Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
10 replies to this topic

#1 zvi8875

zvi8875

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:37 PM

Posted 02 August 2014 - 10:33 AM

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:33:17 PM, on 8/2/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.18487)
 
FIREFOX: 22.0 (en-US)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Zvika\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.4872\Battle.net.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Users\Zvika\Downloads\Programs\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [RazerGameBooster] C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe -autorun
O4 - HKLM\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto                                                                                                                                                                                                   
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun                                                                                                                                                                                                        
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe" /m                                                                                                                                                                                               
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Zvika\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED                                                                                                                                                                                                       
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO                                                                                                                                                                                                                         
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Zvika\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User '?')
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-96319345-2727009319-3058510085-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted (User '?')
O4 - HKUS\S-1-5-21-96319345-2727009319-3058510085-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Spotify Web Helper] "C:\Users\Zvika\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'Default user')
O4 - S-1-5-21-96319345-2727009319-3058510085-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: CurseClientStartup.ccip (User '?')
O4 - Startup: CurseClientStartup.ccip
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ?&???? ??????? ?? OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ?&???? ??????? ?? OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O15 - Trusted Zone: http://*.aeriagames.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BAAAC866-9F0C-42D3-8DEC-CE354F5DAE63}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 16883 bytes
 

 



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:37 PM

Posted 03 August 2014 - 02:23 PM

:welcome:

Hello zvi8875,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
It is important for you to check your topic at least once a day for a reply. You cannot rely on the e-mail notification system to inform you of new replies as it is not completely reliable.


***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:37 PM

Posted 07 August 2014 - 04:03 AM

Hi,

 

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

 

Note: Threads will be closed if no response after 3 days.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 zvi8875

zvi8875
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:37 PM

Posted 07 August 2014 - 03:48 PM

1.checkup.txt

 Results of screen317's Security Check version 0.99.86  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET Smart Security 7.0   
Windows Defender          
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 

2.OTL.TXT

 

OTL logfile created on: 8/7/2014 11:41:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zvika\Downloads\Programs
64bit- Enterprise Edition N  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
11.98 Gb Total Physical Memory | 9.20 Gb Available Physical Memory | 76.73% Memory free
14.36 Gb Paging File | 11.15 Gb Available in Paging File | 77.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.57 Gb Total Space | 186.30 Gb Free Space | 83.33% Space Free | Partition Type: NTFS
Drive D: | 146.48 Gb Total Space | 51.90 Gb Free Space | 35.43% Space Free | Partition Type: NTFS
Drive F: | 29.28 Gb Total Space | 16.77 Gb Free Space | 57.28% Space Free | Partition Type: FAT32
Drive G: | 111.69 Gb Total Space | 37.41 Gb Free Space | 33.49% Space Free | Partition Type: NTFS
Drive H: | 703.12 Gb Total Space | 46.43 Gb Free Space | 6.60% Space Free | Partition Type: NTFS
Drive I: | 52.60 Gb Total Space | 28.11 Gb Free Space | 53.44% Space Free | Partition Type: NTFS
 
