Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unusually Hard to Get rid of Malware


  • This topic is locked This topic is locked
12 replies to this topic

#1 ModernCannabist

ModernCannabist

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 10 June 2014 - 01:09 PM

Hello everyone, I'm running  Lenovo Ideapad Y570 and yesterday I got a very odd piece of malware. It exhibits it's self in ANY browser that triggers a pop up, than immediately redirects that pop up to one of the various "Download this media player" Or "Update flash pages". I noticed it first with Steam. Opened up Steam, it does the little pop up that shows news games and it's redirected to apage like this -> 

IOLLpms.jpg

 

So I did the normal thing, run malware bytes, then run combofix. Still has malware. Alright, so I run spyware search and destroy, kapersky, hijack this everything shows as clean. Yet sure enough I still have the malware. Not sure what to do at this point. 

 

Here's the DDS Report-->

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514
Run by Navi at 12:01:29 on 2014-06-10
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8136.5742 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
uRun: [GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 107.170.189.30 198.199.96.25 69.145.232.30
TCP: Interfaces\{A6D02D35-EF05-4C3D-B6A3-937A80D34855} : DHCPNameServer = 107.170.189.30 198.199.96.25 69.145.232.30
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 LHDmgr;LHDmgr;C:\Windows\System32\drivers\LhdX64.sys [2014-6-10 39008]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-6-10 25960]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-6-10 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-6-10 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-6-10 171928]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\Windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-6-10 317440]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2014-6-10 174168]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-18 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-18 181248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
.
=============== Created Last 30 ================
.
2014-06-10 12:42:12 -------- d-----w- C:\Windows\Panther
2014-06-10 12:39:36 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-06-10 12:39:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-06-10 12:39:32 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-10 12:39:01 -------- d-----w- C:\Users\Navi\AppData\Local\Programs
2014-06-10 12:16:49 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2014-06-10 12:16:48 -------- d-----w- C:\Program Files (x86)\Steam
2014-06-10 11:56:59 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-06-10 11:45:58 -------- d-----w- C:\Program Files (x86)\VideoLAN
2014-06-10 11:40:19 -------- d-----w- C:\Users\Navi\AppData\Local\Google
2014-06-10 11:40:03 -------- d-----w- C:\Users\Navi\AppData\Local\Deployment
2014-06-10 11:40:03 -------- d-----w- C:\Users\Navi\AppData\Local\Apps
2014-06-10 11:36:19 -------- d-----w- C:\Windows\SysWow64\NV
2014-06-10 11:36:19 -------- d-----w- C:\Windows\System32\NV
2014-06-10 11:35:12 39008 ----a-w- C:\Windows\System32\drivers\LhdX64.sys
2014-06-10 11:35:12 19872 ----a-w- C:\Windows\System32\LenovoSDKEmSubSystem.dll
2014-06-10 11:35:12 -------- d-----w- C:\Program Files\Lenovo
2014-06-10 11:35:01 -------- d-----w- C:\Program Files (x86)\Lenovo
2014-06-10 11:34:43 -------- d-----w- C:\Users\Navi\AppData\Local\Downloaded Installations
2014-06-10 11:34:23 -------- d-----w- C:\Users\Navi\AppData\Local\SRS Labs
2014-06-10 11:34:21 -------- d-----w- C:\Program Files\SRS Labs
2014-06-10 11:31:40 -------- d-----w- C:\Users\Navi\AppData\Roaming\Intel
2014-06-10 11:31:31 -------- d-----w- C:\Users\Navi\Roaming
2014-06-10 11:31:31 -------- d-----w- C:\ProgramData\Roaming
2014-06-10 11:30:38 -------- d-----w- C:\Program Files (x86)\Cisco
2014-06-10 11:23:59 -------- d-----w- C:\Program Files\Common Files\Intel
2014-06-10 11:23:58 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-06-10 11:23:07 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-06-10 11:22:45 -------- d-----w- C:\Program Files\Synaptics
2014-06-10 11:21:55 -------- d-----w- C:\Program Files (x86)\JMicron
2014-06-10 11:21:49 -------- d-----w- C:\Windows\SysWow64\SDA
2014-06-10 11:19:35 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2014-06-10 11:19:28 -------- d-----w- C:\Intel
2014-06-10 11:18:18 -------- d-----w- C:\Program Files (x86)\Renesas Electronics
2014-06-10 11:15:47 -------- d-sh--w- C:\Windows\Installer
2014-06-10 11:01:16 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2014-06-10 11:01:15 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll
2014-06-10 10:59:41 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2014-06-10 10:59:38 66856 ----a-w- C:\Windows\SysWow64\SynTPEnhPS.dll
2014-06-10 10:59:37 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll
2014-06-10 10:59:36 398896 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2014-06-10 10:59:36 227624 ----a-w- C:\Windows\System32\SynTPAPI.dll
2014-06-10 10:59:36 148776 ----a-w- C:\Windows\System32\SynTPCo9.dll
2014-06-10 10:59:34 222504 ----a-w- C:\Windows\SysWow64\SynCtrl.dll
2014-06-10 10:59:34 1048576 ----a-w- C:\Windows\System32\syndata.bin
2014-06-10 10:59:33 416040 ----a-w- C:\Windows\System32\SynCOM.dll
2014-06-10 10:59:33 277800 ----a-w- C:\Windows\System32\SynCtrl.dll
2014-06-10 10:59:33 177448 ----a-w- C:\Windows\SysWow64\SynCOM.dll
2014-06-10 10:56:50 203352 ----a-w- C:\Windows\SysWow64\jmcricon.dll
2014-06-10 10:56:50 203352 ----a-w- C:\Windows\System32\jmcricon.dll
2014-06-10 10:56:50 174168 ----a-w- C:\Windows\System32\drivers\jmcr.sys
.
==================== Find3M  ====================
.
2014-06-10 11:34:45 29792 ----a-w- C:\Windows\System32\drivers\AcpiVpc.sys
.
============= FINISH: 12:01:44.97 ===============
 
Attached File  Attach.txt   2.83KB   2 downloads


BC AdBot (Login to Remove)

 


m

#2 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:03:10 AM

Posted 10 June 2014 - 03:40 PM

Hi ModernCannabist and Welcome to BleepingComputer!

I am currently looking though your logs and will advice you on what to do in my next reply.

Please can you post the log combofix created? This will be in C:\combofix.txt

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#3 ModernCannabist

ModernCannabist
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 10 June 2014 - 06:08 PM

ComboFix 14-06-10.01 - Navi 06/10/2014  17:01:09.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8136.4953 [GMT -6:00]
Running from: c:\users\Navi\Downloads\Temporary\ComboFix.exe
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((((((((   Files Created from 2014-05-10 to 2014-06-10  )))))))))))))))))))))))))))))))
.
.
2014-06-10 23:05 . 2014-06-10 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-10 22:38 . 2014-06-10 22:38 -------- d-----w- c:\windows\SysWow64\Wat
2014-06-10 22:38 . 2014-06-10 22:38 -------- d-----w- c:\windows\system32\Wat
2014-06-10 20:50 . 2014-06-10 20:51 -------- d-----w- c:\windows\system32\MRT
2014-06-10 20:48 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-06-10 20:48 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-06-10 20:48 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-06-10 20:48 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-06-10 20:48 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-06-10 20:27 . 2014-06-10 20:27 -------- d-----w- c:\windows\Migration
2014-06-10 20:07 . 2013-10-15 00:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-06-10 19:46 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-10 19:29 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-06-10 19:25 . 2014-05-20 07:18 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3BD46268-B156-40E9-82DE-734DEAAEB8A0}\mpengine.dll
2014-06-10 19:20 . 2012-08-23 14:12 29696 ----a-w- c:\windows\system32\drivers\terminpt.sys
2014-06-10 19:20 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-06-10 19:20 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-06-10 19:20 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 19:20 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-06-10 19:20 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-06-10 19:20 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-06-10 19:20 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2014-06-10 18:58 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-06-10 18:58 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-06-10 18:58 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-06-10 18:58 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-06-10 18:58 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-06-10 18:58 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-06-10 18:58 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-06-10 18:48 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-06-10 18:48 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-06-10 18:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-06-10 18:44 . 2014-06-10 22:47 -------- d-----w- c:\windows\SysWow64\NV
2014-06-10 18:44 . 2014-06-10 22:47 -------- d-----w- c:\windows\system32\NV
2014-06-10 18:39 . 2012-12-07 11:20 30720 ----a-w- c:\windows\system32\usk.rs
2014-06-10 18:38 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-06-10 18:37 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-06-10 18:36 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2014-06-10 18:35 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2014-06-10 18:33 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-06-10 18:33 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2014-06-10 18:33 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-06-10 18:33 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2014-06-10 18:19 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-06-10 18:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-06-10 18:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-06-10 18:16 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-06-10 18:16 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-06-10 18:16 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-06-10 18:12 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-06-10 18:12 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-06-10 18:12 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-06-10 18:12 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-06-10 18:12 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-06-10 18:12 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-06-10 18:12 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-06-10 18:12 . 2012-06-02 21:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-06-10 18:12 . 2012-06-02 21:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-06-10 12:42 . 2014-06-10 10:49 -------- d-----w- c:\windows\Panther
2014-06-10 12:39 . 2013-09-20 16:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2014-06-10 12:39 . 2014-06-10 12:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-06-10 12:39 . 2014-06-10 12:43 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-06-10 12:26 . 2014-06-10 12:32 -------- d-----w- c:\program files\HijackThis
2014-06-10 12:16 . 2014-06-10 12:16 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-06-10 12:16 . 2014-06-10 17:57 -------- d-----w- c:\program files (x86)\Steam
2014-06-10 11:56 . 2014-06-10 17:52 -------- d-----w- c:\programdata\Kaspersky Lab
2014-06-10 11:55 . 2014-06-10 11:55 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-06-10 11:45 . 2014-06-10 11:45 -------- d-----w- c:\program files (x86)\VideoLAN
2014-06-10 11:40 . 2014-06-10 11:40 -------- d-----w- c:\program files (x86)\Google
2014-06-10 11:35 . 2014-06-10 11:35 -------- d-----w- c:\program files\DIFX
2014-06-10 11:35 . 2014-06-10 11:35 -------- d-----w- c:\program files\Lenovo
2014-06-10 11:35 . 2014-06-10 11:34 39008 ----a-w- c:\windows\system32\drivers\LhdX64.sys
2014-06-10 11:35 . 2014-06-10 11:34 19872 ----a-w- c:\windows\system32\LenovoSDKEmSubSystem.dll
2014-06-10 11:35 . 2014-06-10 11:35 -------- d-----w- c:\program files (x86)\Lenovo
2014-06-10 11:34 . 2014-06-10 11:34 -------- d-----w- c:\program files\SRS Labs
2014-06-10 11:31 . 2014-06-10 11:31 -------- d-----w- c:\users\Public\Roaming
2014-06-10 11:31 . 2014-06-10 11:31 -------- d-----w- c:\users\Default\Roaming
2014-06-10 11:30 . 2014-06-10 11:30 -------- d-----w- c:\program files (x86)\Cisco
2014-06-10 11:30 . 2014-06-10 11:30 -------- d-----w- c:\programdata\Intel
2014-06-10 11:30 . 2014-06-10 11:30 -------- d-----w- c:\program files\Intel
2014-06-10 11:29 . 2014-06-10 18:44 -------- d-----w- c:\users\UpdatusUser
2014-06-10 11:29 . 2014-06-10 18:43 -------- d-----w- c:\programdata\NVIDIA
2014-06-10 11:23 . 2014-06-10 19:51 -------- d-----w- c:\program files\Common Files\Intel
2014-06-10 11:23 . 2014-06-10 18:44 -------- d-----w- c:\program files\NVIDIA Corporation
2014-06-10 11:22 . 2014-06-10 11:22 -------- d-----w- c:\program files\Synaptics
2014-06-10 11:21 . 2014-06-10 11:21 -------- d-----w- c:\program files (x86)\JMicron
2014-06-10 11:21 . 2014-06-10 11:21 -------- d-----w- c:\windows\SysWow64\SDA
2014-06-10 11:19 . 2014-06-10 19:51 -------- d-----w- c:\program files (x86)\Intel
2014-06-10 11:19 . 2010-12-23 03:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2014-06-10 11:19 . 2014-06-10 11:23 -------- d-----w- C:\Intel
2014-06-10 11:18 . 2014-06-10 11:35 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-06-10 11:18 . 2014-06-10 11:18 -------- d-----w- c:\program files (x86)\Renesas Electronics
2014-06-10 11:15 . 2014-06-10 20:33 -------- d-sh--w- c:\windows\Installer
2014-06-10 11:01 . 2010-10-15 08:28 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2014-06-10 11:01 . 2010-10-15 08:27 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2014-06-10 10:59 . 2009-08-07 02:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2014-06-10 10:59 . 2011-10-28 11:21 66856 ----a-w- c:\windows\SysWow64\SynTPEnhPS.dll
2014-06-10 10:59 . 2011-10-28 11:21 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2014-06-10 10:59 . 2011-10-28 11:23 398896 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-06-10 10:59 . 2011-10-28 11:21 148776 ----a-w- c:\windows\system32\SynTPCo9.dll
2014-06-10 10:59 . 2011-10-28 11:21 227624 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-06-10 10:59 . 2011-10-28 11:21 222504 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2014-06-10 10:59 . 2011-09-14 10:11 1048576 ----a-w- c:\windows\system32\syndata.bin
2014-06-10 10:59 . 2011-10-28 11:21 277800 ----a-w- c:\windows\system32\SynCtrl.dll
2014-06-10 10:59 . 2011-10-28 11:21 416040 ----a-w- c:\windows\system32\SynCOM.dll
2014-06-10 10:59 . 2011-10-28 11:21 177448 ----a-w- c:\windows\SysWow64\SynCOM.dll
2014-06-10 10:56 . 2010-12-13 03:31 174168 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-06-10 10:56 . 2010-07-27 02:08 203352 ----a-w- c:\windows\SysWow64\jmcricon.dll
2014-06-10 10:56 . 2010-07-27 02:08 203352 ----a-w- c:\windows\system32\jmcricon.dll
2014-06-10 10:49 . 2014-06-10 11:31 -------- d-----w- c:\users\Navi
2014-06-10 10:49 . 2014-06-10 10:49 -------- d-----w- C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-10 11:34 . 2010-10-26 01:44 29792 ----a-w- c:\windows\system32\drivers\AcpiVpc.sys
2014-03-31 15:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-05-13 860488]
"Spotify"="c:\users\Navi\AppData\Roaming\Spotify\Spotify.exe" [2014-06-10 6170168]
"Spotify Web Helper"="c:\users\Navi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-06-10 1176632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-04-25 4101584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-10 11:40 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-10 11:40]
.
2014-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-10 11:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2014-06-10 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2014-06-10 5908928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 107.170.189.30 198.199.96.25 69.145.232.30
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-06-10  17:06:41
ComboFix-quarantined-files.txt  2014-06-10 23:06
.
Pre-Run: 446,859,337,728 bytes free
Post-Run: 447,152,304,128 bytes free
.
- - End Of File - - 27E3909CBA6D6EBC75C55C436F943CCB
A36C5E4F47E84449FF07ED3517B43A31


#4 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:03:10 AM

Posted 11 June 2014 - 02:09 AM

Hello ModernCannabist

I'm Seedy21 and I will be helping you with your issues.

Please note the following information about the malware forum:

  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by me
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • Please reply within 48 hours, if you are going to be away for longer please let us know or the topic will be closed for been inactive
  • If you are using Cracked or Illegal software your thread will be closed
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close.

Combofix is a powerful tool intended by its creator to be used under the direction of an expert. It is NOT for private use. You should NOT use Combofix unless a Malware Removal Expert has told you to. Improper use of this tool can seriously damage your operating system and may even prevent it from starting again. Please read Combofix's Disclaimer.
Plus, if it is run without be asked for by a 'helper', the creator will offer no help if anything goes wrong.

Step 1
Download ADWCleaner to your desktop:
http://www.bleepingcomputer.com/download/adwcleaner/

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Step 2

Download 51a612a8b27e2-Zoek.pngzoek.exe from here: http://hijackthis.nl/smeenk/ and save it to your Desktop.

  • Close/disable all anti virus and anti malware programs so they do not interfere with the download or execution of Zoek.exe
    You can find instructions how to disable your security applications >>Here<< or >>Here<<
  • Double click zoek.exe to start the program.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar !
    autoclean;
    emptyclsid;
    emptyfolderscheck;delete
    startupall;
    services_list;
    standardsearch;
    
  • Close any open browsers.
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive (normally C:\).
  • Please post the log file for further review in your next reply

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#5 ModernCannabist

ModernCannabist
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 11 June 2014 - 05:27 AM

Hello Seedy, and thank you so much for the help. I will not do anything not asked for after this point. Before reading this however I had installed some windows updates. Hope that didn't screw anything up. 

