00 | 000,050,053 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/05/03 03:00:57 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2014/05/03 01:12:50 | 000,002,313 | ---- | C] () -- C:\Users\Shedd\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/03 01:11:27 | 000,000,218 | ---- | C] () -- C:\Users\Shedd\AppData\Local\recently-used.xbel
[2014/05/03 00:55:17 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/03 00:53:13 | 000,000,322 | ---- | C] () -- C:\WINDOWS\tasks\FF Watcher {F0F8B0CF-39AE-4247-A349-9414A155F504}.job
[2014/05/03 00:52:51 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/02 19:09:52 | 000,001,103 | ---- | C] () -- C:\Users\Shedd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
[2014/05/02 19:09:52 | 000,001,093 | ---- | C] () -- C:\Users\Shedd\Desktop\Curse.lnk
[2014/05/02 19:09:52 | 000,001,079 | ---- | C] () -- C:\Users\Shedd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
[2014/04/19 19:04:14 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/03/28 12:53:20 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/09 01:28:19 | 000,000,258 | RHS- | C] () -- C:\Users\Shedd\ntuser.pol
[2014/01/25 03:22:44 | 000,299,520 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/01/25 03:22:38 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/01/25 03:22:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/03/28 12:36:02 | 000,000,245 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/02/02 20:55:10 | 000,281,872 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2013/02/02 20:55:09 | 003,123,272 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2013/02/02 20:55:09 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2012/12/26 16:00:12 | 000,003,072 | ---- | C] () -- C:\Users\Shedd\AppData\Local\file__0.localstorage
[2012/09/28 11:45:06 | 000,247,296 | ---- | C] () -- C:\WINDOWS\SysWow64\rtvcvfw32.dll
[2012/09/26 05:41:40 | 000,001,313 | ---- | C] () -- C:\WINDOWS\THXCfg_SP_APOIM.ini
[2012/09/26 05:41:40 | 000,001,212 | ---- | C] () -- C:\WINDOWS\THXCfg_HP_APOIM.ini
[2012/09/26 05:41:40 | 000,001,212 | ---- | C] () -- C:\WINDOWS\THXCfg_APOIM.ini
[2012/09/26 05:41:39 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\APOMngr.DLL
[2012/09/26 05:41:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\SysWow64\CmdRtr.DLL
[2012/09/26 05:40:36 | 000,881,814 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/06/19 21:52:42 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2014/04/19 12:53:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/19 23:48:41 | 021,232,792 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/19 21:20:53 | 018,679,216 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/02/23 17:34:28 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Awesomium
[2013/11/09 17:49:35 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Battle.net
[2014/05/10 00:59:01 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\ClassicShell
[2014/05/02 19:09:36 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Curse
[2014/05/02 22:04:38 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Curse Client
[2013/10/05 11:25:57 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\GameSave Manager 3
[2014/05/03 00:52:34 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\GetPrivate
[2013/09/20 20:04:54 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Guild Wars 2
[2013/01/13 00:55:17 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\LolClient
[2014/04/04 21:15:01 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Motorola
[2014/04/04 21:15:56 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Motorola Mobility
[2013/10/05 11:07:22 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Origin
[2013/11/09 22:20:46 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Python-Eggs
[2013/12/07 23:05:35 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\RenPy
[2012/12/26 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Synaptics
[2013/01/07 11:40:10 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\SystemRequirementsLab
[2013/02/23 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\The Creative Assembly
[2014/05/04 12:53:15 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\TS3Client
[2012/12/26 17:52:35 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\WebApp
[2014/05/03 00:51:07 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\Wise
[2014/04/04 20:38:10 | 000,000,000 | ---D | M] -- C:\Users\Shedd\AppData\Roaming\ZJMedia

========== Purity Check ==========



< End of report >


#5 Jo*

Jo*

  • Malware Response Team
  • 3,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:46 AM

Posted 12 May 2014 - 03:59 AM

Hello Shedada,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 Jo*

Jo*

  • Malware Response Team
  • 3,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:46 AM

Posted 14 May 2014 - 01:36 AM

Hi,

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

Note: Threads will be closed if no response after 3 days.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 Jo*

Jo*

  • Malware Response Team
  • 3,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:46 AM

Posted 16 May 2014 - 10:36 AM

Please start a new topic, if you still need help.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users