Computer Name: ZVIKA | User Name: zvika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\zvika\Downloads\Programs\OTL.exe (OldTimer Tools)
PRC - C:\Users\zvika\Desktop\SecurityCheck.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\zvika\Desktop\SecurityCheck.exe ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe ()
MOD - C:\Program Files\Plantronics\GameCom 780 & 788\VMixPLGC.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files\LinkShellExtension\32\RockallDLL.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (RzOvlMon) -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe (Razer, Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (RzDxgk) -- C:\Windows\SysNative\drivers\RzDxgk.sys (Razer, Inc.)
DRV:64bit: - (RzFilter) -- C:\Windows\SysNative\drivers\RzFilter.sys (Razer, Inc.)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (PlantronicsGC) -- C:\Windows\SysNative\drivers\PLTGC.sys (C-Media Electronics Inc)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (edevmon) -- C:\Windows\SysNative\drivers\edevmon.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?rd=1&ucc=IL&dcc=IL&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 EC 36 93 3E B1 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014/08/05 23:21:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\zvika\AppData\Roaming\IDM\idmmzcc5 [2014/08/06 23:06:46 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: HTTPS Everywhere = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2014.6.26_0\
CHR - Extension: AdBlock = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.9_0\
CHR - Extension: Hola Better Internet = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.4.361_0\
CHR - Extension: IDM Integration Module = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.21_0\
CHR - Extension: Google Wallet = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D174A4-B080-49B0-9C06-F72A4FB1FA8A}: DhcpNameServer = 10.0.0.138
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{aef88a77-1d30-11e4-9bf7-806e6f6e6963}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/07 21:06:43 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Apps
[2014/08/07 21:05:23 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\vlc
[2014/08/07 21:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/08/07 21:04:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/08/07 20:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/08/07 20:55:28 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Apple Computer
[2014/08/07 20:55:28 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Apple Computer
[2014/08/07 20:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/08/07 20:55:26 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014/08/07 20:55:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/07 20:55:13 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Apple
[2014/08/07 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014/08/07 20:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014/08/07 20:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/08/07 20:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/08/07 20:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/08/07 20:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014/08/07 20:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2014/08/06 23:06:46 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\NVIDIA
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\IDM
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\DMCache
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Blizzard Entertainment
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Battle.net
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Battle.net
[2014/08/06 23:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014/08/06 23:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\LinkShellExtension
[2014/08/06 23:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
[2014/08/06 22:59:00 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/06 22:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/06 22:58:53 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/06 22:58:53 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/08/06 22:58:53 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/08/06 22:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/06 22:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/06 22:58:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Programs
[2014/08/06 22:57:13 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\WinRAR
[2014/08/06 22:57:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/08/06 22:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/08/06 22:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/08/06 22:54:41 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/08/06 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
[2014/08/06 22:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\Plantronics
[2014/08/06 22:54:25 | 000,524,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2014/08/06 22:54:15 | 001,327,104 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\PLTGC.sys
[2014/08/06 22:54:15 | 000,321,824 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltrPLTGC.dll
[2014/08/06 22:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plantronics
[2014/08/06 22:51:33 | 000,000,000 | ---D | C] -- C:\WoW
[2014/08/06 22:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014/08/06 00:12:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/08/05 23:34:50 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Razer
[2014/08/05 23:32:51 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Razer_Inc
[2014/08/05 23:32:27 | 000,129,472 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzDxgk.sys
[2014/08/05 23:32:27 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys
[2014/08/05 23:32:25 | 000,000,000 | ---D | C] -- C:\Windows\Razer Core
[2014/08/05 23:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2014/08/05 23:31:20 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014/08/05 23:31:20 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014/08/05 23:31:19 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014/08/05 23:31:19 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014/08/05 23:31:19 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014/08/05 23:31:19 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014/08/05 23:31:19 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\NVIDIA Corporation
[2014/08/05 23:31:18 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/08/05 23:31:18 | 001,291,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/08/05 23:31:18 | 001,283,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/08/05 23:31:18 | 001,126,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/08/05 23:31:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/08/05 23:31:10 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/08/05 23:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/08/05 23:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/08/05 23:31:04 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/08/05 23:31:04 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014/08/05 23:31:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/08/05 23:31:03 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/05 23:31:03 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/05 23:31:03 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/08/05 23:30:48 | 000,609,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/08/05 23:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/08/05 23:30:42 | 006,783,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/08/05 23:30:42 | 003,522,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/08/05 23:30:42 | 000,386,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/08/05 23:30:42 | 000,062,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/08/05 23:30:37 | 000,075,040 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/08/05 23:30:37 | 000,061,912 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/08/05 23:29:46 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014/08/05 23:29:46 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014/08/05 23:29:46 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/08/05 23:29:46 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014/08/05 23:29:46 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/08/05 23:29:46 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014/08/05 23:29:45 | 031,512,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/08/05 23:29:45 | 024,196,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/08/05 23:29:45 | 022,994,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/08/05 23:29:45 | 018,626,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/08/05 23:29:45 | 017,555,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/08/05 23:29:45 | 016,122,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/08/05 23:29:45 | 015,294,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/08/05 23:29:45 | 014,498,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/08/05 23:29:45 | 013,922,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/08/05 23:29:45 | 013,835,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/08/05 23:29:45 | 011,283,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/08/05 23:29:45 | 011,222,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/08/05 23:29:45 | 004,247,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/08/05 23:29:45 | 003,989,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/08/05 23:29:45 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014/08/05 23:29:45 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014/08/05 23:29:45 | 000,965,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014/08/05 23:29:45 | 000,944,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/08/05 23:29:45 | 000,907,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/08/05 23:29:45 | 000,903,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/08/05 23:29:45 | 000,869,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/08/05 23:29:45 | 000,846,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/08/05 23:29:45 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/08/05 23:29:45 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/08/05 23:29:45 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/08/05 23:29:45 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/08/05 23:29:44 | 003,196,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014/08/05 23:29:44 | 002,814,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/08/05 23:28:18 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/08/05 23:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/08/05 23:27:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2014/08/05 23:24:06 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\NVIDIA
[2014/08/05 23:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/08/05 23:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/08/05 23:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/08/05 23:22:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\ESET
[2014/08/05 23:22:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\ESET
[2014/08/05 23:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/08/05 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/08/05 23:21:39 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Google
[2014/08/05 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/08/05 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/08/05 23:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/08/05 23:20:54 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Macromedia
[2014/08/05 23:20:53 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\EmieUserList
[2014/08/05 23:20:53 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\EmieSiteList
[2014/08/05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\zvika\OneDrive
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\Searches
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\Contacts
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/08/05 23:18:34 | 000,000,000 | -H-D | C] -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/08/05 23:18:34 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\VirtualStore
[2014/08/05 23:18:34 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Adobe
[2014/08/05 23:18:33 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Packages
[2014/08/05 23:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2014/08/05 23:18:08 | 000,000,000 | --SD | C] -- C:\Users\zvika\AppData\Roaming\Microsoft
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Videos
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Saved Games
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Pictures
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Music
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Links
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Favorites
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Downloads
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Documents
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Desktop
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\Temporary Internet Files
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Templates
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Start Menu
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\SendTo
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Recent
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\PrintHood
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\NetHood
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Documents\My Videos
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Documents\My Pictures
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Documents\My Music
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\My Documents
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Local Settings
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\History
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Cookies
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Application Data
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\Application Data
[2014/08/05 23:18:08 | 000,000,000 | -H-D | C] -- C:\Users\zvika\AppData
[2014/08/05 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Temp
[2014/08/05 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Microsoft
[2014/08/05 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/08/05 23:14:40 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2014/08/05 23:14:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/08/05 23:13:28 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/08/05 23:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/08/05 23:12:51 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/07/23 04:02:18 | 000,180,136 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2014/07/16 05:20:47 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2014/07/16 05:16:44 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/07/16 05:16:44 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/07/16 05:16:44 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/07/16 05:16:44 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2014/07/16 05:16:44 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/07/16 05:16:44 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/07/16 05:16:44 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2014/07/16 05:16:44 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvewiz.dll
[2014/07/16 05:16:44 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2014/07/16 05:16:44 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2014/07/16 05:16:44 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2014/07/16 05:16:44 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2014/07/16 05:16:44 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2014/07/16 05:16:44 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2014/07/16 05:16:44 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2014/07/16 05:16:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
[2014/07/16 05:16:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/07/16 05:16:44 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/07/16 05:16:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/07/16 05:16:44 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfgLib.dll
[2014/07/16 05:16:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BulkOperationHost.exe
[2014/07/16 05:16:44 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncobjapi.dll
[2014/07/16 05:16:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/07/16 05:16:44 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncobjapi.dll
[2014/07/16 05:15:45 | 008,652,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/16 05:15:45 | 007,173,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 006,645,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/07/16 05:15:45 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 005,774,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/07/16 05:15:45 | 005,104,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 002,688,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2014/07/16 05:15:45 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlowUI.dll
[2014/07/16 05:15:45 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2014/07/16 05:15:45 | 001,466,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/07/16 05:15:45 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2014/07/16 05:15:45 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/07/16 05:15:45 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/07/16 05:15:45 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2014/07/16 05:15:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/07/16 05:15:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/07/16 05:15:45 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2014/07/16 05:15:45 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2014/07/16 05:15:45 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/07/16 05:15:45 | 000,467,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/07/16 05:15:45 | 000,463,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/07/16 05:15:45 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2014/07/16 05:15:45 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/07/16 05:15:45 | 000,407,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2014/07/16 05:15:45 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/07/16 05:15:45 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/07/16 05:15:45 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2014/07/16 05:15:45 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,337,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/07/16 05:15:45 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/07/16 05:15:45 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/07/16 05:15:45 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2014/07/16 05:15:45 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2014/07/16 05:15:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/07/16 05:15:45 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014/07/16 05:15:45 | 000,263,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2014/07/16 05:15:45 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2014/07/16 05:15:45 | 000,244,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014/07/16 05:15:45 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/07/16 05:15:45 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2014/07/16 05:15:45 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/07/16 05:15:45 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/07/16 05:15:45 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersShell.dll
[2014/07/16 05:15:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/07/16 05:15:45 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BootMenuUX.dll
[2014/07/16 05:15:45 | 000,130,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2014/07/16 05:15:45 | 000,125,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2014/07/16 05:15:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014/07/16 05:15:45 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/07/16 05:15:45 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\energyprov.dll
[2014/07/16 05:15:45 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/07/16 05:15:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2014/07/16 05:15:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2014/07/16 05:15:45 | 000,032,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ploptin.dll
[2014/07/16 05:15:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2014/07/16 05:15:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2014/07/16 05:14:47 | 001,417,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/07/16 05:14:47 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2014/07/16 05:14:47 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2014/07/16 05:14:40 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/16 05:14:40 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/16 05:14:36 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/16 05:14:36 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/16 05:14:21 | 013,287,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/07/16 05:14:21 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/07/16 05:14:21 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/07/16 05:14:21 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/16 05:14:21 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/07/16 05:14:21 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/16 05:14:21 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.appcore.dll
[2014/07/16 05:14:21 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/16 05:14:21 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/16 05:14:21 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/16 05:14:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2014/07/16 05:14:11 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/07/16 05:14:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvcfg.exe
[2014/07/16 05:14:02 | 016,871,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 012,711,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2014/07/16 05:14:02 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
[2014/07/16 05:14:02 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2014/07/16 05:14:02 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/07/16 05:14:02 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/07/16 05:14:02 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/07/16 05:14:02 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2014/07/16 05:14:02 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/07/16 05:14:02 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2014/07/16 05:14:02 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/07/16 05:14:02 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/07/16 05:13:47 | 003,360,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/07/16 05:13:42 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/07/16 05:13:42 | 003,048,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe
[2014/07/16 05:13:42 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcWebSync.dll
[2014/07/16 05:13:42 | 002,834,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2014/07/16 05:13:42 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/07/16 05:13:42 | 000,055,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wpcfltr.sys
[2014/07/16 05:13:37 | 001,336,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/07/16 05:13:33 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/07/16 05:13:18 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/16 05:13:18 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/16 05:13:18 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/16 05:13:18 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/16 05:13:18 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/16 05:13:18 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/16 05:13:18 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/16 05:13:18 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/16 05:13:18 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/16 05:13:18 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/16 05:13:18 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/16 05:13:18 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/16 05:13:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/16 05:13:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/16 05:13:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/16 05:13:18 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/16 05:13:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/16 05:13:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/16 05:13:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/16 05:13:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/16 05:13:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/16 05:13:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/16 05:13:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/16 05:12:54 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2014/07/16 05:12:54 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
[2014/07/16 05:12:39 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/16 05:12:39 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.appcore.dll
[2014/07/16 05:12:39 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/07/16 05:12:39 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/07/16 05:12:39 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/07/16 05:12:39 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/16 05:12:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/16 05:12:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSReset.exe
[2014/07/16 05:12:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/07/16 05:12:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/16 05:12:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/16 05:12:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/07/16 05:12:30 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mrt_map.dll
[2014/07/16 05:12:30 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt_map.dll
[2014/07/16 05:12:30 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mrt100.dll
[2014/07/16 05:12:30 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt100.dll