 

C:\AdwCleaner shows three files

 

AdwCleaner[R0]

# AdwCleaner v3.212 - Report created 11/06/2014 at 03:50:57
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Navi - NAVI-PC
# Running from : C:\Users\Navi\Downloads\Temporary\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\Navi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [627 octets] - [11/06/2014 03:50:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [686 octets] ##########
 
 
 
AdwCleaner[R1]
# AdwCleaner v3.212 - Report created 11/06/2014 at 03:53:58
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Navi - NAVI-PC
# Running from : C:\Users\Navi\Downloads\Temporary\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\Navi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [765 octets] - [11/06/2014 03:50:57]
AdwCleaner[R1].txt - [686 octets] - [11/06/2014 03:53:58]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [745 octets] ##########
 
 
and lastly AdwCleaner[S0]
# AdwCleaner v3.212 - Report created 11/06/2014 at 03:54:37
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Navi - NAVI-PC
# Running from : C:\Users\Navi\Downloads\Temporary\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\Navi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://css-tricks.com/search-results/?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [765 octets] - [11/06/2014 03:50:57]
AdwCleaner[R1].txt - [824 octets] - [11/06/2014 03:53:58]
AdwCleaner[S0].txt - [979 octets] - [11/06/2014 03:54:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1038 octets] ##########


#6 ModernCannabist

ModernCannabist
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 11 June 2014 - 05:31 AM

Okay forum doesn't like the length of this log.. breaking it into two

 

Zoek-results

 

 
Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Navi on Wed 06/11/2014 at  3:58:47.78.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Navi\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
6/11/2014 4:00:02 AM Zoek.exe System Restore Point Created Succesfully.
 
==== Empty Folders Check ======================
 
C:\Users\Navi\AppData\Local\VirtualStore deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Running Processes ======================
 
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Users\Navi\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
 
==== Deleting Services ======================
 
 
==== System Specs ======================
 
Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8136 MB
CPU Info: Intel® Core™ i7-2670QM CPU @ 2.20GHz
CPU Speed: 2241.3 MHz
Sound Card: Speakers (High Definition Audio | 
Digital Audio (S/PDIF) (High De | 
Display Adapters: Intel® HD Graphics 3000 | Intel® HD Graphics 3000 | NVIDIA GeForce GT 555M  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel® WiFi Link 1000 BGN | Bluetooth Device (Personal Area Network)
CD / DVD Drives: 1x (D: | ) D: PLDS    DVD-RW DS8A8SH
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  450.9GB
Hard Disks - Free: C:  398.6GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE | 01/04/12 | LENOVO - 1
Time Zone: Mountain Standard Time
Motherboard *: LENOVO Base Board Product Name
Country: United States 
Language: ENU 
 
==== System Specs (Software) ======================
 
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Spybot - Search and Destroy disabled (Outdated)
Internet Explorer Version: 11.0.9600.17126 
Google Chrome version: 35.0.1916.114
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2014-06-10 23:00:14 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-06-10 23:00:14 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-06-10 23:00:14 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-06-10 23:00:14 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-06-10 23:00:14 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Navi\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-06-11 09:51:07 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll
2014-06-11 01:19:30 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\SysWOW64\XAudio2_5.dll
2014-06-11 01:19:29 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-11 01:19:29 B33B21DB610116262D906305CE65C354 1974616 ----a-w- C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-11 01:19:29 B337306DFB508A1BCEF1974BFBB8D924 5501792 ----a-w- C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-11 01:19:28 D09AC80A4B5312239852836C84DF3392 235344 ----a-w- C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-11 01:19:28 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_42.dll
2014-06-11 01:19:27 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\Windows\SysWOW64\D3DX9_42.dll
2014-06-11 01:19:27 781E8B5B6FDB3C9B4E4A4A9FB019960D 1846632 ----a-w- C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-06-11 01:19:27 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\SysWOW64\D3DX9_41.dll
2014-06-11 01:19:27 1AA571774936717EE776DBED51E9EDF4 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_41.dll
2014-06-11 01:19:26 E763798CAD2A90B6AB61854F50CD47DD 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-11 01:19:26 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-11 01:19:26 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-11 01:19:26 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-06-11 01:19:25 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll
2014-06-11 01:19:25 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-11 01:19:25 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-11 01:19:25 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-11 01:19:25 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-11 01:19:25 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-11 01:19:24 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-11 01:19:24 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-11 01:19:24 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-11 01:19:23 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-11 01:19:23 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-11 01:19:23 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-11 01:19:23 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-11 01:19:22 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-11 01:19:22 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-11 01:19:21 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-11 01:19:21 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-11 01:19:21 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-11 01:19:21 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-11 01:19:21 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-11 01:19:20 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-11 01:19:19 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-11 01:19:19 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-11 01:19:19 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-11 01:19:19 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-11 01:19:19 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-11 01:19:18 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-11 01:19:17 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-11 01:19:17 F3764552E45880DC49B82F38699AA87C 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-11 01:19:17 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-11 01:19:17 5B441670A4F5F8BCCE76741902B8AF56 1358192 ----a-w- C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-11 01:19:17 46EE68F04A75A1CCF40235EA6F1CBA05 267112 ----a-w- C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-11 01:19:17 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-11 01:19:16 3EF18B78D17C962F2B71AC1CB7757684 3727720 ----a-w- C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-11 01:19:15 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-11 01:19:15 75F206C195BBACA6EF28565B1C0CD75C 1124720 ----a-w- C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-11 01:19:15 5AA9987F2E62B56D7661B6901901F927 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-11 01:19:15 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-11 01:19:15 1CA939918ED1B930059B3A882DE6F648 3497832 ----a-w- C:\Windows\SysWOW64\d3dx9_34.dll
2014-06-11 01:19:14 FAE7E1D578C42A7C3D9D61A99D178BD5 1123696 ----a-w- C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-11 01:19:14 7FEBB8CE2233CBAE738B16D42ED29674 261480 ----a-w- C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-11 01:19:14 77F595DEE5FFACEA72B135B1FCE1312E 81768 ----a-w- C:\Windows\SysWOW64\xinput1_3.dll
2014-06-11 01:19:14 37A8171ACCF46A9C196054066C28827F 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-11 01:19:13 CDB1CD22BAFF21F48606B3C1A18B000B 3495784 ----a-w- C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-11 01:19:13 86C93789E9006F1AC47ED9DD47D4C8A1 251672 ----a-w- C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-11 01:19:13 6F34F7405807DCBF0B9BF6811C94C6D9 440080 ----a-w- C:\Windows\SysWOW64\d3dx10.dll
2014-06-11 01:19:13 39000E033D39D19CCCE21AEAFCCE2476 255848 ----a-w- C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-11 01:19:12 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\Windows\SysWOW64\d3dx9_31.dll
2014-06-11 01:19:12 69D841744B2BAE38FBB2D40A230A549C 236824 ----a-w- C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-11 01:19:12 6550E1A0A7BE611592C31222FCB981FB 237848 ----a-w- C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-11 01:19:12 33B62BE226934E1B01F5043870C70427 62744 ----a-w- C:\Windows\SysWOW64\xinput1_2.dll
2014-06-11 01:19:12 121B131EAA369D8F58DACC5C39A77D80 15128 ----a-w- C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-11 01:19:11 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\Windows\SysWOW64\xinput1_1.dll
2014-06-11 01:19:11 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-11 01:19:10 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-11 01:19:08 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-11 01:19:08 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-11 01:19:08 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-11 01:19:07 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-11 01:19:07 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-11 01:19:07 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-11 01:19:06 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-11 01:19:06 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-10 23:46:25 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-10 23:46:25 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\SysWOW64\d3dx9_32.dll
2014-06-10 22:50:49 D9AA667C05FA2803619B37092D223B40 437 ----a-w- C:\Windows\SysWOW64\collectionCache.bnk
2014-06-10 20:48:46 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll
2014-06-10 20:48:46 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2014-06-10 20:29:12 80BC7F119541559B7256DA8E9A5CA92A 770556 ----a-w- C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-10 20:02:34 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll
2014-06-10 20:02:31 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 20:02:31 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-10 20:02:31 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll
2014-06-10 20:02:31 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-06-10 20:02:31 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll
2014-06-10 20:02:30 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf
2014-06-10 20:02:30 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-10 20:02:30 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll
2014-06-10 20:02:30 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-06-10 20:02:30 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-06-10 20:02:30 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec
2014-06-10 20:02:30 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-06-10 20:02:30 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-06-10 20:02:30 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll
2014-06-10 20:02:30 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 20:02:30 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 20:02:30 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-06-10 20:02:30 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 20:02:30 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat
2014-06-10 20:02:30 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-10 20:02:30 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2014-06-10 20:02:30 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe
2014-06-10 20:02:30 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2014-06-10 20:02:30 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-06-10 20:02:30 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2014-06-10 20:02:30 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2014-06-10 20:02:30 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 20:02:30 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-10 20:02:30 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2014-06-10 20:02:30 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-06-10 20:02:30 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 20:02:30 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll
2014-06-10 20:02:30 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2014-06-10 20:02:30 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-06-10 20:02:30 6CDFEF0A1000A268DA79708FD0A334E8 240856 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-06-10 20:02:30 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe
2014-06-10 20:02:30 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-06-10 20:02:30 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 20:02:30 5666468A10CB3D7899CE3100FB7C394B 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-10 20:02:30 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-10 20:02:30 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2014-06-10 20:02:30 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll
2014-06-10 20:02:30 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 20:02:30 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2014-06-10 20:02:30 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-06-10 20:02:30 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2014-06-10 20:02:30 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll
2014-06-10 20:02:30 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-06-10 20:02:30 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-10 20:02:30 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-06-10 20:02:30 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2014-06-10 20:02:30 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 19:46:06 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll
2014-06-10 19:46:06 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll
2014-06-10 19:46:06 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe
2014-06-10 19:46:06 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-10 19:46:05 A5FE03D57097A45B8E7A4A09C9B78695 5698048 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2014-06-10 19:46:05 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-10 19:20:33 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-10 18:51:41 8B285BDAB7735FDFB18E6F7122923B77 187392 ----a-w- C:\Windows\SysWOW64\UIAnimation.dll
2014-06-10 18:51:41 600A65F922CCDCBB2D11467914241556 2284544 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-10 18:51:40 545F1BAAADD0BF1F4FE4586293FCA07D 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll
2014-06-10 18:51:39 FB3F036EF6A467F7AF46C821FF5D198D 220160 ----a-w- C:\Windows\SysWOW64\d3d10core.dll
2014-06-10 18:51:39 D4F264FE23F8953D840904418220C15E 293376 ----a-w- C:\Windows\SysWOW64\dxgi.dll
2014-06-10 18:51:39 D4212AB475A3B25EC4DF574536C3EDC5 249856 ----a-w- C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-10 18:51:39 C7A730AFB80B11F93EFC81B1D6F920D7 364544 ----a-w- C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-10 18:51:39 B3170CCC779B682C3341873EA60CF084 1988096 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll
2014-06-10 18:51:39 8504944851DF6175CC489A8F3328459E 1080832 ----a-w- C:\Windows\SysWOW64\d3d10.dll
2014-06-10 18:51:39 6A7B5A3EFCCDB53DA41CF6838056990F 1158144 ----a-w- C:\Windows\SysWOW64\XpsPrint.dll
2014-06-10 18:51:39 6A13B4F3B3F575F1E24B877B9359AABA 10752 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-10 18:51:39 6951562DC4625EEFC6EACD52AD165866 9728 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-10 18:51:39 60F4AEFA103D421EA4A40E31409B4756 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-10 18:51:39 589CBC4989F750E1DA35625AB481CF43 4096 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-10 18:51:39 4FF3EC04CD47DD62181894B71B004E40 604160 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
2014-06-10 18:51:39 49ACA548B2423F1C67898E6AC719A9A6 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-10 18:51:39 3C1936A12C62254F914A01BBC6A8DC69 161792 ----a-w- C:\Windows\SysWOW64\d3d10_1.dll
2014-06-10 18:51:39 3BE0D923AA45A4DBE091C2D84F0B4FE7 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-10 18:51:39 2E33DFD10F28F86C3FC40EE123CC3904 2560 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-10 18:51:39 1C60E09CA1C3A045BC4D367F67C915B7 5632 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-10 18:51:39 007863E45F25AA47A4C30D0930BBFD85 5632 ---ha-w- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-10 18:51:38 9FF8F684BACF326082E5562F7C104A79 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll
2014-06-10 18:51:38 62A6EB5771580CAE445804389F3F7432 207872 ----a-w- C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-10 18:51:38 4277F5164DE9B7C665BB928B9145BEE0 1247744 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2014-06-10 18:51:38 3BCECD87AB4E6743BFB45B352AD1A529 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-10 18:48:08 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll
2014-06-10 18:40:03 9DE19EA21DF99AF15BA5A947E5317F9E 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2014-06-10 18:40:03 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-10 18:40:03 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-10 18:40:02 ED195AC76E10F17F6DD60C49666F2A83 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2014-06-10 18:40:02 828185688FDAAE6C7959B884ABED1766 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll
2014-06-10 18:40:01 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\SysWOW64\adprovider.dll
2014-06-10 18:40:01 C94CE65AE7701E9FDBA889045543E27C 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2014-06-10 18:40:01 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2014-06-10 18:40:01 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\SysWOW64\objsel.dll
2014-06-10 18:40:01 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-10 18:40:01 812A161FC470FA832C3F0CC3D7ACA2F9 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2014-06-10 18:40:01 75878492F2B33405EEF900F8C16C6D08 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2014-06-10 18:40:01 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\SysWOW64\dimsroam.dll
2014-06-10 18:40:01 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\SysWOW64\wincredprovider.dll
2014-06-10 18:40:01 541BB9B4C899ADCC5D3DB89208C1F409 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2014-06-10 18:40:01 461B713DE7F353C6447B744F1A049930 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2014-06-10 18:40:01 3A1ABE045A3E30799576E83A2D012B43 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2014-06-10 18:40:01 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\SysWOW64\capiprovider.dll
2014-06-10 18:40:01 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\SysWOW64\cngprovider.dll
2014-06-10 18:40:01 2A86C18CE6869C77FCEB62F3B47D4D5B 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2014-06-10 18:39:57 ED59143843560B5EDB543C2A48CB9E4B 45568 ----a-w- C:\Windows\SysWOW64\oflc-nz.rs
2014-06-10 18:39:57 A704E750245D5D4EE4A23E99A00F27D5 46592 ----a-w- C:\Windows\SysWOW64\fpb.rs
2014-06-10 18:39:57 A067A19A91C2AA0198F9BD01A5CEF5C6 21504 ----a-w- C:\Windows\SysWOW64\grb.rs
2014-06-10 18:39:57 9EDCFA23CC081E38C86CA309D0F7E3DC 30720 ----a-w- C:\Windows\SysWOW64\usk.rs
2014-06-10 18:39:57 9B7D7F4D1F79E8B7D727BE94B1630D59 44544 ----a-w- C:\Windows\SysWOW64\pegibbfc.rs
2014-06-10 18:39:57 6EC618588447B82EA8D88719EE46F725 43520 ----a-w- C:\Windows\SysWOW64\csrr.rs
2014-06-10 18:39:57 5109C45498BC709C8A7E016D5FFCCAC2 20480 ----a-w- C:\Windows\SysWOW64\pegi.rs
2014-06-10 18:39:57 41CE7975CAD7BCF92538D2C452239523 40960 ----a-w- C:\Windows\SysWOW64\cob-au.rs
2014-06-10 18:39:57 27828AAA24AA46F11036954ADE355C1C 15360 ----a-w- C:\Windows\SysWOW64\djctq.rs
2014-06-10 18:39:56 DDD1C4AB9A9DAE6D4092C4C95E714650 51712 ----a-w- C:\Windows\SysWOW64\esrb.rs
2014-06-10 18:39:56 CBC69A055EF410CBD65593E4808B6DB4 23552 ----a-w- C:\Windows\SysWOW64\oflc.rs
2014-06-10 18:39:56 7752619457598CF057C4CC02A0867029 55296 ----a-w- C:\Windows\SysWOW64\cero.rs
2014-06-10 18:39:56 72035C97983745E742D71E9A8EF70BBB 20480 ----a-w- C:\Windows\SysWOW64\pegi-fi.rs
2014-06-10 18:39:56 64E211E0FDFCE4D186DF58BB7D0503BC 2576384 ----a-w- C:\Windows\SysWOW64\gameux.dll
2014-06-10 18:39:56 4F5C56DBF076D5BBB1D22B37BF281396 20480 ----a-w- C:\Windows\SysWOW64\pegi-pt.rs
2014-06-10 18:39:56 43C9CF6825CEA58F1815B7C3DBBB385C 308736 ----a-w- C:\Windows\SysWOW64\Wpc.dll
2014-06-10 18:39:24 AAB5D8C5ABE71873DC19ED004EF25009 792576 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-10 18:39:20 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll
2014-06-10 18:38:43 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-10 18:38:40 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-10 18:38:40 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe
2014-06-10 18:38:39 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll
2014-06-10 18:38:39 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll
2014-06-10 18:38:39 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll
2014-06-10 18:38:39 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-10 18:38:39 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-10 18:38:38 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-10 18:38:38 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-10 18:38:31 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2014-06-10 18:38:23 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\SysWOW64\tdh.dll
2014-06-10 18:38:22 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\SysWOW64\advapi32.dll
2014-06-10 18:38:22 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2014-06-10 18:38:05 6DE66FE7C526637E74CD066461C7C871 1505280 ----a-w- C:\Windows\SysWOW64\d3d11.dll
2014-06-10 18:38:03 2C4A87CA8C00E98EFDCFA2E8EC9A3503 180224 ----a-w- C:\Windows\SysWOW64\shdocvw.dll
2014-06-10 18:37:56 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2014-06-10 18:37:56 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2014-06-10 18:37:56 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2014-06-10 18:37:54 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll
2014-06-10 18:37:52 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2014-06-10 18:37:52 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2014-06-10 18:37:52 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2014-06-10 18:37:52 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2014-06-10 18:37:52 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2014-06-10 18:37:51 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2014-06-10 18:37:48 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll
2014-06-10 18:37:44 CC23295DA8F7B5C53F93804D2F5D30EB 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
2014-06-10 18:37:44 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2014-06-10 18:37:44 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2014-06-10 18:37:44 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2014-06-10 18:37:44 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
2014-06-10 18:37:41 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2014-06-10 18:37:41 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2014-06-10 18:37:41 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 18:37:41 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll
2014-06-10 18:37:33 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll
2014-06-10 18:37:32 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-10 18:37:32 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\SysWOW64\nshwfp.dll
2014-06-10 18:37:31 92FB57D9D865019D26346EB13E15CD75 642048 ----a-w- C:\Windows\SysWOW64\CPFilters.dll
2014-06-10 18:37:31 4D05D7A79E970398D8C687712E65A9B0 850944 ----a-w- C:\Windows\SysWOW64\sbe.dll
2014-06-10 18:37:31 246560C5B7995489F25BF9175F2B6380 199680 ----a-w- C:\Windows\SysWOW64\mpg2splt.ax
2014-06-10 18:37:23 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\SysWOW64\certutil.exe
2014-06-10 18:37:22 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\SysWOW64\certenc.dll
2014-06-10 18:37:20 EF71BA5DF59034962B0C62314A71351A 193536 ----a-w- C:\Windows\SysWOW64\dhcpcore6.dll
2014-06-10 18:37:20 81F6C1AE23B1C493D9E996C3103915D7 44032 ----a-w- C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-06-10 18:37:16 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2014-06-10 18:37:09 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll
2014-06-10 18:37:08 5078492B9CAC9CB721698DB51F039035 175104 ----a-w- C:\Windows\SysWOW64\netcorehc.dll
2014-06-10 18:37:08 23FC8068953C9BE2D63AE4EF1129112A 18944 ----a-w- C:\Windows\SysWOW64\netevent.dll
2014-06-10 18:37:08 0BA65122FFA7E37564EE86422DBF7AE8 52224 ----a-w- C:\Windows\SysWOW64\nlaapi.dll
2014-06-10 18:37:06 465DBF63A5049E4DB4BC5C12FFE781CB 1549312 ----a-w- C:\Windows\SysWOW64\tquery.dll
2014-06-10 18:37:06 0241CB16136B9A4939CA0395768AE286 1401344 ----a-w- C:\Windows\SysWOW64\mssrch.dll
2014-06-10 18:37:05 E1AC89F6C5252057E6062843E36A6701 164352 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-06-10 18:37:05 DB67C7C62038BDE813CB6486581A7611 337408 ----a-w- C:\Windows\SysWOW64\mssph.dll
2014-06-10 18:37:05 A6CD6B3F71E13E2E45B727FB8A47EA87 86528 ----a-w- C:\Windows\SysWOW64\SearchFilterHost.exe
2014-06-10 18:37:05 987323F0247D023AD1AE52195540ECE0 666624 ----a-w- C:\Windows\SysWOW64\mssvp.dll
2014-06-10 18:37:05 5BDF8B0B9A3EADE3A2A6F2ED8D44E36D 197120 ----a-w- C:\Windows\SysWOW64\mssphtb.dll
2014-06-10 18:37:05 2DC6285EC4F902BE08E7C5FA6D3FD017 59392 ----a-w- C:\Windows\SysWOW64\msscntrs.dll
2014-06-10 18:37:05 236F286E103FD44BD85FDD93097FD5DD 427520 ----a-w- C:\Windows\SysWOW64\SearchIndexer.exe
2014-06-10 18:37:03 3B7C1A53047FF6ACEFD9BA6E281DEBB7 805376 ----a-w- C:\Windows\SysWOW64\cdosys.dll
2014-06-10 18:37:00 FB19FC5951A88F3C523E35C2C98D23C0 314880 ----a-w- C:\Windows\SysWOW64\webio.dll
2014-06-10 18:36:59 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
2014-06-10 18:36:53 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll
2014-06-10 18:36:53 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\SysWOW64\credui.dll
2014-06-10 18:36:53 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-10 18:36:51 0AE0C4955E1DE29CCDC9DA1B816FE5EE 1328128 ----a-w- C:\Windows\SysWOW64\quartz.dll
2014-06-10 18:36:46 45FBAFFA68CBC29AC2563985CEE72B9C 24576 ----a-w- C:\Windows\SysWOW64\cryptdlg.dll
2014-06-10 18:36:43 B40420876B9288E0A1C8CCA8A84E5DC9 270336 ----a-w- C:\Windows\SysWOW64\dnsapi.dll
2014-06-10 18:36:43 ACBC1FB1950AC0C41944A6C8917032EF 28672 ----a-w- C:\Windows\SysWOW64\dnscacheugc.exe
2014-06-10 18:36:41 03F3B770DFBED6131653CEDA8CA780F0 442880 ----a-w- C:\Windows\SysWOW64\ntshrui.dll
2014-06-10 18:36:37 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe
2014-06-10 18:36:35 DC6612A9EE015A36BA2A27BC9CC12537 1137664 ----a-w- C:\Windows\SysWOW64\mfc42.dll
2014-06-10 18:36:35 24CAEDCD73B5B0E22226283B7B2468C7 1164288 ----a-w- C:\Windows\SysWOW64\mfc42u.dll
2014-06-10 18:36:22 813845D5C5D8325CA5E8B1F547016378 534528 ----a-w- C:\Windows\SysWOW64\EncDec.dll
2014-06-10 18:36:21 EF37EDC20412A01DDD9A42E8D939A5A3 163840 ----a-w- C:\Windows\SysWOW64\odbctrac.dll
2014-06-10 18:36:21 E2D83DAA6A229CFDAF129189A9245889 86016 ----a-w- C:\Windows\SysWOW64\odbccu32.dll
2014-06-10 18:36:21 66ABBF38123D3113BB55EBAFCF37AB92 122880 ----a-w- C:\Windows\SysWOW64\odbccp32.dll
2014-06-10 18:36:21 534BF06B2DEE965A1389A9312545AE03 81920 ----a-w- C:\Windows\SysWOW64\odbccr32.dll
2014-06-10 18:36:21 3FDB77D0BBEEB36AE35077ABC0BF80EC 319488 ----a-w- C:\Windows\SysWOW64\odbcjt32.dll
2014-06-10 18:36:19 B0BE998802DEDEE1FD8F5E5F9F207A30 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll
2014-06-10 18:36:19 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll
2014-06-10 18:36:18 D23E615E0969AECC1134E372B0B295D1 78336 ----a-w- C:\Windows\SysWOW64\synceng.dll
2014-06-10 18:36:17 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls
2014-06-10 18:36:15 7E9917D5309A90E7576653BFE39F80D8 478720 ----a-w- C:\Windows\SysWOW64\timedate.cpl
2014-06-10 18:36:13 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll
2014-06-10 18:36:13 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe
2014-06-10 18:36:13 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe
2014-06-10 18:36:13 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx
2014-06-10 18:36:12 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\SysWOW64\wer.dll
2014-06-10 18:36:11 FC415B303B1ECF80B5F130A1F7203D02 492544 ----a-w- C:\Windows\SysWOW64\win32spl.dll
2014-06-10 18:36:10 A81331D7EB6C5D1F7B1E4E4FC15F3EC0 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2014-06-10 18:36:04 ED27D1D75BF5E683AD3EDD9E3123520A 741376 ----a-w- C:\Windows\SysWOW64\inetcomm.dll
2014-06-10 18:36:03 9DC80A8AAAAAC397BDAB3C67165A824E 690688 ----a-w- C:\Windows\SysWOW64\msvcrt.dll
2014-06-10 18:35:59 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\SysWOW64\WebClnt.dll
2014-06-10 18:35:58 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\SysWOW64\davclnt.dll
2014-06-10 18:35:55 F436E847FA799ECD75AD8C313673F450 145920 ----a-w- C:\Windows\SysWOW64\cfgmgr32.dll
2014-06-10 18:35:55 B28BD86791468F427321458985F6A0E3 252928 ----a-w- C:\Windows\SysWOW64\drvinst.exe
2014-06-10 18:35:55 2EEFF4502F5E13B1BED4A04CCAD64C08 64512 ----a-w- C:\Windows\SysWOW64\devobj.dll
2014-06-10 18:35:55 162D247E995EAEBF3EF4289069E1111C 44544 ----a-w- C:\Windows\SysWOW64\devrtl.dll
2014-06-10 18:35:47 68DCA1777D7224A79A9DC3D47BED6D32 75776 ----a-w- C:\Windows\SysWOW64\psisrndr.ax
2014-06-10 18:35:47 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll
2014-06-10 18:35:47 00ADF21DE55AA97297FAC65E4F3A0256 465408 ----a-w- C:\Windows\SysWOW64\psisdecd.dll
2014-06-10 18:35:44 A6C29DB53ECA94FA8591C5388D604B82 2342400 ----a-w- C:\Windows\SysWOW64\msi.dll
2014-06-10 18:35:39 56E3313690866F99CD17AA1342F64AE1 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll
2014-06-10 18:35:38 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll
2014-06-10 18:35:35 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2014-06-10 18:35:33 EDF2A5E96BEC469DA3F64E9BDD386111 180224 ----a-w- C:\Windows\SysWOW64\xmllite.dll
2014-06-10 18:35:31 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-10 18:35:30 72910F1DEB838E6E08A9017BFB7D4F0B 41984 ----a-w- C:\Windows\SysWOW64\browcli.dll
2014-06-10 18:35:30 2FCA0D2C59A855C54BAFA22AA329DF0F 57344 ----a-w- C:\Windows\SysWOW64\netapi32.dll
2014-06-10 18:35:29 5D1BFF0FCE80F9E2E539F436710D4A79 31232 ----a-w- C:\Windows\SysWOW64\prevhost.exe
2014-06-10 18:33:47 8E01332CC4B68BC6B5B7EFFE374442AA 233472 ----a-w- C:\Windows\SysWOW64\oleacc.dll
2014-06-10 18:33:47 6C765E82B57F2E66CE9C54AC238471D9 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll
2014-06-10 18:18:36 7B90C5F0A510852036822EE860CABF26 67072 ----a-w- C:\Windows\SysWOW64\packager.dll
2014-06-10 18:16:19 86F34E7288DA428E38E2D8C7E806A871 826880 ----a-w- C:\Windows\SysWOW64\rdpcore.dll
2014-06-10 11:28:07 A7CB0121319C13CA9C81E7CC40811ADF 1230576 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll
2014-06-10 11:28:07 68E573DB88BF0C4532D2D8DDCFD86666 57960 ----a-w- C:\Windows\SysWOW64\OpenCL.dll
2014-06-10 11:28:07 57AB4A93125B93840C24ED42E2849D5D 380520 ----a-w- C:\Windows\SysWOW64\nvoptimusmft.dll
2014-06-10 11:28:06 7482574AB93DCC2E1422CD335ABBB91F 156256 ----a-w- C:\Windows\SysWOW64\nvinit.dll
2014-06-10 11:28:05 22F9B3B3E694DAE42CB4FFB35866EBE9 320104 ----a-w- C:\Windows\SysWOW64\nvdecodemft.dll
2014-06-10 11:28:01 1A80535A35510B370AED99EB732F8F26 2633376 ----a-w- C:\Windows\SysWOW64\nvapi.dll
2014-06-10 11:19:35 7F0A9C71155C2C99E87BE082F63D1174 53248 ----a-w- C:\Windows\SysWOW64\CSVer.dll
2014-06-10 11:00:55 2DAE8EF56FA66F1A76A628CF7B039596 963116 ----a-w- C:\Windows\SysWOW64\igkrng600.bin
2014-06-10 11:00:43 804A5C23388B05B3C1BE140F6BC611D8 581120 ----a-w- C:\Windows\SysWOW64\igdumdx32.dll
2014-06-10 11:00:43 155F4CBCEE52D4E46FA0DA233C2FFD22 218304 ----a-w- C:\Windows\SysWOW64\igfcg600m.bin
2014-06-10 11:00:39 B7DCB14E61204A63F2E26A4BB78A8D04 11049472 ----a-w- C:\Windows\SysWOW64\igdumd32.dll
2014-06-10 11:00:27 481F6E1CD63E09F0516B5E78B35D333E 145804 ----a-w- C:\Windows\SysWOW64\igcompkrng600.bin
2014-06-10 10:59:38 A28C32C5592D1810CF02D81E0DA751C1 66856 ----a-w- C:\Windows\SysWOW64\SynTPEnhPS.dll
2014-06-10 10:59:37 C50022BB7B470BB2C365664B251D454E 107816 ----a-w- C:\Windows\SysWOW64\SynTPCOM.dll
2014-06-10 10:59:34 54330FF6572C057D17FEF0C31EB34A0C 222504 ----a-w- C:\Windows\SysWOW64\SynCtrl.dll
2014-06-10 10:59:33 21D020FADB93B3DE703B116BD8FFEC48 177448 ----a-w- C:\Windows\SysWOW64\SynCOM.dll
2014-06-10 10:56:50 289BD7053FE907BD5059AEF4694D334C 203352 ----a-w- C:\Windows\SysWOW64\jmcricon.dll
====== C:\Windows\SysWOW64\drivers =====


#7 ModernCannabist

ModernCannabist
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 11 June 2014 - 05:35 AM