[2014/07/16 05:12:27 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/07/16 05:12:27 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/07/16 05:12:20 | 000,257,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/07/16 05:12:20 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2014/07/16 05:12:20 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/07/16 05:11:46 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2014/07/16 05:11:46 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2014/07/16 05:10:29 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/07/16 05:10:29 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/07/16 05:10:29 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/07/16 05:10:29 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/07/16 05:10:29 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/07/16 05:10:29 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/07/16 05:10:29 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2014/07/16 05:10:29 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2014/07/16 05:10:29 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/07/16 05:10:29 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/07/16 05:10:29 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014/07/16 05:10:29 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2014/07/16 05:10:29 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2014/07/16 05:10:29 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2014/07/16 05:10:29 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/07/16 05:10:29 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/07/16 05:10:29 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2014/07/16 05:10:29 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2014/07/16 05:10:29 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2014/07/16 05:10:29 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2014/07/16 05:10:29 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2014/07/16 05:10:29 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2014/07/16 05:10:29 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/07/16 05:10:29 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2014/07/16 05:10:29 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/07/16 05:10:29 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAgent.exe
[2014/07/16 05:10:29 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/07/16 05:10:29 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/07/16 05:10:29 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidprov.dll
[2014/07/16 05:10:29 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2014/07/16 05:10:29 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2014/07/16 05:10:29 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2014/07/16 05:10:29 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2014/07/16 05:10:29 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/07/16 05:10:29 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2014/07/16 05:10:29 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidprov.dll
[2014/07/16 05:10:29 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dcomp.dll
[2014/07/16 05:10:29 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/07/16 05:10:29 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2014/07/16 05:10:29 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2014/07/16 05:10:29 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/07/16 05:10:29 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2014/07/16 05:10:29 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/07/16 05:10:29 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2014/07/16 05:10:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsApi.dll
[2014/07/16 05:10:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dcomp.dll
[2014/07/16 05:10:29 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/07/16 05:10:29 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReInfo.dll
[2014/07/16 05:10:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWfdProvider.dll
[2014/07/16 05:10:29 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReInfo.dll
[2014/07/16 05:10:29 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsApi.dll
[2014/07/16 05:10:29 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wof.sys
[2014/07/16 05:10:29 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/07/16 05:10:29 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll
[2014/07/16 05:10:29 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2014/07/16 05:10:29 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/07/16 05:10:29 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/07/16 05:10:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMapi.dll
[2014/07/16 05:10:29 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxproxy.dll
[2014/07/16 05:10:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32tm.exe
[2014/07/16 05:10:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2014/07/16 05:10:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2gpstore.dll
[2014/07/16 05:10:29 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2gpstore.dll
[2014/07/16 05:10:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetNetworkLocation.dll
[2014/07/16 05:10:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sxproxy.dll
[2014/07/16 05:10:29 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CredentialMigrationHandler.dll
[2014/07/16 05:10:29 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CredentialMigrationHandler.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/07 23:39:48 | 000,854,410 | ---- | M] () -- C:\Users\zvika\Desktop\SecurityCheck.exe
[2014/08/07 23:26:41 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/07 23:26:01 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/07 23:26:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/07 23:22:52 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/07 21:18:25 | 000,818,732 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/07 21:18:25 | 000,695,112 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/07 21:18:25 | 000,127,740 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/07 21:14:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/07 21:11:58 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/07 21:04:26 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/08/07 20:55:27 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/07 20:34:26 | 000,002,155 | ---- | M] () -- C:\Users\zvika\Desktop\Windows 8 Manager.lnk
[2014/08/07 20:34:26 | 000,002,144 | ---- | M] () -- C:\Users\zvika\Desktop\1-Click Cleaner.lnk
[2014/08/06 23:11:28 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/08/06 23:06:40 | 000,001,021 | ---- | M] () -- C:\Users\zvika\Desktop\Internet Download Manager.lnk
[2014/08/06 23:06:37 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014/08/06 22:58:55 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/06 22:54:31 | 000,000,714 | ---- | M] () -- C:\Windows\PLTGC.ini.imi
[2014/08/06 22:54:31 | 000,000,415 | ---- | M] () -- C:\Windows\PLTGC.ini.cfl
[2014/08/06 22:54:31 | 000,000,124 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2014/08/06 22:54:26 | 000,000,612 | ---- | M] () -- C:\Windows\System\PLTGC.ini
[2014/08/05 23:34:37 | 000,002,299 | ---- | M] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/08/05 23:33:34 | 000,362,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/05 23:32:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/08/05 23:31:22 | 000,001,363 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/08/05 23:20:51 | 000,001,436 | ---- | M] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/05 23:13:30 | 000,000,641 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/08/05 23:13:30 | 000,000,641 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/07/25 07:01:55 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/07/25 07:01:55 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/07/25 07:01:32 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/07/25 07:01:32 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/07/16 05:16:44 | 002,844,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/07/16 05:16:44 | 002,641,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/07/16 05:16:44 | 002,317,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/07/16 05:16:44 | 002,125,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2014/07/16 05:16:44 | 001,726,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/07/16 05:16:44 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/07/16 05:16:44 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2014/07/16 05:16:44 | 000,794,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvewiz.dll
[2014/07/16 05:16:44 | 000,721,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2014/07/16 05:16:44 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2014/07/16 05:16:44 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2014/07/16 05:16:44 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2014/07/16 05:16:44 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,265,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2014/07/16 05:16:44 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2014/07/16 05:16:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2014/07/16 05:16:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
[2014/07/16 05:16:44 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/07/16 05:16:44 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/07/16 05:16:44 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/07/16 05:16:44 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfgLib.dll
[2014/07/16 05:16:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BulkOperationHost.exe
[2014/07/16 05:16:44 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncobjapi.dll
[2014/07/16 05:16:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/07/16 05:16:44 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncobjapi.dll
[2014/07/16 05:16:44 | 000,050,745 | ---- | M] () -- C:\Windows\SysNative\srms.dat
[2014/07/16 05:15:45 | 008,652,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 007,425,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/16 05:15:45 | 007,173,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 006,645,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/07/16 05:15:45 | 005,833,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 005,774,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/07/16 05:15:45 | 005,104,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 002,688,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2014/07/16 05:15:45 | 002,100,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlowUI.dll
[2014/07/16 05:15:45 | 001,584,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2014/07/16 05:15:45 | 001,466,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/07/16 05:15:45 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2014/07/16 05:15:45 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/07/16 05:15:45 | 001,057,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/07/16 05:15:45 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2014/07/16 05:15:45 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/07/16 05:15:45 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/07/16 05:15:45 | 000,761,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2014/07/16 05:15:45 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2014/07/16 05:15:45 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/07/16 05:15:45 | 000,467,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/07/16 05:15:45 | 000,463,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/07/16 05:15:45 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2014/07/16 05:15:45 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/07/16 05:15:45 | 000,407,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2014/07/16 05:15:45 | 000,384,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/07/16 05:15:45 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/07/16 05:15:45 | 000,370,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2014/07/16 05:15:45 | 000,364,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,337,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/07/16 05:15:45 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/07/16 05:15:45 | 000,307,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/07/16 05:15:45 | 000,305,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2014/07/16 05:15:45 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2014/07/16 05:15:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/07/16 05:15:45 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014/07/16 05:15:45 | 000,263,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2014/07/16 05:15:45 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2014/07/16 05:15:45 | 000,244,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014/07/16 05:15:45 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/07/16 05:15:45 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2014/07/16 05:15:45 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/07/16 05:15:45 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/07/16 05:15:45 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersShell.dll
[2014/07/16 05:15:45 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/07/16 05:15:45 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BootMenuUX.dll
[2014/07/16 05:15:45 | 000,130,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2014/07/16 05:15:45 | 000,125,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2014/07/16 05:15:45 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014/07/16 05:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/07/16 05:15:45 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\energyprov.dll
[2014/07/16 05:15:45 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/07/16 05:15:45 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2014/07/16 05:15:45 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2014/07/16 05:15:45 | 000,032,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ploptin.dll
[2014/07/16 05:15:45 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\spaceport.sys.mui
[2014/07/16 05:15:45 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2014/07/16 05:15:45 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2014/07/16 05:14:55 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/16 05:14:55 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/16 05:14:47 | 001,417,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/07/16 05:14:47 | 000,436,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2014/07/16 05:14:47 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2014/07/16 05:14:40 | 000,834,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/16 05:14:40 | 000,779,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/16 05:14:36 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/16 05:14:36 | 000,488,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/16 05:14:21 | 013,287,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/07/16 05:14:21 | 011,792,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/07/16 05:14:21 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,923,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/07/16 05:14:21 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,827,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/16 05:14:21 | 000,756,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/07/16 05:14:21 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/16 05:14:21 | 000,555,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.appcore.dll
[2014/07/16 05:14:21 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/16 05:14:21 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/16 05:14:21 | 000,054,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/16 05:14:11 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2014/07/16 05:14:11 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/07/16 05:14:11 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drvcfg.exe
[2014/07/16 05:14:02 | 016,871,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 012,711,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 000,668,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2014/07/16 05:14:02 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
[2014/07/16 05:14:02 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2014/07/16 05:14:02 | 000,467,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/07/16 05:14:02 | 000,440,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/07/16 05:14:02 | 000,428,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/07/16 05:14:02 | 000,423,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2014/07/16 05:14:02 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/07/16 05:14:02 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,216,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2014/07/16 05:14:02 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/07/16 05:14:02 | 000,027,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/07/16 05:13:47 | 003,360,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/07/16 05:13:42 | 003,118,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/07/16 05:13:42 | 003,048,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe
[2014/07/16 05:13:42 | 002,861,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcWebSync.dll
[2014/07/16 05:13:42 | 002,834,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2014/07/16 05:13:42 | 002,344,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/07/16 05:13:42 | 000,055,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wpcfltr.sys
[2014/07/16 05:13:37 | 001,336,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/07/16 05:13:33 | 001,975,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/07/16 05:13:18 | 005,721,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/16 05:13:18 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/16 05:13:18 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/16 05:13:18 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/16 05:13:18 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/16 05:13:18 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/16 05:13:18 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/16 05:13:18 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/16 05:13:18 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/16 05:13:18 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/16 05:13:18 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/16 05:13:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/16 05:13:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/16 05:13:18 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/16 05:13:18 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/16 05:13:18 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/16 05:13:18 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/16 05:13:18 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/16 05:13:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/16 05:13:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/16 05:13:18 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/16 05:13:18 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/16 05:13:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/16 05:12:54 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2014/07/16 05:12:54 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
[2014/07/16 05:12:39 | 001,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/16 05:12:39 | 000,419,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.appcore.dll
[2014/07/16 05:12:39 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/07/16 05:12:39 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/07/16 05:12:39 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/07/16 05:12:39 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/16 05:12:39 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/16 05:12:39 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSReset.exe
[2014/07/16 05:12:39 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/07/16 05:12:39 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/16 05:12:39 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/16 05:12:39 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/07/16 05:12:30 | 000,086,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt_map.dll
[2014/07/16 05:12:30 | 000,080,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt_map.dll
[2014/07/16 05:12:30 | 000,028,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt100.dll
[2014/07/16 05:12:30 | 000,026,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt100.dll
[2014/07/16 05:12:27 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/07/16 05:12:27 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/07/16 05:12:20 | 000,257,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/07/16 05:12:20 | 000,123,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2014/07/16 05:12:20 | 000,035,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/07/16 05:11:46 | 000,029,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2014/07/16 05:11:46 | 000,028,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2014/07/16 05:10:29 | 002,900,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/07/16 05:10:29 | 002,373,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/07/16 05:10:29 | 002,270,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/07/16 05:10:29 | 002,141,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/07/16 05:10:29 | 002,133,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/07/16 05:10:29 | 002,088,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/07/16 05:10:29 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2014/07/16 05:10:29 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2014/07/16 05:10:29 | 001,779,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/07/16 05:10:29 | 001,764,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/07/16 05:10:29 | 001,656,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014/07/16 05:10:29 | 001,542,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2014/07/16 05:10:29 | 001,351,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2014/07/16 05:10:29 | 001,306,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2014/07/16 05:10:29 | 001,291,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/07/16 05:10:29 | 001,112,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/07/16 05:10:29 | 001,015,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2014/07/16 05:10:29 | 000,950,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2014/07/16 05:10:29 | 000,924,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2014/07/16 05:10:29 | 000,918,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,887,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2014/07/16 05:10:29 | 000,834,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2014/07/16 05:10:29 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2014/07/16 05:10:29 | 000,717,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/07/16 05:10:29 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2014/07/16 05:10:29 | 000,655,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/07/16 05:10:29 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,621,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAgent.exe
[2014/07/16 05:10:29 | 000,567,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/07/16 05:10:29 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,518,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/07/16 05:10:29 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlidprov.dll
[2014/07/16 05:10:29 | 000,488,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2014/07/16 05:10:29 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2014/07/16 05:10:29 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,412,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,402,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,390,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2014/07/16 05:10:29 | 000,387,210 | ---- | M] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/07/16 05:10:29 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2014/07/16 05:10:29 | 000,379,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/07/16 05:10:29 | 000,376,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2014/07/16 05:10:29 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidprov.dll
[2014/07/16 05:10:29 | 000,356,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dcomp.dll
[2014/07/16 05:10:29 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/07/16 05:10:29 | 000,299,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2014/07/16 05:10:29 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2014/07/16 05:10:29 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/07/16 05:10:29 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2014/07/16 05:10:29 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/07/16 05:10:29 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2014/07/16 05:10:29 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsApi.dll
[2014/07/16 05:10:29 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dcomp.dll
[2014/07/16 05:10:29 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/07/16 05:10:29 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReInfo.dll
[2014/07/16 05:10:29 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dafWfdProvider.dll
[2014/07/16 05:10:29 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ReInfo.dll
[2014/07/16 05:10:29 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsApi.dll
[2014/07/16 05:10:29 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,157,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wof.sys
[2014/07/16 05:10:29 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,136,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/07/16 05:10:29 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll
[2014/07/16 05:10:29 | 000,113,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2014/07/16 05:10:29 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/07/16 05:10:29 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/07/16 05:10:29 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMapi.dll
[2014/07/16 05:10:29 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sxproxy.dll
[2014/07/16 05:10:29 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\w32tm.exe
[2014/07/16 05:10:29 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2014/07/16 05:10:29 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\l2gpstore.dll
[2014/07/16 05:10:29 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\l2gpstore.dll
[2014/07/16 05:10:29 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\HidBthLE.dll
[2014/07/16 05:10:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetNetworkLocation.dll
[2014/07/16 05:10:29 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sxproxy.dll
[2014/07/16 05:10:29 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CredentialMigrationHandler.dll
[2014/07/16 05:10:29 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CredentialMigrationHandler.dll
[2014/07/09 21:16:37 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/07/09 21:03:58 | 004,756,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/07/09 20:33:41 | 001,120,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
 