====== C:\Windows\Sysnative =====
2014-06-11 01:19:30 C291AEFD47A587FF5F509E2F96613F7D 517960 ----a-w- C:\Windows\Sysnative\XAudio2_5.dll
2014-06-11 01:19:29 F13B90F5090EBA9041558BC6AAED79B8 5554512 ----a-w- C:\Windows\Sysnative\d3dcsx_42.dll
2014-06-11 01:19:29 E92D2E4AFA43CD39A8C1C2C2DB59667E 2582888 ----a-w- C:\Windows\Sysnative\D3DCompiler_42.dll
2014-06-11 01:19:29 51D65BE2F794B944CADAF287B34EF603 176968 ----a-w- C:\Windows\Sysnative\xactengine3_5.dll
2014-06-11 01:19:28 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\Windows\Sysnative\d3dx10_42.dll
2014-06-11 01:19:28 522749761B6CC69F8630F4B472DCA623 285024 ----a-w- C:\Windows\Sysnative\d3dx11_42.dll
2014-06-11 01:19:27 ECDDB13BC805B9F3EF3A855E6FD85C69 5425496 ----a-w- C:\Windows\Sysnative\D3DX9_41.dll
2014-06-11 01:19:27 E730967811E3702499446FFC8A432607 520544 ----a-w- C:\Windows\Sysnative\d3dx10_41.dll
2014-06-11 01:19:27 A59A5BADE4AF200C720D99EAE6E04E0E 2430312 ----a-w- C:\Windows\Sysnative\D3DCompiler_41.dll
2014-06-11 01:19:27 1AF7AE1FDE027A30B9097280819A0A86 2475352 ----a-w- C:\Windows\Sysnative\D3DX9_42.dll
2014-06-11 01:19:26 EEE871CC4F5563FF8B3C8385B32B0C5F 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_6.dll
2014-06-11 01:19:26 B94F08069EFE2F8151DEF350E526E063 521560 ----a-w- C:\Windows\Sysnative\XAudio2_4.dll
2014-06-11 01:19:26 37B348A79C4C9B8AB925B18FFD241E96 73544 ----a-w- C:\Windows\Sysnative\XAPOFX1_3.dll
2014-06-11 01:19:26 1BA01062450BD1F052C54C01C12248F6 174936 ----a-w- C:\Windows\Sysnative\xactengine3_4.dll
2014-06-11 01:19:25 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll
2014-06-11 01:19:25 84B41FD03CAFC5048346B3B2AB92D199 175440 ----a-w- C:\Windows\Sysnative\xactengine3_3.dll
2014-06-11 01:19:25 758139A39AECC1B512576275A27C1177 518480 ----a-w- C:\Windows\Sysnative\XAudio2_3.dll
2014-06-11 01:19:25 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll
2014-06-11 01:19:25 2F8F9B707FED2405A787380230CC6FA9 74576 ----a-w- C:\Windows\Sysnative\XAPOFX1_2.dll
2014-06-11 01:19:25 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll
2014-06-11 01:19:24 E335DF094836EE7030F1B9CE7429E884 513544 ----a-w- C:\Windows\Sysnative\XAudio2_2.dll
2014-06-11 01:19:24 CFF1C1F7B9F855DDEE431D7B5DCACDF8 25936 ----a-w- C:\Windows\Sysnative\X3DAudio1_5.dll
2014-06-11 01:19:24 0F2DB378FBE2D124E4D3631B329688AE 72200 ----a-w- C:\Windows\Sysnative\XAPOFX1_1.dll
2014-06-11 01:19:23 EAA692FDC990ED0407DF957316DA33C2 540688 ----a-w- C:\Windows\Sysnative\d3dx10_39.dll
2014-06-11 01:19:23 CC8399A9E51B2AF1C2C20A26D85EB60E 177672 ----a-w- C:\Windows\Sysnative\xactengine3_2.dll
2014-06-11 01:19:23 7741A0A6CED6C441B97D625B730D6075 1942552 ----a-w- C:\Windows\Sysnative\D3DCompiler_39.dll
2014-06-11 01:19:23 7505C133FC704B40CFDDFD38777BAAC3 4992520 ----a-w- C:\Windows\Sysnative\D3DX9_39.dll
2014-06-11 01:19:22 E9C0F926D7C9082A805F4FEF81DEEB30 511496 ----a-w- C:\Windows\Sysnative\XAudio2_1.dll
2014-06-11 01:19:22 0E92D8C0ECA74B6D0A55ABAD53226113 68104 ----a-w- C:\Windows\Sysnative\XAPOFX1_0.dll
2014-06-11 01:19:21 E5EC2AB7156A752F9614CDA4BE66EFE8 4991496 ----a-w- C:\Windows\Sysnative\D3DX9_38.dll
2014-06-11 01:19:21 DE6004D16DBACD781ED4596C4FEA7D14 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_4.dll
2014-06-11 01:19:21 A7E59BB6FAC119FABB83F18BD72AA1D7 1941528 ----a-w- C:\Windows\Sysnative\D3DCompiler_38.dll
2014-06-11 01:19:21 A2A098BF5A8C255A0090818AD8E87B0F 177672 ----a-w- C:\Windows\Sysnative\xactengine3_1.dll
2014-06-11 01:19:21 72CB653CECF4EA670E7F5A8D74358423 540688 ----a-w- C:\Windows\Sysnative\d3dx10_38.dll
2014-06-11 01:19:20 29AF48F6C894328A58DEFDC560A70CF3 489480 ----a-w- C:\Windows\Sysnative\XAudio2_0.dll
2014-06-11 01:19:19 C4C2ED69B18EE1C60026877FCC470FA7 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_3.dll
2014-06-11 01:19:19 A8C5688BBA00C1630550F26260AB5CAE 529424 ----a-w- C:\Windows\Sysnative\d3dx10_37.dll
2014-06-11 01:19:19 A8B5370B7B61D3777D840DA1C64A1C2D 177672 ----a-w- C:\Windows\Sysnative\xactengine3_0.dll
2014-06-11 01:19:19 8A10974DC6E1E42BDC635C2C2AFBD2CC 4910088 ----a-w- C:\Windows\Sysnative\D3DX9_37.dll
2014-06-11 01:19:19 31026CEA5AFA2798292179102C06FE40 1860120 ----a-w- C:\Windows\Sysnative\D3DCompiler_37.dll
2014-06-11 01:19:18 E8932AF24786765859558CB79E385AC2 411656 ----a-w- C:\Windows\Sysnative\xactengine2_10.dll
2014-06-11 01:19:17 BBB6C6833C30E323B41860D6DF61972D 5081608 ----a-w- C:\Windows\Sysnative\d3dx9_36.dll
2014-06-11 01:19:17 B21427EDF0449E92000FF497DAAF89C9 1985904 ----a-w- C:\Windows\Sysnative\D3DCompiler_35.dll
2014-06-11 01:19:17 A69C32C2BD01522A088D254342826866 411496 ----a-w- C:\Windows\Sysnative\xactengine2_9.dll
2014-06-11 01:19:17 84116AA94672D623B95217648AE5B5B9 508264 ----a-w- C:\Windows\Sysnative\d3dx10_35.dll
2014-06-11 01:19:17 7299DF5CF81135934740211D9A946737 2006552 ----a-w- C:\Windows\Sysnative\D3DCompiler_36.dll
2014-06-11 01:19:17 570FDAE7041775DE0C67747BB7081939 508264 ----a-w- C:\Windows\Sysnative\d3dx10_36.dll
2014-06-11 01:19:16 1B3AF16A27D390096925576202A64037 5073256 ----a-w- C:\Windows\Sysnative\d3dx9_35.dll
2014-06-11 01:19:15 FA485E76F94B7457767E372F47757733 409960 ----a-w- C:\Windows\Sysnative\xactengine2_8.dll
2014-06-11 01:19:15 BC78D5328541410510DDE06B9FA92024 21000 ----a-w- C:\Windows\Sysnative\X3DAudio1_2.dll
2014-06-11 01:19:15 AE5D5439525B4A4CBF206058D493685D 4496232 ----a-w- C:\Windows\Sysnative\d3dx9_34.dll
2014-06-11 01:19:15 9D9407F52B8E24E99358D9944B0D5FA3 1401200 ----a-w- C:\Windows\Sysnative\D3DCompiler_34.dll
2014-06-11 01:19:15 1ED4E7A82BD5C7DEED082F00E63BB7A0 506728 ----a-w- C:\Windows\Sysnative\d3dx10_34.dll
2014-06-11 01:19:14 BFB3091B167550EC6E6454813D3DB244 107368 ----a-w- C:\Windows\Sysnative\xinput1_3.dll
2014-06-11 01:19:14 8C970509E0AE10061E3ED6D51E34FEB9 403304 ----a-w- C:\Windows\Sysnative\xactengine2_7.dll
2014-06-11 01:19:14 839C3921005BB41D441E3752C74F2292 506728 ----a-w- C:\Windows\Sysnative\d3dx10_33.dll
2014-06-11 01:19:14 3EBF620536A13CA343E52ECA4F0DE7F8 1400176 ----a-w- C:\Windows\Sysnative\D3DCompiler_33.dll
2014-06-11 01:19:13 8251826F04BA0822D08AD9B92C65A3D5 469264 ----a-w- C:\Windows\Sysnative\d3dx10.dll
2014-06-11 01:19:13 4837A54574A6105D404A8560984B93DD 393576 ----a-w- C:\Windows\Sysnative\xactengine2_6.dll
2014-06-11 01:19:13 398FF46FF7354FED2F0F1AECDB546866 390424 ----a-w- C:\Windows\Sysnative\xactengine2_5.dll
2014-06-11 01:19:13 3172C3CAC8EA7CA1B5D5AF6699C037D6 4494184 ----a-w- C:\Windows\Sysnative\d3dx9_33.dll
2014-06-11 01:19:12 FAAA0BB9CD2905B25334132E5BA093EB 3977496 ----a-w- C:\Windows\Sysnative\d3dx9_31.dll
2014-06-11 01:19:12 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\Windows\Sysnative\d3dx9_32.dll
2014-06-11 01:19:12 58BB51253427A834A8807B9245CC5965 364824 ----a-w- C:\Windows\Sysnative\xactengine2_4.dll
2014-06-11 01:19:12 489E5B8BB1BD1028FF1C798EAAEC65E4 17688 ----a-w- C:\Windows\Sysnative\x3daudio1_1.dll
2014-06-11 01:19:12 06F15D3CB1AE0EAFA50F595B3FF8D9F5 83736 ----a-w- C:\Windows\Sysnative\xinput1_2.dll
2014-06-11 01:19:12 0396D2A98B0CCD4419B572EBF618E81E 363288 ----a-w- C:\Windows\Sysnative\xactengine2_3.dll
2014-06-11 01:19:11 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\Windows\Sysnative\xactengine2_2.dll
2014-06-11 01:19:11 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\Windows\Sysnative\xinput1_1.dll
2014-06-11 01:19:10 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\Windows\Sysnative\xactengine2_1.dll
2014-06-11 01:19:08 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\Windows\Sysnative\x3daudio1_0.dll
2014-06-11 01:19:08 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\Windows\Sysnative\d3dx9_30.dll
2014-06-11 01:19:08 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\Windows\Sysnative\xactengine2_0.dll
2014-06-11 01:19:07 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\Windows\Sysnative\d3dx9_27.dll
2014-06-11 01:19:07 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\Windows\Sysnative\d3dx9_28.dll
2014-06-11 01:19:07 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\Windows\Sysnative\d3dx9_29.dll
2014-06-11 01:19:07 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\Windows\Sysnative\d3dx9_26.dll
2014-06-11 01:19:06 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\Windows\Sysnative\d3dx9_24.dll
2014-06-11 01:19:06 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\Windows\Sysnative\d3dx9_25.dll
2014-06-10 20:50:25 A5F57CC499EEC2D4EF8BECDFEDE78875 95414520 ----a-w- C:\Windows\Sysnative\MRT.exe
2014-06-10 20:48:47 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2014-06-10 20:48:45 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll
2014-06-10 20:07:06 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE
2014-06-10 20:02:34 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-06-10 20:02:31 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll
2014-06-10 20:02:29 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll
2014-06-10 20:02:28 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf
2014-06-10 20:02:28 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-06-10 20:02:28 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2014-06-10 20:02:28 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-06-10 20:02:28 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2014-06-10 20:02:28 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx
2014-06-10 20:02:28 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-06-10 20:02:28 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-06-10 20:02:28 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll
2014-06-10 20:02:28 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat
2014-06-10 20:02:28 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-06-10 20:02:28 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-06-10 20:02:28 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-06-10 20:02:28 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-06-10 20:02:28 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-06-10 20:02:28 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-06-10 20:02:28 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-06-10 20:02:28 7586408795C98AFEF194EED287374478 266456 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-06-10 20:02:28 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-06-10 20:02:28 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe
2014-06-10 20:02:28 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2014-06-10 20:02:28 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-06-10 20:02:28 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-06-10 20:02:28 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec
2014-06-10 20:02:28 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-06-10 20:02:28 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll
2014-06-10 20:02:28 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-06-10 20:02:28 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll
2014-06-10 20:02:28 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-06-10 20:02:28 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2014-06-10 20:02:28 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll
2014-06-10 20:02:28 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-06-10 20:02:28 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2014-06-10 20:02:27 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll
2014-06-10 20:02:27 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll
2014-06-10 20:02:27 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2014-06-10 20:02:27 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-06-10 20:02:27 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-06-10 20:02:27 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-06-10 20:02:27 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-06-10 20:02:27 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll
2014-06-10 20:02:27 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll
2014-06-10 20:02:27 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2014-06-10 20:02:27 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe
2014-06-10 20:02:27 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-06-10 20:02:27 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-06-10 20:02:27 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll
2014-06-10 20:02:27 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-06-10 20:02:27 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe
2014-06-10 20:02:27 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-06-10 20:02:27 31DB3C9B2ECEA601F2060AA928A9CB24 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-06-10 20:02:27 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-06-10 20:02:27 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll
2014-06-10 20:02:27 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe
2014-06-10 19:46:07 DDED7C5558B3AE09F568945281A9A6D1 44544 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll
2014-06-10 19:46:06 FEC6178962DFF33074D39CA907971405 12800 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-10 19:46:06 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe
2014-06-10 19:46:06 7BD2E6E2458A5B95F8341244C7FC7DD4 18944 ----a-w- C:\Windows\Sysnative\wksprtPS.dll
2014-06-10 19:46:06 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\Sysnative\wksprt.exe
2014-06-10 19:46:06 5289A00E2D21BB3A7D6761646543ED5C 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll
2014-06-10 19:46:06 149A388C17F04AD1F99B477A43BE1A9F 56832 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll
2014-06-10 19:46:06 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe
2014-06-10 19:46:06 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe
2014-06-10 19:46:05 DB40DA256AD836C0D84716796247662E 6578176 ----a-w- C:\Windows\Sysnative\mstscax.dll
2014-06-10 19:46:05 A4420969E5AB94856E5C0C02E6099D3F 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll
2014-06-10 19:20:34 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2014-06-10 19:20:33 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll
2014-06-10 19:20:33 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll
2014-06-10 19:20:33 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2014-06-10 18:58:15 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\Sysnative\WUDFCoinstaller.dll
2014-06-10 18:58:15 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\Sysnative\WUDFSvc.dll
2014-06-10 18:58:15 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\Sysnative\WUDFPlatform.dll
2014-06-10 18:58:15 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\Sysnative\WUDFHost.exe
2014-06-10 18:58:14 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\Sysnative\WUDFx.dll
2014-06-10 18:51:41 E8EEA503870CB6A6DC4E09A2433DF33E 2776576 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll
2014-06-10 18:51:41 04CB7C8FDC6D9640DD82A527208F72C4 221184 ----a-w- C:\Windows\Sysnative\UIAnimation.dll
2014-06-10 18:51:40 893E8C1E4A1263EDDB1A6922D0E32201 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll
2014-06-10 18:51:39 FB4045578F5180BDB1963AB352B78548 5632 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-10 18:51:39 FA428BDBCFAB9DC3D58F0BD2CCD50EA2 1682432 ----a-w- C:\Windows\Sysnative\XpsPrint.dll
2014-06-10 18:51:39 F5CEF064C7E6D95DA86B9D064A56A969 3584 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-10 18:51:39 F49E92B50CED5C9F1725D3C0329FD933 10752 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-10 18:51:39 C498EF41B93986BCBD483597573EB96D 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll
2014-06-10 18:51:39 B2CA1AC17E78D986B22FD6C2261CD84F 1238528 ----a-w- C:\Windows\Sysnative\d3d10.dll
2014-06-10 18:51:39 AFC3DB5C6EB8CA8017DDB81D6C0AD02A 9728 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-10 18:51:39 AFB73882AE41E1629A63E6713FE30FB9 296960 ----a-w- C:\Windows\Sysnative\d3d10core.dll
2014-06-10 18:51:39 9AE80F6A66B30E3ED8CDF858CF28B11B 194560 ----a-w- C:\Windows\Sysnative\d3d10_1.dll
2014-06-10 18:51:39 9108540E866F75C7AF2B91DD921A8091 3072 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-10 18:51:39 9094039A00485F71C4DE64BF51F64C46 3072 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-10 18:51:39 8DFB5752FCE145A6B295093C0A8BE131 363008 ----a-w- C:\Windows\Sysnative\dxgi.dll
2014-06-10 18:51:39 72723D3E4781BADC62C3180C137E7B23 4096 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-10 18:51:39 6F623BD09CBB4C3F97374F12976E5EA5 522752 ----a-w- C:\Windows\Sysnative\XpsGdiConverter.dll
2014-06-10 18:51:39 64A4AB126E24FD3F58EBE64852773DB5 2560 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-10 18:51:39 63F72417CA38D8FC8F53709649B589E3 333312 ----a-w- C:\Windows\Sysnative\d3d10_1core.dll
2014-06-10 18:51:39 3834316FE8A653227282196525E07DFE 648192 ----a-w- C:\Windows\Sysnative\d3d10level9.dll
2014-06-10 18:51:39 0E6FBF19D9DFBB77316C23DF91F8A101 5632 ---ha-w- C:\Windows\Sysnative\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-10 18:51:38 F1C19F0AA151B90A7416FA1D50DDB582 245248 ----a-w- C:\Windows\Sysnative\WindowsCodecsExt.dll
2014-06-10 18:51:38 C4C183E6551084039EC862DA1C945E3D 1175552 ----a-w- C:\Windows\Sysnative\FntCache.dll
2014-06-10 18:51:38 BDDF242A49E7B7DC5CCEC291BCE53ACB 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2014-06-10 18:51:38 7E8A672B7B06A6EB11960C22E0360C59 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll
2014-06-10 18:51:38 63BB89DED1E9104E68D33E54DE4D340D 1643520 ----a-w- C:\Windows\Sysnative\DWrite.dll
2014-06-10 18:48:08 C00DB14550E4BD49737F311C644E45FF 5120 ----a-w- C:\Windows\Sysnative\wmi.dll
2014-06-10 18:40:03 B19C8390A1D641B9AC4490D4828A7B5E 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-06-10 18:40:03 9358149234A4F3FE00CF5C2096DC1652 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2014-06-10 18:40:03 6B47CF5C27865DDF6680E4D834FBE34F 5550016 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2014-06-10 18:40:03 481F70241D4EA038BB02590A30F15A23 340992 ----a-w- C:\Windows\Sysnative\schannel.dll
2014-06-10 18:40:02 E2A483E796D5FC7E447725FD01D98FA0 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2014-06-10 18:40:02 89EF1CE0CE43AB8F55247D746739A321 722944 ----a-w- C:\Windows\Sysnative\objsel.dll
2014-06-10 18:40:02 851BB346CD59D9B3BC8854384C7DD5C3 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2014-06-10 18:40:02 747B9BA5412422F27934CB21131F0A3E 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2014-06-10 18:40:01 F0970A4BC8395659C22BF53D0FADF16F 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2014-06-10 18:40:01 CF13522172342AD8196B329C15D68E23 44544 ----a-w- C:\Windows\Sysnative\dimsroam.dll
2014-06-10 18:40:01 C072064F95579C0D6D86AF5B3DC53192 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2014-06-10 18:40:01 BDA8B14AFE99A0C52BFEA64C5AC62171 52736 ----a-w- C:\Windows\Sysnative\dpapiprovider.dll
2014-06-10 18:40:01 B6D8C1202DACA028AD94BDA2795CBBE9 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2014-06-10 18:40:01 9D942180B5B6CE1C882B9CC54EA1F275 57344 ----a-w- C:\Windows\Sysnative\cngprovider.dll
2014-06-10 18:40:01 9A3C6D8593F29A9F66744A3D4E6309B2 39936 ----a-w- C:\Windows\Sysnative\wincredprovider.dll
2014-06-10 18:40:01 82A72E99AA1CF0B04D3B9843CBA3AEC1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2014-06-10 18:40:01 8098627D0AA1706D69C5AF3F74332ABB 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2014-06-10 18:40:01 70A1D465390C393AA118D9764E065B06 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2014-06-10 18:40:01 692E9886B2A475684F7E3294BF66E97D 56832 ----a-w- C:\Windows\Sysnative\adprovider.dll
2014-06-10 18:40:01 4959DE74643CBC4B83E5BC99486A4FC9 53760 ----a-w- C:\Windows\Sysnative\capiprovider.dll
2014-06-10 18:40:01 39312B37C5FE5138F99680A49ACD3AEA 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2014-06-10 18:40:01 26AF184300C0868D854D5A3092234E24 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2014-06-10 18:40:01 216BABD555BC550952320EEA89C25DDF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2014-06-10 18:40:01 204F3F58212B3E422C90BD9691A2DF28 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2014-06-10 18:39:57 EBB73E4E8CA01089CF74ECE506EB7607 43520 ----a-w- C:\Windows\Sysnative\csrr.rs
2014-06-10 18:39:57 C4B0793E4B97AA36A2A8C81A7AA1979A 44544 ----a-w- C:\Windows\Sysnative\pegibbfc.rs
2014-06-10 18:39:57 A2E0F1E01A0983E9C94565BBEC862BF7 40960 ----a-w- C:\Windows\Sysnative\cob-au.rs
2014-06-10 18:39:57 997938D423CE830161CB6059434E3C9F 45568 ----a-w- C:\Windows\Sysnative\oflc-nz.rs
2014-06-10 18:39:57 661AE5EAC62C4598DD01795CEB915BAE 20480 ----a-w- C:\Windows\Sysnative\pegi.rs
2014-06-10 18:39:57 65A8302C7551CFE45FAA2BC085C9E7E2 15360 ----a-w- C:\Windows\Sysnative\djctq.rs
2014-06-10 18:39:57 5C48A43FC30FC61ECB1335DC646686BC 30720 ----a-w- C:\Windows\Sysnative\usk.rs
2014-06-10 18:39:57 54B11BB2AFBC3D5EBA9C96F0C1820B9B 46592 ----a-w- C:\Windows\Sysnative\fpb.rs
2014-06-10 18:39:57 4489D5D2CB4BA0799F3FB4625DE181CF 21504 ----a-w- C:\Windows\Sysnative\grb.rs
2014-06-10 18:39:56 D0C01412FBF59C1C25630C49F0C1B803 55296 ----a-w- C:\Windows\Sysnative\cero.rs
2014-06-10 18:39:56 9BB05674E013C35F4DAED51F5015355D 20480 ----a-w- C:\Windows\Sysnative\pegi-fi.rs
2014-06-10 18:39:56 6D540AF9B183FC97DC4CC54369561548 20480 ----a-w- C:\Windows\Sysnative\pegi-pt.rs
2014-06-10 18:39:56 51D25C805A01A2C4F930F9720CF51FFE 51712 ----a-w- C:\Windows\Sysnative\esrb.rs
2014-06-10 18:39:56 4773EB5962548068547214A620E9ACC3 23552 ----a-w- C:\Windows\Sysnative\oflc.rs
2014-06-10 18:39:56 2BCBA6052374959A30BD7948444DBB79 2746368 ----a-w- C:\Windows\Sysnative\gameux.dll
2014-06-10 18:39:56 027675ED9B34EE1B91505C3B8752649F 441856 ----a-w- C:\Windows\Sysnative\Wpc.dll
2014-06-10 18:39:33 E948D1D42DC68923ABD75EEB5BCCD1D3 111448 ----a-w- C:\Windows\Sysnative\consent.exe
2014-06-10 18:39:33 9D2A2369AB4B08A4905FE72DB104498F 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll
2014-06-10 18:39:24 9E2EDE952A3EC44754A829F048CE93A0 1030144 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll
2014-06-10 18:39:20 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll
2014-06-10 18:38:44 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL
2014-06-10 18:38:41 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe
2014-06-10 18:38:41 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe
2014-06-10 18:38:39 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll
2014-06-10 18:38:39 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll
2014-06-10 18:38:39 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll
2014-06-10 18:38:39 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe
2014-06-10 18:38:39 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe
2014-06-10 18:38:38 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll
2014-06-10 18:38:38 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll
2014-06-10 18:38:31 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll
2014-06-10 18:38:23 CAAAC014C5C56A69F710B5F1B836DE22 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll
2014-06-10 18:38:23 A3FCC4F97551087D65F8FEE879FEF736 859648 ----a-w- C:\Windows\Sysnative\tdh.dll
2014-06-10 18:38:23 63A580C88CFAF72A92550940054569EF 878080 ----a-w- C:\Windows\Sysnative\advapi32.dll
2014-06-10 18:38:05 4C92EB7535CAA1681A77D928FBF9771F 1887232 ----a-w- C:\Windows\Sysnative\d3d11.dll
2014-06-10 18:38:03 23B001185B7C3CB1F4BDEB143E6B45B7 197120 ----a-w- C:\Windows\Sysnative\shdocvw.dll
2014-06-10 18:37:56 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2014-06-10 18:37:56 780F6ECC4F55D76C9730E6B6C9B31913 1474048 ----a-w- C:\Windows\Sysnative\crypt32.dll
2014-06-10 18:37:56 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2014-06-10 18:37:54 9A9F9F1A77D6A80EE28B57664F00013E 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll
2014-06-10 18:37:52 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll
2014-06-10 18:37:52 BF95EA5809E3BBF55370F7CB309FEBD0 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2014-06-10 18:37:52 88EDD0B34EED542745931E581AD21A32 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2014-06-10 18:37:52 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2014-06-10 18:37:52 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2014-06-10 18:37:52 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2014-06-10 18:37:52 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2014-06-10 18:37:49 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\Sysnative\Wdfres.dll
2014-06-10 18:37:49 427015D56DF17241F634611557146C57 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll
2014-06-10 18:37:44 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 ----a-w- C:\Windows\Sysnative\atmfd.dll
2014-06-10 18:37:44 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2014-06-10 18:37:44 A5ED9421B8D09ED4F57CDA386307713E 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
2014-06-10 18:37:44 796B47A4B82EF1C39F13435B88834C48 41472 ----a-w- C:\Windows\Sysnative\lpk.dll
2014-06-10 18:37:44 142671F462619CB64BA74F5B70136CB4 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2014-06-10 18:37:42 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll
2014-06-10 18:37:41 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll
2014-06-10 18:37:41 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll
2014-06-10 18:37:41 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll
2014-06-10 18:37:33 9028D1621C43DF8DFBD1C76860412A11 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll
2014-06-10 18:37:32 D07EB640618F96490DB88C3CE58DB608 324096 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL
2014-06-10 18:37:32 660C06F663F27760F565FD567B57625C 830464 ----a-w- C:\Windows\Sysnative\nshwfp.dll
2014-06-10 18:37:32 5A83C43DE44546370CAC4CD05B304F09 961024 ----a-w- C:\Windows\Sysnative\CPFilters.dll
2014-06-10 18:37:32 344789398EC3EE5A4E00C52B31847946 859648 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL
2014-06-10 18:37:31 A5AE40808B72A25379A5499AD9977743 1118720 ----a-w- C:\Windows\Sysnative\sbe.dll
2014-06-10 18:37:31 1E452D8F44D82BFC256E02D0D6FD9608 259072 ----a-w- C:\Windows\Sysnative\mpg2splt.ax
2014-06-10 18:37:23 4586B77B18FA9A8518AF76CA8FD247D9 1192448 ----a-w- C:\Windows\Sysnative\certutil.exe
2014-06-10 18:37:22 189B0BAE1B0EDD51CEF1CD3F4CDEE02E 52224 ----a-w- C:\Windows\Sysnative\certenc.dll
2014-06-10 18:37:20 3CC16A849E6092E43909F48EF0E60306 226816 ----a-w- C:\Windows\Sysnative\dhcpcore6.dll
2014-06-10 18:37:20 3C06D5A929B798D0B13F6481242A0FD2 55296 ----a-w- C:\Windows\Sysnative\dhcpcsvc6.dll
2014-06-10 18:37:16 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll
2014-06-10 18:37:09 D4FAC263861BAE06971C7F7D0A8EBF15 216576 ----a-w- C:\Windows\Sysnative\ncsi.dll
2014-06-10 18:37:08 DC4382E93770B3BF0774DB7FE46C8239 18944 ----a-w- C:\Windows\Sysnative\netevent.dll
2014-06-10 18:37:08 8AD77806D336673F270DB31645267293 303104 ----a-w- C:\Windows\Sysnative\nlasvc.dll
2014-06-10 18:37:08 59B3BE37BAFBD40715F45D580783738B 246272 ----a-w- C:\Windows\Sysnative\netcorehc.dll
2014-06-10 18:37:08 46BB91A169B9B31FF44EB04C48EC1D41 70656 ----a-w- C:\Windows\Sysnative\nlaapi.dll
2014-06-10 18:37:08 08C2957BB30058E663720C5606885653 569344 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll
2014-06-10 18:37:06 E0B340996A41C9A75DFA3B99BBA9C500 591872 ----a-w- C:\Windows\Sysnative\SearchIndexer.exe
2014-06-10 18:37:06 D9E21CBF9E6A87847AFFD39EA3FA28EE 249856 ----a-w- C:\Windows\Sysnative\SearchProtocolHost.exe
2014-06-10 18:37:06 7568CC720ACE4D03B84AF97817E745EF 2223616 ----a-w- C:\Windows\Sysnative\mssrch.dll
2014-06-10 18:37:06 589DF683A6C81424A6CECE52ABF98A50 2315776 ----a-w- C:\Windows\Sysnative\tquery.dll
2014-06-10 18:37:05 E503E15C88B4BBDA3F6345E34FED3E92 778752 ----a-w- C:\Windows\Sysnative\mssvp.dll
2014-06-10 18:37:05 4C219239ED8CC35CA41AD26B33A15624 288256 ----a-w- C:\Windows\Sysnative\mssphtb.dll
2014-06-10 18:37:05 49A3AD5CE578CD77F445F3D244AEAB2D 113664 ----a-w- C:\Windows\Sysnative\SearchFilterHost.exe
2014-06-10 18:37:05 48041BAEB60CE5F34F13CC2A1361E49C 491520 ----a-w- C:\Windows\Sysnative\mssph.dll
2014-06-10 18:37:05 093747DAE1C1A7F6DEA8D16E26D4F648 75264 ----a-w- C:\Windows\Sysnative\msscntrs.dll
2014-06-10 18:37:03 1FEB1694B13247A451B274E114AFAC45 1133568 ----a-w- C:\Windows\Sysnative\cdosys.dll
2014-06-10 18:37:00 603EBD34E216C5654A2D774EAC98D278 395776 ----a-w- C:\Windows\Sysnative\webio.dll
2014-06-10 18:36:59 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
2014-06-10 18:36:58 CDD0C92A653CAC881D780003E0C4E813 17792 ----a-w- C:\Windows\Sysnative\kdcom.dll
2014-06-10 18:36:58 8AE1C98D96EF1E63FB00A1BB3D14C959 642944 ----a-w- C:\Windows\Sysnative\winload.efi
2014-06-10 18:36:58 78C918D3612FE5937D32E488F053F10A 605552 ----a-w- C:\Windows\Sysnative\winload.exe
2014-06-10 18:36:58 722258D597A0CC4EEFF3AF338681E5B6 19328 ----a-w- C:\Windows\Sysnative\kd1394.dll
2014-06-10 18:36:58 5EF94FF9210ED73B9488C460D1FE173C 566208 ----a-w- C:\Windows\Sysnative\winresume.efi
2014-06-10 18:36:58 5A76F4B8D9D5D9D4C1153DFF4972C196 518672 ----a-w- C:\Windows\Sysnative\winresume.exe
2014-06-10 18:36:58 539AA23C29FAC72FB29D58F33E6931B1 20352 ----a-w- C:\Windows\Sysnative\kdusb.dll
2014-06-10 18:36:57 81A85BA8B536B70E035A9976F9D42873 267776 ----a-w- C:\Windows\Sysnative\FXSCOVER.exe
2014-06-10 18:36:53 8563BA40DF4F1E93A61B70E2C8B60CF8 190464 ----a-w- C:\Windows\Sysnative\SmartcardCredentialProvider.dll
2014-06-10 18:36:53 4403D5ECE7D8323CAF1207D1AA38FA01 197120 ----a-w- C:\Windows\Sysnative\credui.dll
2014-06-10 18:36:53 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\Windows\Sysnative\authui.dll
2014-06-10 18:36:52 44A8B9185030EA57F7999383643ADFFB 1572864 ----a-w- C:\Windows\Sysnative\quartz.dll
2014-06-10 18:36:49 E918C0DE5CF2AE6BEDBF387C09627D93 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-06-10 18:36:46 C06FAAF13E37CE482F612AFF2D2331F3 30720 ----a-w- C:\Windows\Sysnative\cryptdlg.dll
2014-06-10 18:36:43 C7AC9A4D827774B19221D5FE068BF190 30208 ----a-w- C:\Windows\Sysnative\dnscacheugc.exe
2014-06-10 18:36:43 492D07D79E7024CA310867B526D9636D 357888 ----a-w- C:\Windows\Sysnative\dnsapi.dll
2014-06-10 18:36:43 16835866AAA693C7D7FCEBA8FFF706E4 183296 ----a-w- C:\Windows\Sysnative\dnsrslvr.dll