========== Files Created - No Company Name ==========
 
[2014/08/07 23:39:46 | 000,854,410 | ---- | C] () -- C:\Users\zvika\Desktop\SecurityCheck.exe
[2014/08/07 21:04:26 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/08/07 20:55:27 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/07 20:55:12 | 000,002,579 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/08/07 20:34:26 | 000,002,155 | ---- | C] () -- C:\Users\zvika\Desktop\Windows 8 Manager.lnk
[2014/08/07 20:34:26 | 000,002,144 | ---- | C] () -- C:\Users\zvika\Desktop\1-Click Cleaner.lnk
[2014/08/06 23:11:28 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/06 23:06:40 | 000,001,021 | ---- | C] () -- C:\Users\zvika\Desktop\Internet Download Manager.lnk
[2014/08/06 23:06:37 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014/08/06 22:58:55 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/06 22:54:31 | 000,833,312 | ---- | C] () -- C:\Windows\SysNative\PLTGC.exe
[2014/08/06 22:54:31 | 000,000,415 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2014/08/06 22:54:31 | 000,000,124 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2014/08/06 22:54:26 | 000,365,856 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2014/08/06 22:54:26 | 000,004,024 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2014/08/06 22:54:26 | 000,000,714 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2014/08/06 22:54:26 | 000,000,612 | ---- | C] () -- C:\Windows\System\PLTGC.ini
[2014/08/06 22:54:25 | 000,000,498 | ---- | C] () -- C:\Windows\PLTGC.ini
[2014/08/05 23:32:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/08/05 23:31:22 | 000,001,363 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/08/05 23:30:42 | 003,826,628 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/08/05 23:29:45 | 000,835,032 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll
[2014/08/05 23:29:45 | 000,026,353 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/08/05 23:22:00 | 000,002,299 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/08/05 23:22:00 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/05 23:21:42 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/05 23:21:42 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/05 23:20:51 | 000,001,436 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/05 23:18:34 | 000,001,442 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/08/05 23:18:08 | 000,000,369 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/08/05 23:18:08 | 000,000,369 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/08/05 23:18:08 | 000,000,352 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/08/05 23:18:08 | 000,000,334 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/08/05 23:12:53 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/07/16 05:16:44 | 000,050,745 | ---- | C] () -- C:\Windows\SysNative\srms.dat
[2014/07/16 05:10:29 | 000,387,210 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/03/18 03:21:15 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 03:20:26 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 08:36:25 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 08:36:24 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 07:45:38 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/16 05:15:45 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/16 05:15:45 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/08/06 23:06:40 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\Battle.net
[2014/08/07 21:11:17 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\DMCache
[2014/08/05 23:22:40 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\ESET
[2014/08/07 20:33:29 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\IDM
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\zvika\OneDrive:ms-properties
 
< End of report >

3.Extras.txt

 

OTL Extras logfile created on: 8/7/2014 11:41:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zvika\Downloads\Programs
64bit- Enterprise Edition N  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
11.98 Gb Total Physical Memory | 9.20 Gb Available Physical Memory | 76.73% Memory free
14.36 Gb Paging File | 11.15 Gb Available in Paging File | 77.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.57 Gb Total Space | 186.30 Gb Free Space | 83.33% Space Free | Partition Type: NTFS
Drive D: | 146.48 Gb Total Space | 51.90 Gb Free Space | 35.43% Space Free | Partition Type: NTFS
Drive F: | 29.28 Gb Total Space | 16.77 Gb Free Space | 57.28% Space Free | Partition Type: FAT32
Drive G: | 111.69 Gb Total Space | 37.41 Gb Free Space | 33.49% Space Free | Partition Type: NTFS
Drive H: | 703.12 Gb Total Space | 46.43 Gb Free Space | 6.60% Space Free | Partition Type: NTFS
Drive I: | 52.60 Gb Total Space | 28.11 Gb Free Space | 53.44% Space Free | Partition Type: NTFS
 