2014-06-10 18:36:41 037A719DAD50603202C978CD802623E4 509952 ----a-w- C:\Windows\Sysnative\ntshrui.dll
2014-06-10 18:36:38 A236B1646E96AB06BE0F8D592B6D9A0D 245760 ----a-w- C:\Windows\Sysnative\OxpsConverter.exe
2014-06-10 18:36:37 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe
2014-06-10 18:36:36 30B1489F2DCD8DC1AB6BB60CA6093615 48640 ----a-w- C:\Windows\Sysnative\wwanprotdim.dll
2014-06-10 18:36:36 04F82965C09CBDF646B487E145060301 228864 ----a-w- C:\Windows\Sysnative\wwansvc.dll
2014-06-10 18:36:35 7E1CF52C347D8755E5CA5ED0E99B401E 1395712 ----a-w- C:\Windows\Sysnative\mfc42.dll
2014-06-10 18:36:35 19F9B524A525D202194247E96656CB88 1359872 ----a-w- C:\Windows\Sysnative\mfc42u.dll
2014-06-10 18:36:31 53E83F1F6CF9D62F32801CF66D8352A8 209920 ----a-w- C:\Windows\Sysnative\profsvc.dll
2014-06-10 18:36:22 1392A9F9E56A876C616D8A33FE272C78 723456 ----a-w- C:\Windows\Sysnative\EncDec.dll
2014-06-10 18:36:21 F4F36FEABB4F86ACA6FFD8819D7642C5 106496 ----a-w- C:\Windows\Sysnative\odbccr32.dll
2014-06-10 18:36:21 D10E13E494C5B4437549BE6A4987125E 163840 ----a-w- C:\Windows\Sysnative\odbccp32.dll
2014-06-10 18:36:21 97DC40842B54AD4E961DECC9345F16FC 106496 ----a-w- C:\Windows\Sysnative\odbccu32.dll
2014-06-10 18:36:21 935AE3DFF21465D600185305479A03F7 212992 ----a-w- C:\Windows\Sysnative\odbctrac.dll
2014-06-10 18:36:19 2C619F6023E3F7A3ABF3475ED2223359 624128 ----a-w- C:\Windows\Sysnative\qedit.dll
2014-06-10 18:36:19 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll
2014-06-10 18:36:18 8699D17DFCFCD327784034DB6BD3A422 95744 ----a-w- C:\Windows\Sysnative\synceng.dll
2014-06-10 18:36:17 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls
2014-06-10 18:36:15 FB10715E4099AF9FA389C71873245226 515584 ----a-w- C:\Windows\Sysnative\timedate.cpl
2014-06-10 18:36:13 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe
2014-06-10 18:36:13 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll
2014-06-10 18:36:13 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx
2014-06-10 18:36:13 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe
2014-06-10 18:36:12 67CF11E00D026A5C0C88EA5F84D501E5 751104 ----a-w- C:\Windows\Sysnative\win32spl.dll
2014-06-10 18:36:12 1075AB2C077B415760C0E948856B5126 484864 ----a-w- C:\Windows\Sysnative\wer.dll
2014-06-10 18:36:11 D5164131D596A070FF9C82BC4A488F1F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2014-06-10 18:36:04 142E90CF1A4C5B6E7505810E38B07B9F 976896 ----a-w- C:\Windows\Sysnative\inetcomm.dll
2014-06-10 18:36:03 C391FC68282A000CDF953F8B6B55D2EF 634880 ----a-w- C:\Windows\Sysnative\msvcrt.dll
2014-06-10 18:35:59 B32AB94A432289AC2DF77A3DCAD32EED 102400 ----a-w- C:\Windows\Sysnative\davclnt.dll
2014-06-10 18:35:59 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 ----a-w- C:\Windows\Sysnative\WebClnt.dll
2014-06-10 18:35:55 25FBDEF06C4D92815B353F6E792C8129 404480 ----a-w- C:\Windows\Sysnative\umpnpmgr.dll
2014-06-10 18:35:53 639774C9ACD063F028F6084ABF5593AD 68608 ----a-w- C:\Windows\Sysnative\taskhost.exe
2014-06-10 18:35:47 78394F2B354BDC28C5C61837872DD132 108032 ----a-w- C:\Windows\Sysnative\psisrndr.ax
2014-06-10 18:35:47 374CE9DAB2F0CB173B8FCF3AB8DB5D1B 478208 ----a-w- C:\Windows\Sysnative\dpnet.dll
2014-06-10 18:35:47 050AF06F8B0463417E4AED9DA5816A65 613888 ----a-w- C:\Windows\Sysnative\psisdecd.dll
2014-06-10 18:35:44 5EB6E9C8BE1ACC5830780E0F9A846255 3216384 ----a-w- C:\Windows\Sysnative\msi.dll
2014-06-10 18:35:43 943F527DF79E6B400104341AA7023C75 144384 ----a-w- C:\Windows\Sysnative\cdd.dll
2014-06-10 18:35:42 9E5D9177660A76FC8DECDC37A91A5B0D 9216 ----a-w- C:\Windows\Sysnative\rdrmemptylst.exe
2014-06-10 18:35:42 6D5DCC1579B3961D791ABDE286A1CB5E 77312 ----a-w- C:\Windows\Sysnative\rdpwsx.dll
2014-06-10 18:35:42 5B236296E233CAA6BF86BE0C6501A224 149504 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll
2014-06-10 18:35:39 56325BB1FF19F2A5AC8713756AC41140 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll
2014-06-10 18:35:38 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll
2014-06-10 18:35:35 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2014-06-10 18:35:33 6F8B48F3D343E4B186AB6A9E302B7E16 199680 ----a-w- C:\Windows\Sysnative\xmllite.dll
2014-06-10 18:35:31 764DF431D13537A575752009E7740F18 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2014-06-10 18:35:31 45CFBFA8EDC3DF4E2B7FB0D0260FE051 956928 ----a-w- C:\Windows\Sysnative\localspl.dll
2014-06-10 18:35:30 EEEA40F0EDB0A6E5359E539E15D0BC77 73216 ----a-w- C:\Windows\Sysnative\netapi32.dll
2014-06-10 18:35:30 05F5A0D14A2EE1D8255C2AA0E9E8E694 136704 ----a-w- C:\Windows\Sysnative\browser.dll
2014-06-10 18:35:30 012787CEB35505EB78DF82E0A0072888 59392 ----a-w- C:\Windows\Sysnative\browcli.dll
2014-06-10 18:35:29 5FAC5F264D61D99EE8961480818B9DEF 31232 ----a-w- C:\Windows\Sysnative\prevhost.exe
2014-06-10 18:33:47 CF636C92B762B26F0B39B38E92380A09 331776 ----a-w- C:\Windows\Sysnative\oleacc.dll
2014-06-10 18:33:47 C06B32165E23A72A898B7A89679AD754 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll
2014-06-10 18:19:44 56661BB55AE4633677F846FFCD080ECA 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll
2014-06-10 18:18:36 BACE7F36D65968FD07757B239B01F4E2 77312 ----a-w- C:\Windows\Sysnative\packager.dll
2014-06-10 18:16:19 4474A8AEABD056DF636FD4FBEF49353B 1031680 ----a-w- C:\Windows\Sysnative\rdpcore.dll
2014-06-10 18:12:28 D9EF901DCA379CFE914E9FA13B73B4C4 2428952 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2014-06-10 18:12:28 C1C03EA437EDDA8A7D4D8786E5AE6751 57880 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2014-06-10 18:12:28 7FE0D0C8F53735EA17C9AE93EFE7AD5A 44056 ----a-w- C:\Windows\Sysnative\wups2.dll
2014-06-10 18:12:28 50EBD31C3527366FAFA468BD609F7352 2622464 ----a-w- C:\Windows\Sysnative\wucltux.dll
2014-06-10 18:12:21 E746ED90132C6B6313CE9179F56BD31D 38424 ----a-w- C:\Windows\Sysnative\wups.dll
2014-06-10 18:12:21 C47F35CC6FA4F1BDBEF8F87AC1A46537 701976 ----a-w- C:\Windows\Sysnative\wuapi.dll
2014-06-10 18:12:21 4AA6AA52A16EED6481E83D73EED4C8D5 99840 ----a-w- C:\Windows\Sysnative\wudriver.dll
2014-06-10 18:12:08 FF0729002E081668620A681182D63FE6 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe
2014-06-10 18:12:08 3E38C20AC83B01C45723B63B0F7A8FDC 186752 ----a-w- C:\Windows\Sysnative\wuwebv.dll
2014-06-10 12:39:36 82446D358A9FB51CB9DA32A5C901D7A0 21040 ----a-w- C:\Windows\Sysnative\sdnclean64.exe
2014-06-10 11:35:12 D0CD5E29BB92C70430C92018EDC8A829 19872 ----a-w- C:\Windows\Sysnative\LenovoSDKEmSubSystem.dll
2014-06-10 11:28:07 FCFB972F7EB49C5AC88247505F72AEAF 446056 ----a-w- C:\Windows\Sysnative\nvoptimusmft.dll
2014-06-10 11:28:07 E240BA779370C6612A2B2F461B7F437A 1421584 ----a-w- C:\Windows\Sysnative\nvumdshimx.dll
2014-06-10 11:28:07 9998CB986C2E8B36328671BA4D98166E 67176 ----a-w- C:\Windows\Sysnative\OpenCL.dll
2014-06-10 11:28:06 70EA95C774C273A328BAA5495F2F9F9B 22814 ----a-w- C:\Windows\Sysnative\nvinfo.pb
2014-06-10 11:28:06 53A9F62DD6A63361E83620B8F16785B7 184048 ----a-w- C:\Windows\Sysnative\nvinitx.dll
2014-06-10 11:28:06 4E72517C5C25EB33923E9574BD5AB23A 1368680 ----a-w- C:\Windows\Sysnative\nvgenco642050.dll
2014-06-10 11:28:06 31EF585C80BA5B76F4E7C189AE963105 1625704 ----a-w- C:\Windows\Sysnative\nvdispco6420140.dll
2014-06-10 11:28:05 5C651A4CEDF1664BE9E2C11E60A92C9C 391784 ----a-w- C:\Windows\Sysnative\nvdecodemft.dll
2014-06-10 11:28:01 5D24D32A6ECC92D77784DA5B2E701030 2990792 ----a-w- C:\Windows\Sysnative\nvapi64.dll
2014-06-10 11:27:15 60D7BDCD5CE849970D0C230B1C8610D0 18604 ----a-w- C:\Windows\Sysnative\results.xml
2014-06-10 11:01:15 77C7555B9DFE9D11813CB11E093111FC 14848 ----a-w- C:\Windows\Sysnative\IntcDAuC.dll
2014-06-10 11:00:57 F98B0056D35F5DBEC99B1B25185323DC 90112 ----a-w- C:\Windows\Sysnative\igfxCoIn_v2462.dll
2014-06-10 11:00:56 828C46F74BB7248FF401471D072BB751 1074 ----a-w- C:\Windows\Sysnative\iglhxa64.vp
2014-06-10 11:00:55 40DFD4CFB98AB5E4666B0F607CB64921 1981696 ----a-w- C:\Windows\Sysnative\iglhxa64.cpa
2014-06-10 11:00:55 2DAE8EF56FA66F1A76A628CF7B039596 963116 ----a-w- C:\Windows\Sysnative\igkrng600.bin
2014-06-10 11:00:54 69F0DB83D58D4FFBB7DFA99E2342A016 64000 ----a-w- C:\Windows\Sysnative\igfxsrvc.dll
2014-06-10 11:00:50 8204B6DC0023A0C70D9C8F2AAC0A3999 9007616 ----a-w- C:\Windows\Sysnative\igfxress.dll
2014-06-10 11:00:44 2C10CB00DF069FCE308582FBAE1DF2CA 384512 ----a-w- C:\Windows\Sysnative\igfxpph.dll
2014-06-10 11:00:43 155F4CBCEE52D4E46FA0DA233C2FFD22 218304 ----a-w- C:\Windows\Sysnative\igfcg600m.bin
2014-06-10 11:00:30 62C72494EEB7564F7CE3A91768CA98FE 12859392 ----a-w- C:\Windows\Sysnative\igd10umd64.dll
2014-06-10 11:00:27 481F6E1CD63E09F0516B5E78B35D333E 145804 ----a-w- C:\Windows\Sysnative\igcompkrng600.bin
2014-06-10 11:00:16 B5F20ECEE958E5DC881D66E17D39FFD1 110592 ----a-w- C:\Windows\Sysnative\hccutils.dll
2014-06-10 11:00:16 105CFE016CCB20175BEACEC146F175AB 94208 ----a-w- C:\Windows\Sysnative\IccLibDll_x64.dll
2014-06-10 10:59:41 4DA5DA193E0E4F86F6F8FD43EF25329A 1721576 ----a-w- C:\Windows\Sysnative\WdfCoInstaller01009.dll
2014-06-10 10:59:36 EF9236AEA3DEB188592323218CEC9B0C 227624 ----a-w- C:\Windows\Sysnative\SynTPAPI.dll
2014-06-10 10:59:36 AA6128DCF212D5E77DB57DEA544F4998 148776 ----a-w- C:\Windows\Sysnative\SynTPCo9.dll
2014-06-10 10:59:34 2111EFF8E2DFD04C0E25041DD6392E4F 1048576 ----a-w- C:\Windows\Sysnative\syndata.bin
2014-06-10 10:59:33 A9B98DD52D67F0EE2191CD01A39D497D 277800 ----a-w- C:\Windows\Sysnative\SynCtrl.dll
2014-06-10 10:59:33 9F563194B3C2AB63F00A4982B06C60BF 416040 ----a-w- C:\Windows\Sysnative\SynCOM.dll
2014-06-10 10:56:50 289BD7053FE907BD5059AEF4694D334C 203352 ----a-w- C:\Windows\Sysnative\jmcricon.dll
====== C:\Windows\Sysnative\drivers =====
2014-06-10 19:46:06 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys
2014-06-10 19:20:34 EF4469AB69EB15E5D3754E6AEAFBCD3D 29696 ----a-w- C:\Windows\Sysnative\drivers\terminpt.sys
2014-06-10 19:20:34 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys
2014-06-10 19:20:34 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys
2014-06-10 18:58:15 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2014-06-10 18:58:15 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2014-06-10 18:58:14 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-10 18:48:08 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys
2014-06-10 18:40:02 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2014-06-10 18:40:02 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-06-10 18:40:01 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2014-06-10 18:38:32 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2014-06-10 18:38:32 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-10 18:38:32 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-06-10 18:38:30 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2014-06-10 18:37:49 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2014-06-10 18:37:49 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2014-06-10 18:37:49 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-06-10 18:37:44 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2014-06-10 18:37:40 6C02A83164F5CC0A262F4199F0871CF5 90624 ----a-w- C:\Windows\Sysnative\drivers\bowser.sys
2014-06-10 18:37:12 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
2014-06-10 18:37:08 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys
2014-06-10 18:36:43 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
2014-06-10 18:36:33 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-06-10 18:36:33 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-06-10 18:36:33 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-06-10 18:36:33 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-06-10 18:36:33 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-06-10 18:36:29 D711B3C1D5F42C0C2415687BE09FC163 288768 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys
2014-06-10 18:36:29 A5D9106A73DC88564C825D317CAC68AC 158208 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2014-06-10 18:36:29 9423E9D355C8D303E76B8CFBD8A5C30C 128000 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2014-06-10 18:36:27 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys
2014-06-10 18:36:27 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys
2014-06-10 18:36:27 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys
2014-06-10 18:36:20 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
2014-06-10 18:36:20 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2014-06-10 18:36:13 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys
2014-06-10 18:35:58 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2014-06-10 18:35:51 E61608AA35E98999AF9AAEEEA6114B0A 210944 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
2014-06-10 18:35:50 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys
2014-06-10 18:35:49 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
2014-06-10 18:35:49 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2014-06-10 18:35:49 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
2014-06-10 18:35:49 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
2014-06-10 18:35:46 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2014-06-10 18:35:46 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2014-06-10 18:35:45 B4ADEBBF5E3677CCE9651E0F01F7CC28 410112 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys
2014-06-10 18:35:45 441FBA48BFF01FDB9D5969EBC1838F0B 467456 ----a-w- C:\Windows\Sysnative\drivers\srv.sys
2014-06-10 18:35:45 27E461F0BE5BFF5FC737328F749538C3 168448 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys
2014-06-10 18:35:43 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2014-06-10 18:35:43 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys
2014-06-10 18:35:40 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys
2014-06-10 18:16:19 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys
2014-06-10 11:44:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-06-10 11:35:12 BE166935083F9C38EDFDC21B9A7A679B 39008 ----a-w- C:\Windows\Sysnative\drivers\LhdX64.sys
2014-06-10 11:28:01 EEA6626C85BF7624EC5A3BDE5BF3B9A3 11240 ----a-w- C:\Windows\Sysnative\drivers\nvBridge.kmd
2014-06-10 11:22:48 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_SynTP_01009.Wdf
2014-06-10 11:01:16 FC727061C0F47C8059E88E05D5C8E381 317440 ----a-w- C:\Windows\Sysnative\drivers\IntcDAud.sys
2014-06-10 10:59:36 126AE059261C9234CD697F441F2C85CA 398896 ----a-w- C:\Windows\Sysnative\drivers\SynTP.sys
2014-06-10 10:56:50 E56417C56B6A7316B6F527C890A1860D 174168 ----a-w- C:\Windows\Sysnative\drivers\jmcr.sys
====== C:\Windows\Tasks ======
2014-06-10 12:40:36 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking
2014-06-10 11:40:23 F522A59A761B91033FB9EA69D5A203F7 894 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 11:40:23 34771D7F25D28FCFCB61484DD5167FE5 3890 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 11:40:22 B4D2C2B0E8E17567577CC9E68ADA24BF 3638 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-06-10 11:40:22 28DEF0B9E2397F2671EBE6A8840D98C9 890 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
====== C:\Windows\Temp ======


#8 ModernCannabist

ModernCannabist
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 11 June 2014 - 05:36 AM

======= C:\Program Files =====
2014-06-10 11:35:16 -------- d-----w- C:\Program Files\DIFX
2014-06-10 11:35:12 -------- d-----w- C:\Program Files\Lenovo
2014-06-10 11:34:21 -------- d-----w- C:\Program Files\SRS Labs
2014-06-10 11:30:38 -------- d-----w- C:\Program Files\Intel
2014-06-10 11:23:59 -------- d-----w- C:\Program Files\Common Files\Intel
2014-06-10 11:23:07 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-06-10 11:22:45 -------- d-----w- C:\Program Files\Synaptics
======= C:\PROGRA~2 =====
2014-06-10 12:16:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam
2014-06-10 12:16:48 -------- d-----w- C:\PROGRA~2\Steam
2014-06-10 11:55:03 -------- d-----w- C:\PROGRA~2\Microsoft.NET
2014-06-10 11:45:58 -------- d-----w- C:\PROGRA~2\VideoLAN
2014-06-10 11:40:19 -------- d-----w- C:\PROGRA~2\Google
2014-06-10 11:35:01 -------- d-----w- C:\PROGRA~2\Lenovo
2014-06-10 11:30:38 -------- d-----w- C:\PROGRA~2\Cisco
2014-06-10 11:28:17 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation
2014-06-10 11:21:55 -------- d-----w- C:\PROGRA~2\JMicron
2014-06-10 11:19:35 -------- d-----w- C:\PROGRA~2\Intel
2014-06-10 11:18:28 -------- d--h--w- C:\PROGRA~2\InstallShield Installation Information
2014-06-10 11:18:18 -------- d-----w- C:\PROGRA~2\Renesas Electronics
======= C: =====
====== C:\Users\Navi\AppData\Roaming ======
2014-06-11 01:30:26 -------- d-----w- C:\Users\Navi\AppData\Local\My Games
2014-06-11 00:58:39 -------- d-----w- C:\Users\Navi\AppData\Roaming\uTorrent
2014-06-10 23:46:30 -------- d-----w- C:\Users\Navi\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2014-06-10 23:06:43 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2014-06-10 23:06:43 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-06-10 23:06:43 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-06-10 23:06:43 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2014-06-10 22:47:18 -------- d-----w- C:\Users\Navi\AppData\Roaming\Adobe
2014-06-10 18:27:21 -------- d-----w- C:\Users\Navi\AppData\Local\Spotify
2014-06-10 18:26:49 -------- d-----w- C:\Users\Navi\AppData\Roaming\Spotify
2014-06-10 12:43:03 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs
2014-06-10 12:39:01 -------- d-----w- C:\Users\Navi\AppData\Local\Programs
2014-06-10 11:46:06 -------- d-----w- C:\Users\Navi\AppData\Roaming\vlc
2014-06-10 11:40:19 -------- d-----w- C:\Users\Navi\AppData\Local\Google
2014-06-10 11:40:11 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-06-10 11:40:03 -------- d-----w- C:\Users\Navi\AppData\Local\Deployment
2014-06-10 11:40:03 -------- d-----w- C:\Users\Navi\AppData\Local\Apps
2014-06-10 11:39:32 -------- d-s---w- C:\Users\UpdatusUser\AppData\Locallow\Microsoft
2014-06-10 11:39:30 -------- d-s---w- C:\Users\Navi\AppData\Locallow\Microsoft
2014-06-10 11:39:08 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-06-10 11:35:17 -------- d-----w- C:\Users\Navi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-10 11:34:43 -------- d-----w- C:\Users\Navi\AppData\Local\Downloaded Installations
2014-06-10 11:34:23 -------- d-----w- C:\Users\Navi\AppData\Local\SRS Labs
2014-06-10 11:34:22 54BF545A47E33E2C75E68514F08339F5 58016 ----a-w- C:\Users\Navi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-10 11:31:40 -------- d-----w- C:\Users\Navi\AppData\Roaming\Intel
2014-06-10 11:31:21 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Intel
2014-06-10 11:29:31 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft
2014-06-10 11:29:31 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2014-06-10 11:29:31 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-10 10:49:38 -------- d-----r- C:\Users\Navi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-10 10:49:38 -------- d-----r- C:\Users\Navi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-10 10:49:29 -------- d-----w- C:\Users\Navi\AppData\Roaming\Identities
2014-06-10 10:49:13 -------- d-s---w- C:\Users\Navi\AppData\Roaming\Microsoft
2014-06-10 10:49:13 -------- d-----w- C:\Users\Navi\AppData\Roaming\Media Center Programs
2014-06-10 10:49:13 -------- d-----w- C:\Users\Navi\AppData\Local\Temp
2014-06-10 10:49:13 -------- d-----w- C:\Users\Navi\AppData\Local\Microsoft
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
====== C:\Users\Navi ======
2014-06-10 23:06:43 -------- d-----w- C:\Users\Public\AppData
2014-06-10 12:16:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-10 11:56:59 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-06-10 11:46:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-10 11:40:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-10 11:31:31 -------- d-----w- C:\Users\UpdatusUser\Roaming
2014-06-10 11:31:31 -------- d-----w- C:\Users\Public\Roaming
2014-06-10 11:31:31 -------- d-----w- C:\Users\Navi\Roaming
2014-06-10 11:31:31 -------- d-----w- C:\Users\Default\Roaming
2014-06-10 11:30:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-06-10 11:30:38 -------- d-----w- C:\ProgramData\Intel
2014-06-10 11:29:33 -------- d-----w- C:\Users\UpdatusUser\Searches
2014-06-10 11:29:33 -------- d-----w- C:\Users\UpdatusUser\Contacts
2014-06-10 11:29:31 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini
2014-06-10 11:29:31 -------- d--h--w- C:\Users\UpdatusUser\AppData
2014-06-10 11:29:31 -------- d-----w- C:\Users\UpdatusUser\Saved Games
2014-06-10 11:29:31 -------- d-----w- C:\ProgramData\NVIDIA
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Videos
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Pictures
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Music
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Links
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Favorites
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Downloads
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Documents
2014-06-10 11:29:31 -------- d-----r- C:\Users\UpdatusUser\Desktop
2014-06-10 11:28:19 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-06-10 11:18:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-06-10 10:49:38 -------- d-----r- C:\Users\Navi\Searches
2014-06-10 10:49:26 -------- d-----r- C:\Users\Navi\Contacts
2014-06-10 10:49:13 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Navi\ntuser.ini
2014-06-10 10:49:13 -------- d--h--w- C:\Users\Navi\AppData
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Videos
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Saved Games
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Pictures
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Music
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Links
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Favorites
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Downloads
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Documents
2014-06-10 10:49:13 -------- d-----r- C:\Users\Navi\Desktop
 