Computer Name: ZVIKA | User Name: zvika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = A6 4E 27 AC 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{076FC5FA-6BD9-4DBF-9448-4CF7AE5E6F36}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1F5D9BDD-81AC-4272-BD89-F89852749B67}" = lport=137 | protocol=17 | dir=in | app=system | 
"{42BA6587-8B32-4180-AB3F-9F6398D830DF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{4A2181B0-B5D6-479D-B5B7-9C48F08D792D}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{4AA4CFA7-9FAD-4F10-A340-9DAA4DC85739}" = lport=445 | protocol=6 | dir=in | app=system | 
"{549B17FC-337A-4B1B-8564-5605CE419A37}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{54CF96B9-9A48-4A53-963D-2DE42E7C2068}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5B947A81-407F-4346-ADD2-250268206C0C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{5DB33F0D-394B-4124-8299-D48D674CD71F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{6C85BEEE-5FD8-4DAF-9CF5-BDF76ACD4BD2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8688FAC8-7144-4BCF-A105-6E22773D79EA}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{9265C677-C2F5-4603-8648-232FBD328137}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{95C35A95-CDA3-4EF3-BA10-1CA6528C13D1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{9A2AF607-BD4F-4C35-827A-A7F6116CAC8C}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A498366A-F66F-463B-B934-67D9E11949CC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C3A38A1A-640D-4951-887F-B5E09A82ED50}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{E115126D-3D25-4B25-B5D2-0C131578846C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F4AE3A97-5614-4148-B1DE-3D912E09BB21}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{F639E96E-9B60-4B04-B941-04E27D271262}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B59494-8963-4917-8E26-F99F80BD01BC}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{0669CEEF-6454-4094-AEAE-486A52D8BE1C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe | 
"{06BD1B43-78F9-4191-BC09-58E3B7A8C2A6}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{0BB592D9-069A-4BFF-9082-6E6033BC7D0D}" = dir=out | name=@{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{1740CB92-DFCA-4B80-B2C5-F92977A938F7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1B79F722-D833-4663-B7F0-4BC22F883648}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{2C70F328-24B3-46F5-8D5E-EB3715150F12}" = dir=out | name=windows_ie_ac_001 | 
"{33354E38-EF5F-4E08-8A04-4D8ED12853C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3B9ED80B-EC48-4816-B68A-155D78A094F3}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{3C52CEF3-AFFC-41C3-AF1E-4C43D3BCF87C}" = dir=in | name=f5.vpn.client | 
"{41E8D617-19A4-4DF6-AD1B-FF95E49181D5}" = dir=out | name=@{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | 
"{4FCFBFE1-2FE9-41BB-B488-CEDA578523F2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{67216FF5-9BCE-4DA5-8010-89D6E1BC152B}" = dir=in | name=onenote | 
"{707D823A-412B-4794-ADD3-AC6E076419E1}" = dir=out | name=f5.vpn.client | 
"{70EB8721-183C-4211-92D0-49AED5858518}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{73759FD4-C3DC-4E3B-87E3-C9EDDF71BF85}" = dir=in | name=junipernetworks.junospulsevpn | 
"{75535E7D-4718-4DB9-8308-3E4E30922FEF}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{7D7DCFA8-E8B3-400B-9DFD-ECABA61F8873}" = dir=out | name=junipernetworks.junospulsevpn | 
"{7E16C119-3FA6-48D3-ADCE-E824D6B6C3BD}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{8F554CD7-F09D-4649-A931-2FD7C83EEBC9}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.315_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{91F602FC-2E1B-46C8-964E-FFAC4DF07236}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{99645FF9-1275-4FA5-AD09-24C1514B765A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{9CA1AA24-C7EE-4F27-8676-F0699BBAB4C6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{A05FCCC8-3E5B-4A40-85AB-C957ADA973DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe | 
"{A5A96F77-4ABB-45BB-9F86-A14937A37449}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A610FD37-00BB-4046-9B2B-D1880D734238}" = dir=in | name=sonicwall.mobileconnect | 
"{AD720B4E-6DEC-4BC8-90D8-8F6AF857DD60}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{AF2A8D63-2DC9-406A-B7F3-67E50D26F6DE}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 
"{B1F43F24-1E30-4854-B19D-E6D2F8319AD5}" = dir=out | name=@{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{B5AA8671-9715-40E3-9F44-939275B95B3A}" = dir=in | name=checkpoint.vpn | 
"{C59E9813-91CB-4E4D-9772-BC6240CADB38}" = dir=out | name=@{microsoft.bingsports_3.0.2.317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{DA4C6B93-CE67-4399-BB3F-9DC79894F856}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 
"{E3B2C8E5-A137-40C7-8692-A75230EAE655}" = dir=out | name=sonicwall.mobileconnect | 
"{E69D8446-9E3D-4495-B9D1-C4BDA8F8A916}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{E7B73603-E0CA-496D-B2EC-447F85A80EFC}" = dir=out | name=onenote | 
"{EA36696A-978C-4550-B200-8EFEB8D0A038}" = dir=out | name=checkpoint.vpn | 
"{F2AB62C6-1F09-4984-B334-C0AB7D065A3E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FA9683A3-3827-4563-A341-3B910CEFF61F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FB7FB999-18EC-432E-9C1F-5D305E344B0D}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{35576D8C-334D-4CFE-AE89-C3AA6513456B}" = Windows 8 Manager
"{5E6F6CE8-1A35-4629-A550-376D4FF74F9B}" = ESET Smart Security
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"HardlinkShellExt" = Link Shell Extension
"WinRAR archiver" = WinRAR 5.10 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{EB3C9064-9140-4279-9E51-965119402151}" = Plantronics® GameCom 780/788 Software for Dolby® Headphone
"Battle.net" = Battle.net
"Google Chrome" = Google Chrome
"Internet Download Manager" = Internet Download Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Razer Core" = Razer Core
"VLC media player" = VLC media player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/6/2014 2:20:43 AM | Computer Name = Zvika | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
Error - 8/6/2014 2:32:27 AM | Computer Name = Zvika | Source = RzOvlMon | ID = 0
Description = 
 
Error - 8/6/2014 2:35:58 AM | Computer Name = Zvika | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error - 8/7/2014 1:54:33 AM | Computer Name = Zvika | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
Error - 8/8/2014 12:13:15 AM | Computer Name = Zvika | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.3.9600.17039, 
time stamp: 0x53156588  Faulting module name: msvcrt.dll, version: 7.0.9600.16384,
 time stamp: 0x5215f944  Exception code: 0x40000015  Fault offset: 0x0000000000055326
Faulting
 process id: 0x798  Faulting application start time: 0x01cfb2bf12696319  Faulting application
 path: C:\Windows\explorer.exe  Faulting module path: C:\Windows\system32\msvcrt.dll
Report
 Id: 5142ea30-1eb2-11e4-9c00-1c6f65c4cd7b  Faulting package full name:   Faulting package-relative
 application ID: 
 
[ System Events ]
Error - 8/6/2014 2:38:22 AM | Computer Name = Zvika | Source = DCOM | ID = 10010
Description = 
 
Error - 8/7/2014 2:11:56 AM | Computer Name = Zvika | Source = DCOM | ID = 10010
Description = 
 
Error - 8/7/2014 2:11:57 AM | Computer Name = Zvika | Source = DCOM | ID = 10010
Description = 
 
Error - 8/7/2014 2:12:00 AM | Computer Name = Zvika | Source = DCOM | ID = 10010
Description = 
 
Error - 8/7/2014 2:12:00 AM | Computer Name = Zvika | Source = DCOM | ID = 10010
Description = 
 
Error - 8/7/2014 2:17:18 AM | Computer Name = Zvika | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the Spooler service.
 
Error - 8/7/2014 2:28:25 AM | Computer Name = Zvika | Source = DCOM | ID = 10016
Description = 
 
Error - 8/7/2014 2:29:34 AM | Computer Name = Zvika | Source = DCOM | ID = 10016
Description = 
 
Error - 8/7/2014 3:01:17 AM | Computer Name = Zvika | Source = DCOM | ID = 10016
Description = 
 
Error - 8/8/2014 12:11:17 AM | Computer Name = Zvika | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >


#5 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:37 PM

Posted 07 August 2014 - 04:28 PM

Hello zvi8875,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 zvi8875

zvi8875
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:37 PM

Posted 09 August 2014 - 05:55 AM

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
 
Database version: v2014.08.09.02
 
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17207
zvika :: ZVIKA [administrator]
 
8/9/2014 1:50:35 PM
mbar-log-2014-08-09 (13-50-35).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 286814
Time elapsed: 2 minute(s), 49 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 

# AdwCleaner v3.304 - Report created 09/08/2014 at 13:54:47
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 Enterprise N  (64 bits)
# Username : zvika - ZVIKA
# Running from : C:\Users\zvika\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [794 octets] - [09/08/2014 13:51:02]
AdwCleaner[R1].txt - [842 octets] - [09/08/2014 13:53:02]
AdwCleaner[R2].txt - [763 octets] - [09/08/2014 13:54:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [822 octets] ##########


#7 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:37 PM

Posted 09 August 2014 - 06:21 AM

Hello zvi8875,

why do you think your pc is infected?
 