====== C: exe-files ==
2014-06-11 01:02:19 D06D22FCA9BB225DA4A70084C8BEB3C7 1078935811 ----a-w- C:\Users\Navi\Downloads\Total Annihilation\setup_total_annihilation_commander_pack.exe
2014-06-11 01:00:10 706EBA33EAE16E2E29B054FD7E795402 1671504 ----a-w- C:\Users\Navi\AppData\Roaming\uTorrent\updates\3.4.2_31633.exe
2014-06-11 01:00:08 706EBA33EAE16E2E29B054FD7E795402 1671504 ----a-w- C:\Users\Navi\AppData\Roaming\uTorrent\uTorrent.exe
2014-06-11 00:58:27 706EBA33EAE16E2E29B054FD7E795402 1671504 ----a-w- C:\Users\Navi\Downloads\Temporary\uTorrent.exe
2014-06-11 00:25:19 3FF1FA16ED0EB755159B04098C2BBB43 200192 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\DirectX\D3D11Install.exe
2014-06-11 00:14:59 9E970EB020EC22032DBBD0BD8C2C659F 525656 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\DirectX\DXSetup.exe
2014-06-11 00:14:59 65BBF3795D11F5F055F2DCA488ABBC4C 1730048 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
2014-06-11 00:14:59 5B4CAD811355A2DF050CBDD111D6C11E 16988824 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\CivilizationV_Tablet.exe
2014-06-11 00:14:59 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\VCRedist\vcredist_x86.exe
2014-06-11 00:14:59 3EFB21312292E64A868430F8B13556E2 16979608 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe
2014-06-11 00:14:59 19BAD2DF3D73C013D81ECA8F8DF75313 10599576 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\CivilizationV.exe
2014-06-10 23:18:40 7E412FF2A90738BEF3666E56ADA92E04 1105920 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe
2014-06-10 23:18:40 495DA482DBD15024CCBD5019FDF0F811 618496 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Command and Conquer 3 Tiberium Wars\Support\EReg.exe
2014-06-10 23:18:40 062B9DDB2CB74BC1C3F7A6CF3D345C8A 503144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Command and Conquer 3 Tiberium Wars\DirectX\DXSETUP.exe
2014-06-10 23:00:14 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-06-10 23:00:14 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-06-10 23:00:14 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-06-10 23:00:14 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-06-10 23:00:14 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2014-06-10 20:48:47 D21DD7BFC81C8623DE48EBB17133D59C 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-06-10 20:48:47 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-06-10 20:02:31 60F88F6CA6303E8273AF7AAA9AAFECAC 812248 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-06-10 20:02:30 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
2014-06-10 20:02:30 50989AAF09CDCEBC0FD8EB0FE79C2A98 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-06-10 20:02:30 4AFAE8BAF6E85311AD78395C47351A1D 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-06-10 20:02:28 4F2AA3E7BD7257E4937E071E3700819E 810200 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-06-10 20:02:28 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
2014-06-10 20:02:28 4076E62E061769E42186AE860007FA08 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-06-10 20:02:28 159C5979C61F51EEFC84D9AB17C4E0E7 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-06-10 18:45:17 2B22CFAE19C5FF6AC7EE50329914E3CD 383808 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00005ba5\updatus.18551782_RUNASUSER.exe
2014-06-10 18:45:15 97B5936437A408F0A10CBE10C38C7BB9 295840 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00005234\drsupdate.17125755_RUNASUSER.exe
2014-06-10 18:44:12 2B22CFAE19C5FF6AC7EE50329914E3CD 383808 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000000\updatus.18551782_RUNASUSER.exe
2014-06-10 18:44:04 845AF450F71A11B7358C6EFE9A76A894 1364256 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
2014-06-10 18:44:04 779147CA211BB0B49AAFDA18151043BF 190752 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\WLMerger.exe
2014-06-10 18:44:04 0D4CB17A4C644BBE6264F367E459AB3F 1163040 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
2014-06-10 18:43:40 DBC9B8F33346F1258804C4F02AD0A346 62752 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe
2014-06-10 18:43:40 06C4335484C4C3E362F467FBF878D592 62240 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe
2014-06-10 18:43:31 AD21FD1CB70FD13F21D21CEFC7A760A3 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\setup.exe
2014-06-10 18:43:31 1D789A020591098A2C7FE29794E0580F 1197856 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\nvxdsync.exe
2014-06-10 18:43:30 F44DF61D9B1C1269862CF4E135B64590 920864 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\nvvsvc.exe
2014-06-10 18:43:30 DBC9B8F33346F1258804C4F02AD0A346 62752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\nvSmartMaxapp64.exe
2014-06-10 18:43:30 AD21FD1CB70FD13F21D21CEFC7A760A3 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{94333FD8-039A-4768-8F64-26CB50031837}\setup.exe
2014-06-10 18:43:30 A757D0F1C4A38BA2573CD7366539ED34 6866208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\nvcplui.exe
2014-06-10 18:43:30 973AC1B2E98C7065AA8385D6733A5B10 2450208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\NvTray.exe
2014-06-10 18:43:30 06C4335484C4C3E362F467FBF878D592 62240 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{AFD3EAA6-8930-477D-A048-433D49E06432}\nvSmartMaxapp.exe
2014-06-10 18:43:18 845AF450F71A11B7358C6EFE9A76A894 1364256 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{D9A56151-8E69-4E1F-8253-A29E6AF646E2}\daemonu.exe
2014-06-10 18:43:18 779147CA211BB0B49AAFDA18151043BF 190752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{D9A56151-8E69-4E1F-8253-A29E6AF646E2}\WLMerger.exe
2014-06-10 18:43:18 425307AE113F3510571E4FD465C19AFE 74378984 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3C880FC7-B100-438B-8D67-58B86FF03AFB}\NvCplSetupInt.exe
2014-06-10 18:43:18 257BD51529519AC14A29D9680E3D6837 250144 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3C880FC7-B100-438B-8D67-58B86FF03AFB}\dbInstaller.exe
2014-06-10 18:43:18 0D4CB17A4C644BBE6264F367E459AB3F 1163040 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{D9A56151-8E69-4E1F-8253-A29E6AF646E2}\ComUpdatus.exe
2014-06-10 18:43:10 84736A1474DFCD89EE60B7845546866C 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{9E5DC950-C9BF-47C1-BBB7-23FEC62B9192}\setup.exe
2014-06-10 18:42:19 42F24559E8C472F6FF745BB7C5465FB2 1333465 ----a-w- C:\Users\Navi\Downloads\Temporary\AdwCleaner.exe
2014-06-10 18:35:35 F119D0BAB5777334F7CC6E2042175D73 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe
2014-06-10 18:27:19 BA42E0FC5DE3D3EEBE90D5E34A6448D7 61496 ----a-w- C:\Users\Navi\AppData\Roaming\Spotify\SpotifyLauncher.exe
2014-06-10 18:27:19 65F72C68DFE48591AFA2100FBEDB66B6 6170168 ----a-w- C:\Users\Navi\AppData\Roaming\Spotify\spotify.exe
2014-06-10 18:27:19 3B6060D03FE2D982AC7F4C2CE1D4FD76 1176632 ----a-w- C:\Users\Navi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
2014-06-10 18:27:11 330F7201811A7236E4539CFBA11984D4 598072 ----a-w- C:\Users\Navi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-10 18:26:39 3B507F318F03EA07D67656CCDA81830B 126112 ----a-w- C:\Users\Navi\Downloads\Temporary\SpotifySetup.exe
2014-06-10 18:13:24 BA48F4C0988795FBEADAE23BE988054D 1940216 ----a-w- C:\Users\Navi\Downloads\Temporary\rkill.exe
2014-06-10 12:17:25 FF0CC11B2A2345F1F908813B897CB002 104640 ----a-w- C:\Program Files (x86)\Steam\bin\x64launcher.exe
2014-06-10 12:17:25 EB9CB8988EE53699B78380E552ADEE78 95424 ----a-w- C:\Program Files (x86)\Steam\bin\x86launcher.exe
2014-06-10 12:17:25 D0413A9E7CF1D6CC61DF1D6972CC2B1E 279232 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter64.exe
2014-06-10 12:17:25 A5AC34B53D106DE5BF5709EBE035C906 234176 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter.exe
2014-06-10 12:17:25 79479690C9660101B8658E2385FDA0C8 95936 ----a-w- C:\Program Files (x86)\Steam\GameOverlayUI.exe
2014-06-10 12:17:25 413A9B2703257FDE51841CA23892BBE7 2604736 ----a-w- C:\Program Files (x86)\Steam\streaming_client.exe
2014-06-10 12:17:22 EE57DFA8CDE83118E8745BE09D5E8259 284456 ----a-w- C:\Program Files (x86)\Steam\WriteMiniDump.exe
2014-06-10 12:17:21 E52C1B99FB8622F6F79144F84EA1382D 193784 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_10560.exe
2014-06-10 12:17:21 C34F746ACB2A8C69817AE58AA1DF5D30 238840 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17300.exe
2014-06-10 12:17:21 B6AE77037F06336CF5046603E715D39F 226552 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17340.exe
2014-06-10 12:17:21 A23357A49B79CBF46E15F367FBC2028E 500984 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17330.exe
2014-06-10 12:17:21 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_6520.exe
2014-06-10 12:17:21 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_6510.exe
2014-06-10 12:17:21 9F0ACFF4C39190F3F84CF87FE4C34085 193784 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_10540.exe
2014-06-10 12:16:49 3F0826F632F66906CB3ED62202A6BAD7 569024 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
2014-06-10 11:53:12 F5050ACBFDF22210CBA2A18755C3852C 1141680 ----a-w- C:\Users\Navi\Downloads\Temporary\SteamSetup.exe
2014-06-10 11:50:16 4A0CF002C419044550DE28AEAA1509CC 168766272 ----a-w- C:\Users\Navi\Downloads\Temporary\kav15.0.0.463EN_5997.exe
2014-06-10 11:46:01 C7381EEC1332559C3582B40A41221904 233566 ----a-w- C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
2014-06-10 11:44:32 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Navi\Downloads\Temporary\vlc-2.1.3-win32.exe
2014-06-10 11:40:41 3AF5806AAB54D86CDA7AAA034FD2C35E 38382160 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.114\35.0.1916.114_chrome_installer.exe
2014-06-10 11:40:20 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
2014-06-10 11:40:20 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
2014-06-10 11:40:20 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
2014-06-10 11:40:20 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
2014-06-10 11:40:20 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
2014-06-10 11:40:20 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2014-06-10 11:40:20 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe
2014-06-10 11:40:20 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
2014-06-10 11:40:15 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Users\Navi\AppData\Local\Apps\2.0\GB9LH52M.3O2\807DVVOD.A6A\goog...app_4fe91ede9f9bdca3_0001.0003_d8c310020948d6fb\GoogleUpdateSetup.exe
2014-06-10 11:40:15 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Users\Navi\AppData\Local\Apps\2.0\GB9LH52M.3O2\807DVVOD.A6A\clic...exe_4fe91ede9f9bdca3_0001.0003_none_e0b66a49f1dbb42d\GoogleUpdateSetup.exe
2014-06-10 11:40:15 30485BC4DAAA839808CB0F19D80D8AB8 10120 ------w- C:\Users\Navi\AppData\Local\Apps\2.0\GB9LH52M.3O2\807DVVOD.A6A\goog...app_4fe91ede9f9bdca3_0001.0003_d8c310020948d6fb\clickonce_bootstrap.exe
2014-06-10 11:39:33 2B22CFAE19C5FF6AC7EE50329914E3CD 383808 ----a-w- C:\ProgramData\NVIDIA\Updatus\Download\5BA5\updatus.18551782_RUNASUSER.exe
2014-06-10 11:35:16 9B2524363AA58CE288D7C6F34C123885 931144 ----a-w- C:\Program Files\DIFX\8C657473004ED4CD\DPInst.exe
2014-06-10 11:35:12 9B2524363AA58CE288D7C6F34C123885 931144 ----a-w- C:\Program Files (x86)\Lenovo\Energy Management\DPInst.exe
2014-06-10 11:35:12 76DF19A7C0027DA774FF1BD8E843C3D7 2025288 ----a-w- C:\Program Files (x86)\Lenovo\Energy Management\Lenovo Super Energy Saver.exe
2014-06-10 11:35:01 2DD2AD874F117B051C8E91059415BE4B 602208 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{D0956C11-0F60-43FE-99AD-524E833471BB}\setup.exe
2014-06-10 11:29:35 8029515BA96A9954D01D5F161EF36994 194152 ----a-w- C:\ProgramData\NVIDIA\Updatus\WLMerger.exe
2014-06-10 11:29:26 932BBFE88F820CC6039065F72DABA029 2980456 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\ComUpdatus.exe
2014-06-10 11:29:26 8029515BA96A9954D01D5F161EF36994 194152 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\WLMerger.exe
2014-06-10 11:29:26 7C804B02415A58B0C01E79DA44BE2E32 2009704 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
2014-06-10 11:29:26 1CA931C5F0B832C1825DC27342C7457E 621160 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\Nvlhr.exe
2014-06-10 11:29:16 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe
2014-06-10 11:29:01 BD6DAE131D7DDD8194B4F00F0DDF5753 417896 ----a-w- C:\Program Files\NVIDIA Corporation\3D Emitter\nvUSBInst.exe
2014-06-10 11:28:07 1463A9A6A2A09314343C54C46A1056B7 2085280 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.0\NvIRUSB.exe
2014-06-10 11:28:06 1888D2D7F22366F2CECB51E49AD5E0E6 315680 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe
2014-06-10 11:28:02 A227BCAC5BE5DF2E64A82A1E1E5E6452 56401656 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.0\NvCplSetupInt.exe
2014-06-10 11:28:01 EF2CBC0C0CD28D8EFE42A4D9D9AD7797 191080 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.0\dbInstaller.exe
2014-06-10 11:27:40 3FC786789D4B95506501773B9EFA2B29 338536 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.1\setup.exe
2014-06-10 11:23:58 A307339D5E1E83C97EDE96701B1EBD38 185816 ----a-w- C:\Program Files (x86)\Intel\Intel® Processor Graphics\uninstall\x64\Drv64.exe
2014-06-10 11:23:57 CC98E4C2F26EB01586DCD8C61683C622 1089496 ----a-w- C:\Program Files (x86)\Intel\Intel® Processor Graphics\uninstall\Setup.exe
2014-06-10 11:21:55 A8EDF3036ACF0F72F6708FC13C0D3684 1202776 ----a-w- C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe
2014-06-10 11:18:28 39B1075FCE5E2C30EFC6DB05F19BEDD3 987744 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe
2014-06-10 10:59:41 81AACFD181412E18402AC7E95D4E9C59 337192 ----a-w- C:\Program Files\Synaptics\SynTP\Tutorial.exe
2014-06-10 10:59:41 3B0A9BC4A4D966EA4AB32A06106604C1 247080 ----a-w- C:\Program Files\Synaptics\SynTP\SynZMetr.exe
2014-06-10 10:59:38 F36F80E79E10EA2C35CFA436A6A04015 121640 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2014-06-10 10:59:37 2039CAB1A47ED631BBB2D1CC88DA8E88 2841896 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2014-06-10 10:59:34 7CD124BB818C1B713D72850DD0CE3A1D 238888 ----a-w- C:\Program Files\Synaptics\SynTP\SynMood.exe
2014-06-10 10:59:29 2EF9B01E9D7EBA003BDB7644ACAC8901 171304 ----a-w- C:\Program Files\Synaptics\SynTP\InstNT.exe
=== C: other files ==
2014-06-11 01:06:17 B3B717D94D9C654422F0DD2D15F69672 1270944 ----a-w- C:\Users\Navi\Downloads\Total Annihilation\ta_game_manual.zip
2014-06-11 01:04:37 D718FBB2D938361C77F401398D53B79F 2811358 ----a-w- C:\Users\Navi\Downloads\Total Annihilation\ta_map_editor.zip
2014-06-11 01:02:23 FE6B98F27FF3D9C94B0113902B2054E3 80010757 ----a-w- C:\Users\Navi\Downloads\Total Annihilation\TotalA_soundtrack.zip
2014-06-11 01:02:17 75AE41C223F593BCB814CE4130208268 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2468016960-3202793522-1295377968-1000\$IOX75F0.zip
2014-06-11 01:02:17 6FF0D75DDF71E12DE61AE761C8270196 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2468016960-3202793522-1295377968-1000\$IN52MJQ.zip
2014-06-11 01:01:08 2BE3F3718E912CFE4CC408A11D3F0566 120711730 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2468016960-3202793522-1295377968-1000\$RN52MJQ.zip
2014-06-11 01:01:00 1A6DDAFC62D76EED6392C895798D5D1C 175590868 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2468016960-3202793522-1295377968-1000\$ROX75F0.zip
2014-06-10 19:46:06 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2014-06-10 19:20:34 EF4469AB69EB15E5D3754E6AEAFBCD3D 29696 ----a-w- C:\Windows\System32\drivers\terminpt.sys
2014-06-10 19:20:34 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2014-06-10 19:20:34 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-06-10 18:58:15 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-06-10 18:58:15 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-06-10 18:48:08 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-06-10 18:40:02 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-06-10 18:40:02 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-06-10 18:40:01 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-06-10 18:38:32 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-06-10 18:38:32 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-10 18:38:32 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-10 18:38:30 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-06-10 18:37:49 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-06-10 18:37:49 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2014-06-10 18:37:44 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-06-10 18:37:40 6C02A83164F5CC0A262F4199F0871CF5 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-06-10 18:37:12 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2014-06-10 18:37:08 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2014-06-10 18:36:49 E918C0DE5CF2AE6BEDBF387C09627D93 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-06-10 18:36:43 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-06-10 18:36:33 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-06-10 18:36:33 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-06-10 18:36:33 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-06-10 18:36:33 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-06-10 18:36:33 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-06-10 18:36:29 D711B3C1D5F42C0C2415687BE09FC163 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2014-06-10 18:36:29 A5D9106A73DC88564C825D317CAC68AC 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2014-06-10 18:36:29 9423E9D355C8D303E76B8CFBD8A5C30C 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2014-06-10 18:36:27 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-06-10 18:36:27 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-06-10 18:36:27 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-06-10 18:36:20 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2014-06-10 18:36:20 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2014-06-10 18:36:13 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2014-06-10 18:35:58 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-06-10 18:35:51 E61608AA35E98999AF9AAEEEA6114B0A 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-06-10 18:35:50 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2014-06-10 18:35:49 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-06-10 18:35:49 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2014-06-10 18:35:49 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2014-06-10 18:35:49 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-06-10 18:35:46 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2014-06-10 18:35:46 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-06-10 18:35:45 B4ADEBBF5E3677CCE9651E0F01F7CC28 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-06-10 18:35:45 441FBA48BFF01FDB9D5969EBC1838F0B 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2014-06-10 18:35:45 27E461F0BE5BFF5FC737328F749538C3 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2014-06-10 18:35:43 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-10 18:35:43 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-06-10 18:35:40 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2014-06-10 18:27:19 71516A1144CF5F946B318F45976053E1 12125370 ----a-w- C:\Users\Navi\AppData\Roaming\Spotify\Data\apps.zip
2014-06-10 18:27:11 10FA4FB9349C14BA19921E96A089FF6F 3088342 ----a-w- C:\Users\Navi\AppData\Roaming\Spotify\Data\resources.zip
2014-06-10 18:16:19 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-06-10 18:01:22 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Navi\Downloads\Temporary\dds.com
2014-06-10 11:35:12 BE166935083F9C38EDFDC21B9A7A679B 39008 ----a-w- C:\Windows\System32\drivers\LhdX64.sys
2014-06-10 11:01:16 FC727061C0F47C8059E88E05D5C8E381 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2014-06-10 10:59:36 126AE059261C9234CD697F441F2C85CA 398896 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2014-06-10 10:56:50 E56417C56B6A7316B6F527C890A1860D 174168 ----a-w- C:\Windows\System32\drivers\jmcr.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-21-2468016960-3202793522-1295377968-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Navi\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
 
[HKEY_USERS\S-1-5-21-2468016960-3202793522-1295377968-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-2468016960-3202793522-1295377968-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Navi\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll"
 
==== Startup Registry Disabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SDTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Navi\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Navi\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDScannerService]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDUpdateService]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDWSCService]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service]
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/10/2014 05:40 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/10/2014 05:40 AM]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]
 
==== Chrome Look ======================
 
Entanglement Web App - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd
Google Docs - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Pandora - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl
AdBlock - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
NPR Infinite Player - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf
Canabalt - HD Version - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkempgfofnfmanpnnhiojeadfhhleicd
Reddit Enhancement Suite - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb
Northern Lights - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef
Google Wallet - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Navi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
 
==== HijackThis Entries ======================
 
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Navi\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_30E3BB6B7BDF668A62C06864950742C2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-21-2468016960-3202793522-1295377968-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2468016960-3202793522-1295377968-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Navi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\Navi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
No Flash Cache Found
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Navi\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Navi\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on Wed 06/11/2014 at  4:12:03.97 ======================
 
Sorry to break it into three post, the forum wasn't letting me upload it in any other sized chunks.


#9 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:03:10 AM

Posted 11 June 2014 - 02:47 PM

Hi ModernCannabist

Download CKScanner from >here<

Important : Save it to your desktop.

Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify that the file is saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#10 ModernCannabist

ModernCannabist
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 11 June 2014 - 02:55 PM

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.TSNAXZ
 ----- EOF ----- 
 
 
That's all it came out with .


#11 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:03:10 AM

Posted 13 June 2014 - 04:14 PM

Hi ModernCannabist

Step 1

No Anti-virus Detected

Your logs indicate that you don't have any anti-virus protection on your machine. This opens it to malware threats.

Here is some examples of FREE Anti-virus. Please note this is for personal use only.

http://free.avg.com/gb-en/homepage
http://www.avast.com/free-antivirus-download
http://windows.microsoft.com/en-US/windows/security-essentials-download

Step 2

Peer-to-Peer Programs Warning

Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case UTorrent). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

I suggest you remove it via add/remove.


Step 3

We need to re-run Zoek

    • Close/disable all anti virus and anti malware programs so they do not interfere with the download or execution of Zoek.exe
      You can find instructions how to disable your security applications >>Here<< or >>Here<<
    • Double click zoek.exe to start the program.
    • Copy and paste the following script in the code box:
    • Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar !
      C:\Users\Navi\AppData\Roaming\uTorrent;f
      C:\Users\Navi\Downloads\Temporary\uTorrent.exe;f
      [HKEY_USERS\S-1-5-21-2468016960-3202793522-1295377968-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
      "uTorrent"=-;r
      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
      "uTorrent"=-;r
      standardsearch;
      
      
       
    • Close any open browsers.
    • Click the "Run script" button and wait patiently.
    • When finished the logfile will be opened in notepad.
    • If a reboot is needed the logfile will be opened after reboot.
    • The zoek-results.log can also be found on your systemdrive (normally C:\).
    • Please post the logfile for further review in your next reply
  • Step 4

    Please download Malwarebytes Anti-Malware
  • and save it to your desktop.
  • Please open Malwarebytes Anti-Malware
    MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Please update the database by clicking on the Update Now button as shown below.
    Capture1_zps47821576.jpg
  • Following the update, Click Settings > Detection and Protection and make sure Scan for Rootkits it checked.
    MBAM%20rootkit%20setting.jpg                                                                                                                                                   
  • Click on Dashboard, then click on the large green Scan Now button to begin the Threat Scan.

    If Malware or Potentially Unwanted Programs are found you will receive a Prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.
  • A window with an option to view the detailed log will appear. Click on View Detailed Log.
    MBAMThreatScan_zpsc6c6daeb.jpg
  • After viewing the results, please click on the Copy to Clipboard button > OK.
    MBAMScanLog_zps21b494ad.jpg
  • Return to our forum. Paste your log into your next reply.
  • Note: If you lose the Clipboard copy and need to retrieve the log again it can be found by opening Malwarebytes and clicking on History> Application Logs with the date of the scan. Simply double-click on that in order to see the options for Copying to Clipboard or to Export to a .txt file (Notepad). etc.. The .txt file can be saved and posted when you are ready.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#12 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:03:10 AM

Posted 16 June 2014 - 09:35 AM

This is a 48 hour status check. We need to continue our troubleshooting to make sure there are no more threats on your machine. If you don't have any free time please reply back to this thread and we will keep it open.

If you don't reply back within 24 hours, this thread may be closed for inactivity.


“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:10 PM

Posted 17 June 2014 - 05:46 PM

Due to the lack of feedback/inactivity, this Topic is closed. Should you need it reopened, please contact a Forum Moderator or member of the Malware Response Team. Include the address of this thread in your request. If you have a new issue, please start a New Topic. This applies only to the original poster. Everyone else please begin a New Topic.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users