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run OTL again.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 zvi8875

zvi8875
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:37 PM

Posted 09 August 2014 - 06:30 AM

one of my account has been hacked recently so i wanted to check my computer.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Enterprise N x64
Ran by zvika on Sat 08/09/2014 at 14:23:38.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/09/2014 at 14:25:54.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#9 zvi8875

zvi8875
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:37 PM

Posted 09 August 2014 - 06:34 AM

OTL logfile created on: 8/9/2014 2:32:19 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zvika\Desktop\OTL
64bit- Enterprise Edition N  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
11.98 Gb Total Physical Memory | 9.26 Gb Available Physical Memory | 77.31% Memory free
23.98 Gb Paging File | 20.87 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.57 Gb Total Space | 174.60 Gb Free Space | 78.10% Space Free | Partition Type: NTFS
Drive D: | 146.48 Gb Total Space | 51.90 Gb Free Space | 35.43% Space Free | Partition Type: NTFS
Drive F: | 29.28 Gb Total Space | 16.77 Gb Free Space | 57.28% Space Free | Partition Type: FAT32
Drive G: | 111.69 Gb Total Space | 37.41 Gb Free Space | 33.49% Space Free | Partition Type: NTFS
Drive H: | 703.12 Gb Total Space | 46.43 Gb Free Space | 6.60% Space Free | Partition Type: NTFS
Drive I: | 52.60 Gb Total Space | 28.11 Gb Free Space | 53.44% Space Free | Partition Type: NTFS
 
Computer Name: ZVIKA | User Name: zvika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\zvika\Desktop\OTL\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe ()
MOD - C:\Program Files\Plantronics\GameCom 780 & 788\VMixPLGC.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files\LinkShellExtension\32\RockallDLL.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (RzOvlMon) -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe (Razer, Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (busenum) -- C:\Windows\SysNative\drivers\SteelBus64.sys (SteelSeries Corporation)
DRV:64bit: - (SAlphamHid) -- C:\Windows\SysNative\drivers\SAlpham64.sys (SteelSeries Corporation)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (RzDxgk) -- C:\Windows\SysNative\drivers\RzDxgk.sys (Razer, Inc.)
DRV:64bit: - (RzFilter) -- C:\Windows\SysNative\drivers\RzFilter.sys (Razer, Inc.)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (PlantronicsGC) -- C:\Windows\SysNative\drivers\PLTGC.sys (C-Media Electronics Inc)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (edevmon) -- C:\Windows\SysNative\drivers\edevmon.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://il.msn.com/?rd=1&ucc=IL&dcc=IL&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 EC 36 93 3E B1 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014/08/05 23:21:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\zvika\AppData\Roaming\IDM\idmmzcc5 [2014/08/06 23:06:46 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: iCloud Bookmarks = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\
CHR - Extension: HTTPS Everywhere = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2014.6.26_0\
CHR - Extension: AdBlock = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.9_0\
CHR - Extension: Hola Better Internet = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.4.361_0\
CHR - Extension: IDM Integration Module = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.21_0\
CHR - Extension: Google Wallet = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\zvika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (SteelSeries ApS)
O4 - Startup: C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D174A4-B080-49B0-9C06-F72A4FB1FA8A}: DhcpNameServer = 10.0.0.138
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{aef88a77-1d30-11e4-9bf7-806e6f6e6963}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/09 14:24:23 | 000,000,000 | ---D | C] -- C:\Users\zvika\Desktop\OTL
[2014/08/09 14:23:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/09 14:23:20 | 000,000,000 | ---D | C] -- C:\Users\zvika\Desktop\JRT
[2014/08/09 14:05:13 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\SteelSeries_ApS
[2014/08/09 14:05:10 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\SteelSeries
[2014/08/09 14:04:25 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
[2014/08/09 14:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SteelSeries
[2014/08/09 14:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\SteelSeries
[2014/08/09 13:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014/08/09 13:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014/08/09 13:59:17 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Tukui
[2014/08/09 13:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui
[2014/08/09 13:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tukui
[2014/08/09 13:58:56 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Downloaded Installations
[2014/08/09 13:50:56 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/08/09 13:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/08/09 13:50:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/09 13:49:52 | 000,000,000 | ---D | C] -- C:\Users\zvika\Desktop\mbar
[2014/08/08 18:00:35 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Curse Advertising
[2014/08/08 17:59:44 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2014/08/08 17:59:19 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Deployment
[2014/08/08 17:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/08/08 17:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/08/08 17:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/08/08 17:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/08/08 17:58:25 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2014/08/08 17:58:25 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2014/08/08 17:58:25 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/08/08 17:58:25 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/08/08 17:58:25 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/08 17:58:25 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/08 13:48:58 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/08/08 13:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/08/07 23:52:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Diagnostics
[2014/08/07 23:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/08/07 23:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/08/07 21:06:43 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Apps
[2014/08/07 21:05:23 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\vlc
[2014/08/07 21:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/08/07 21:04:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/08/07 20:55:28 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Apple Computer
[2014/08/07 20:55:28 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Apple Computer
[2014/08/07 20:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/08/07 20:55:26 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014/08/07 20:55:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/08/07 20:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/07 20:55:13 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Apple
[2014/08/07 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014/08/07 20:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014/08/07 20:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/08/07 20:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/08/07 20:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/08/07 20:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014/08/07 20:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2014/08/06 23:06:46 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\NVIDIA
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\IDM
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\DMCache
[2014/08/06 23:06:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Blizzard Entertainment
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Battle.net
[2014/08/06 23:06:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Battle.net
[2014/08/06 23:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014/08/06 23:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014/08/06 23:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\LinkShellExtension
[2014/08/06 23:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
[2014/08/06 22:59:00 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/06 22:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/06 22:58:53 | 000,092,888 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/06 22:58:53 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/08/06 22:58:53 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/08/06 22:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/06 22:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/06 22:58:45 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Programs
[2014/08/06 22:57:13 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\WinRAR
[2014/08/06 22:57:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/08/06 22:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/08/06 22:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/08/06 22:54:41 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/08/06 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
[2014/08/06 22:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\Plantronics
[2014/08/06 22:54:25 | 000,524,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2014/08/06 22:54:15 | 001,327,104 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\PLTGC.sys
[2014/08/06 22:54:15 | 000,321,824 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltrPLTGC.dll
[2014/08/06 22:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plantronics
[2014/08/06 22:51:33 | 000,000,000 | ---D | C] -- C:\WoW
[2014/08/06 22:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014/08/06 00:12:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/08/05 23:34:50 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Razer
[2014/08/05 23:32:51 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Razer_Inc
[2014/08/05 23:32:27 | 000,129,472 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzDxgk.sys
[2014/08/05 23:32:27 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys
[2014/08/05 23:32:25 | 000,000,000 | ---D | C] -- C:\Windows\Razer Core
[2014/08/05 23:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2014/08/05 23:31:20 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014/08/05 23:31:20 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014/08/05 23:31:19 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014/08/05 23:31:19 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014/08/05 23:31:19 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014/08/05 23:31:19 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014/08/05 23:31:19 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\NVIDIA Corporation
[2014/08/05 23:31:18 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/08/05 23:31:18 | 001,291,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/08/05 23:31:18 | 001,283,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/08/05 23:31:18 | 001,126,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/08/05 23:31:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/08/05 23:31:10 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/08/05 23:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/08/05 23:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/08/05 23:31:04 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/08/05 23:31:04 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014/08/05 23:31:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/08/05 23:31:03 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/05 23:31:03 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/05 23:31:03 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/08/05 23:30:48 | 000,609,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/08/05 23:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/08/05 23:30:42 | 006,783,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/08/05 23:30:42 | 003,522,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/08/05 23:30:42 | 000,386,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/08/05 23:30:42 | 000,062,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/08/05 23:30:37 | 000,075,040 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/08/05 23:30:37 | 000,061,912 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/08/05 23:29:46 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014/08/05 23:29:46 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014/08/05 23:29:46 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/08/05 23:29:46 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014/08/05 23:29:46 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/08/05 23:29:46 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014/08/05 23:29:45 | 031,512,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/08/05 23:29:45 | 024,196,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/08/05 23:29:45 | 022,994,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/08/05 23:29:45 | 018,626,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/08/05 23:29:45 | 017,555,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/08/05 23:29:45 | 016,122,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/08/05 23:29:45 | 015,294,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/08/05 23:29:45 | 014,498,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/08/05 23:29:45 | 013,922,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/08/05 23:29:45 | 013,835,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/08/05 23:29:45 | 011,283,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/08/05 23:29:45 | 011,222,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/08/05 23:29:45 | 004,247,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/08/05 23:29:45 | 003,989,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/08/05 23:29:45 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014/08/05 23:29:45 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014/08/05 23:29:45 | 000,965,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014/08/05 23:29:45 | 000,944,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/08/05 23:29:45 | 000,907,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/08/05 23:29:45 | 000,903,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/08/05 23:29:45 | 000,869,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/08/05 23:29:45 | 000,846,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/08/05 23:29:45 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/08/05 23:29:45 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/08/05 23:29:45 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/08/05 23:29:45 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/08/05 23:29:44 | 003,196,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014/08/05 23:29:44 | 002,814,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/08/05 23:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/08/05 23:27:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2014/08/05 23:24:06 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\NVIDIA
[2014/08/05 23:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/08/05 23:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/08/05 23:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/08/05 23:22:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\ESET
[2014/08/05 23:22:40 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\ESET
[2014/08/05 23:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/08/05 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/08/05 23:21:39 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Google
[2014/08/05 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/08/05 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/08/05 23:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/08/05 23:20:54 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Macromedia
[2014/08/05 23:20:53 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\EmieUserList
[2014/08/05 23:20:53 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\EmieSiteList
[2014/08/05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\zvika\OneDrive
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\Searches
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\Contacts
[2014/08/05 23:18:34 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/08/05 23:18:34 | 000,000,000 | -H-D | C] -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/08/05 23:18:34 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\VirtualStore
[2014/08/05 23:18:34 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Adobe
[2014/08/05 23:18:33 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Packages
[2014/08/05 23:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2014/08/05 23:18:08 | 000,000,000 | --SD | C] -- C:\Users\zvika\AppData\Roaming\Microsoft
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Videos
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Saved Games
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Pictures
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Music
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Links
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Favorites
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Downloads
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Documents
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\Desktop
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/08/05 23:18:08 | 000,000,000 | R--D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\Temporary Internet Files
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Templates
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Start Menu
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\SendTo
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Recent
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\PrintHood
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\NetHood
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Documents\My Videos
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Documents\My Pictures
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Documents\My Music
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\My Documents
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Local Settings
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\History
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Cookies
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\Application Data
[2014/08/05 23:18:08 | 000,000,000 | -HSD | C] -- C:\Users\zvika\AppData\Local\Application Data
[2014/08/05 23:18:08 | 000,000,000 | -H-D | C] -- C:\Users\zvika\AppData
[2014/08/05 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Temp
[2014/08/05 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Local\Microsoft
[2014/08/05 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/08/05 23:14:40 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2014/08/05 23:14:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/08/05 23:13:28 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/08/05 23:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/08/05 23:12:51 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/07/23 04:02:18 | 000,180,136 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2014/07/16 05:20:47 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2014/07/16 05:16:44 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/07/16 05:16:44 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/07/16 05:16:44 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/07/16 05:16:44 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2014/07/16 05:16:44 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/07/16 05:16:44 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/07/16 05:16:44 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2014/07/16 05:16:44 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvewiz.dll
[2014/07/16 05:16:44 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2014/07/16 05:16:44 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2014/07/16 05:16:44 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2014/07/16 05:16:44 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2014/07/16 05:16:44 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2014/07/16 05:16:44 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2014/07/16 05:16:44 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2014/07/16 05:16:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
[2014/07/16 05:16:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/07/16 05:16:44 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/07/16 05:16:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/07/16 05:16:44 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfgLib.dll
[2014/07/16 05:16:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BulkOperationHost.exe
[2014/07/16 05:16:44 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncobjapi.dll
[2014/07/16 05:16:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/07/16 05:16:44 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncobjapi.dll
[2014/07/16 05:15:45 | 008,652,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/16 05:15:45 | 007,173,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 006,645,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/07/16 05:15:45 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 005,774,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/07/16 05:15:45 | 005,104,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 002,688,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2014/07/16 05:15:45 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlowUI.dll
[2014/07/16 05:15:45 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2014/07/16 05:15:45 | 001,466,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/07/16 05:15:45 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2014/07/16 05:15:45 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/07/16 05:15:45 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/07/16 05:15:45 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2014/07/16 05:15:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/07/16 05:15:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/07/16 05:15:45 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2014/07/16 05:15:45 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2014/07/16 05:15:45 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/07/16 05:15:45 | 000,467,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/07/16 05:15:45 | 000,463,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/07/16 05:15:45 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2014/07/16 05:15:45 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/07/16 05:15:45 | 000,407,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2014/07/16 05:15:45 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/07/16 05:15:45 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/07/16 05:15:45 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2014/07/16 05:15:45 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,337,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/07/16 05:15:45 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/07/16 05:15:45 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/07/16 05:15:45 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2014/07/16 05:15:45 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2014/07/16 05:15:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/07/16 05:15:45 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014/07/16 05:15:45 | 000,263,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2014/07/16 05:15:45 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2014/07/16 05:15:45 | 000,244,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014/07/16 05:15:45 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/07/16 05:15:45 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2014/07/16 05:15:45 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/07/16 05:15:45 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/07/16 05:15:45 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersShell.dll
[2014/07/16 05:15:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/07/16 05:15:45 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BootMenuUX.dll
[2014/07/16 05:15:45 | 000,130,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2014/07/16 05:15:45 | 000,125,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2014/07/16 05:15:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014/07/16 05:15:45 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/07/16 05:15:45 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\energyprov.dll
[2014/07/16 05:15:45 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/07/16 05:15:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2014/07/16 05:15:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2014/07/16 05:15:45 | 000,032,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ploptin.dll
[2014/07/16 05:15:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2014/07/16 05:15:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2014/07/16 05:14:47 | 001,417,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/07/16 05:14:47 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2014/07/16 05:14:47 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2014/07/16 05:14:40 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/16 05:14:40 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/16 05:14:36 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/16 05:14:36 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/16 05:14:21 | 013,287,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/07/16 05:14:21 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/07/16 05:14:21 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/07/16 05:14:21 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/16 05:14:21 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/07/16 05:14:21 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/16 05:14:21 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.appcore.dll
[2014/07/16 05:14:21 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/16 05:14:21 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/16 05:14:21 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/16 05:14:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2014/07/16 05:14:11 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/07/16 05:14:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvcfg.exe
[2014/07/16 05:14:02 | 016,871,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 012,711,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2014/07/16 05:14:02 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
[2014/07/16 05:14:02 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2014/07/16 05:14:02 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/07/16 05:14:02 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/07/16 05:14:02 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/07/16 05:14:02 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2014/07/16 05:14:02 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/07/16 05:14:02 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2014/07/16 05:14:02 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/07/16 05:14:02 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/07/16 05:13:47 | 003,360,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/07/16 05:13:42 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/07/16 05:13:42 | 003,048,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe
[2014/07/16 05:13:42 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcWebSync.dll
[2014/07/16 05:13:42 | 002,834,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2014/07/16 05:13:42 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/07/16 05:13:42 | 000,055,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wpcfltr.sys
[2014/07/16 05:13:37 | 001,336,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/07/16 05:13:33 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/07/16 05:13:18 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/16 05:13:18 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/16 05:13:18 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/16 05:13:18 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/16 05:13:18 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/16 05:13:18 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/16 05:13:18 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/16 05:13:18 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/16 05:13:18 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/16 05:13:18 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/16 05:13:18 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/16 05:13:18 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/16 05:13:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/16 05:13:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/16 05:13:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/16 05:13:18 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/16 05:13:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/16 05:13:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/16 05:13:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/16 05:13:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/16 05:13:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/16 05:13:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/16 05:13:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/16 05:12:54 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2014/07/16 05:12:54 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
[2014/07/16 05:12:39 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/16 05:12:39 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.appcore.dll
[2014/07/16 05:12:39 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/07/16 05:12:39 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/07/16 05:12:39 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/07/16 05:12:39 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/16 05:12:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/16 05:12:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSReset.exe
[2014/07/16 05:12:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/07/16 05:12:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/16 05:12:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/16 05:12:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/07/16 05:12:30 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mrt_map.dll
[2014/07/16 05:12:30 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt_map.dll
[2014/07/16 05:12:30 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mrt100.dll
[2014/07/16 05:12:30 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt100.dll
[2014/07/16 05:12:27 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/07/16 05:12:27 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/07/16 05:12:20 | 000,257,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/07/16 05:12:20 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2014/07/16 05:12:20 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/07/16 05:11:46 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2014/07/16 05:11:46 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2014/07/16 05:10:29 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/07/16 05:10:29 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/07/16 05:10:29 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/07/16 05:10:29 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/07/16 05:10:29 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/07/16 05:10:29 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/07/16 05:10:29 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2014/07/16 05:10:29 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2014/07/16 05:10:29 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/07/16 05:10:29 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/07/16 05:10:29 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014/07/16 05:10:29 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2014/07/16 05:10:29 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2014/07/16 05:10:29 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2014/07/16 05:10:29 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/07/16 05:10:29 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/07/16 05:10:29 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2014/07/16 05:10:29 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2014/07/16 05:10:29 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2014/07/16 05:10:29 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2014/07/16 05:10:29 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2014/07/16 05:10:29 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2014/07/16 05:10:29 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/07/16 05:10:29 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2014/07/16 05:10:29 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/07/16 05:10:29 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAgent.exe
[2014/07/16 05:10:29 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/07/16 05:10:29 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/07/16 05:10:29 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidprov.dll
[2014/07/16 05:10:29 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2014/07/16 05:10:29 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2014/07/16 05:10:29 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2014/07/16 05:10:29 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2014/07/16 05:10:29 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/07/16 05:10:29 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2014/07/16 05:10:29 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidprov.dll
[2014/07/16 05:10:29 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dcomp.dll
[2014/07/16 05:10:29 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/07/16 05:10:29 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2014/07/16 05:10:29 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2014/07/16 05:10:29 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/07/16 05:10:29 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2014/07/16 05:10:29 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/07/16 05:10:29 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2014/07/16 05:10:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsApi.dll
[2014/07/16 05:10:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dcomp.dll
[2014/07/16 05:10:29 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/07/16 05:10:29 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReInfo.dll
[2014/07/16 05:10:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWfdProvider.dll
[2014/07/16 05:10:29 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReInfo.dll
[2014/07/16 05:10:29 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsApi.dll
[2014/07/16 05:10:29 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wof.sys
[2014/07/16 05:10:29 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/07/16 05:10:29 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll
[2014/07/16 05:10:29 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2014/07/16 05:10:29 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/07/16 05:10:29 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/07/16 05:10:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMapi.dll
[2014/07/16 05:10:29 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxproxy.dll
[2014/07/16 05:10:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32tm.exe
[2014/07/16 05:10:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2014/07/16 05:10:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2gpstore.dll
[2014/07/16 05:10:29 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2gpstore.dll
[2014/07/16 05:10:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetNetworkLocation.dll
[2014/07/16 05:10:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sxproxy.dll
[2014/07/16 05:10:29 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CredentialMigrationHandler.dll
[2014/07/16 05:10:29 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CredentialMigrationHandler.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/09 14:31:36 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/09 14:31:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/09 14:29:36 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/09 14:29:34 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/09 14:29:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/09 14:26:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/09 14:17:37 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/09 14:17:37 | 000,730,408 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/09 14:17:37 | 000,135,520 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/09 13:59:53 | 000,000,885 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2014/08/09 13:59:04 | 000,002,779 | ---- | M] () -- C:\Users\Public\Desktop\Tukui Client.lnk
[2014/08/09 13:50:03 | 001,366,203 | ---- | M] () -- C:\Users\zvika\Desktop\AdwCleaner.exe
[2014/08/09 13:49:53 | 000,092,888 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/08 18:00:31 | 000,000,000 | ---- | M] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2014/08/08 17:59:44 | 000,000,318 | ---- | M] () -- C:\Users\zvika\Desktop\Curse Client.appref-ms
[2014/08/08 13:48:25 | 475,073,134 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/08/07 23:50:49 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/07 23:39:48 | 000,854,410 | ---- | M] () -- C:\Users\zvika\Desktop\SecurityCheck.exe
[2014/08/07 21:04:26 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/08/07 20:55:27 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/07 20:34:26 | 000,002,155 | ---- | M] () -- C:\Users\zvika\Desktop\Windows 8 Manager.lnk
[2014/08/07 20:34:26 | 000,002,144 | ---- | M] () -- C:\Users\zvika\Desktop\1-Click Cleaner.lnk
[2014/08/06 23:11:28 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/08/06 23:06:40 | 000,001,021 | ---- | M] () -- C:\Users\zvika\Desktop\Internet Download Manager.lnk
[2014/08/06 23:06:37 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014/08/06 22:58:55 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/06 22:54:31 | 000,000,714 | ---- | M] () -- C:\Windows\PLTGC.ini.imi
[2014/08/06 22:54:31 | 000,000,415 | ---- | M] () -- C:\Windows\PLTGC.ini.cfl
[2014/08/06 22:54:31 | 000,000,124 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2014/08/06 22:54:26 | 000,000,612 | ---- | M] () -- C:\Windows\System\PLTGC.ini
[2014/08/05 23:34:37 | 000,002,299 | ---- | M] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/08/05 23:33:34 | 000,362,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/05 23:32:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/08/05 23:31:22 | 000,001,363 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/08/05 23:20:51 | 000,001,436 | ---- | M] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/05 23:13:30 | 000,000,641 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/08/05 23:13:30 | 000,000,641 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/07/25 07:01:55 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/07/25 07:01:55 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/07/25 07:01:32 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/07/25 07:01:32 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/07/16 05:16:44 | 002,844,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/07/16 05:16:44 | 002,641,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/07/16 05:16:44 | 002,317,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/07/16 05:16:44 | 002,125,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2014/07/16 05:16:44 | 001,726,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/07/16 05:16:44 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/07/16 05:16:44 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2014/07/16 05:16:44 | 000,794,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvewiz.dll
[2014/07/16 05:16:44 | 000,721,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2014/07/16 05:16:44 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2014/07/16 05:16:44 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2014/07/16 05:16:44 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2014/07/16 05:16:44 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,265,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/07/16 05:16:44 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2014/07/16 05:16:44 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2014/07/16 05:16:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/07/16 05:16:44 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2014/07/16 05:16:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
[2014/07/16 05:16:44 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/07/16 05:16:44 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/07/16 05:16:44 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/07/16 05:16:44 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfgLib.dll
[2014/07/16 05:16:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BulkOperationHost.exe
[2014/07/16 05:16:44 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncobjapi.dll
[2014/07/16 05:16:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/07/16 05:16:44 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncobjapi.dll
[2014/07/16 05:16:44 | 000,050,745 | ---- | M] () -- C:\Windows\SysNative\srms.dat
[2014/07/16 05:15:45 | 008,652,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 007,425,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/16 05:15:45 | 007,173,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 006,645,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/07/16 05:15:45 | 005,833,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/07/16 05:15:45 | 005,774,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/07/16 05:15:45 | 005,104,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2014/07/16 05:15:45 | 002,688,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2014/07/16 05:15:45 | 002,100,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlowUI.dll
[2014/07/16 05:15:45 | 001,584,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2014/07/16 05:15:45 | 001,466,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/07/16 05:15:45 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2014/07/16 05:15:45 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/07/16 05:15:45 | 001,057,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/07/16 05:15:45 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2014/07/16 05:15:45 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/07/16 05:15:45 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/07/16 05:15:45 | 000,761,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2014/07/16 05:15:45 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2014/07/16 05:15:45 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/07/16 05:15:45 | 000,467,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/07/16 05:15:45 | 000,463,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/07/16 05:15:45 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2014/07/16 05:15:45 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/07/16 05:15:45 | 000,407,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2014/07/16 05:15:45 | 000,384,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/07/16 05:15:45 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/07/16 05:15:45 | 000,370,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2014/07/16 05:15:45 | 000,364,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GeofenceMonitorService.dll
[2014/07/16 05:15:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/07/16 05:15:45 | 000,337,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/07/16 05:15:45 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/07/16 05:15:45 | 000,307,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/07/16 05:15:45 | 000,305,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/07/16 05:15:45 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2014/07/16 05:15:45 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2014/07/16 05:15:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/07/16 05:15:45 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014/07/16 05:15:45 | 000,263,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2014/07/16 05:15:45 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2014/07/16 05:15:45 | 000,244,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014/07/16 05:15:45 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
[2014/07/16 05:15:45 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/07/16 05:15:45 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2014/07/16 05:15:45 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/07/16 05:15:45 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/07/16 05:15:45 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersShell.dll
[2014/07/16 05:15:45 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/07/16 05:15:45 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BootMenuUX.dll
[2014/07/16 05:15:45 | 000,130,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2014/07/16 05:15:45 | 000,125,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2014/07/16 05:15:45 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014/07/16 05:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/07/16 05:15:45 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\energyprov.dll
[2014/07/16 05:15:45 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/07/16 05:15:45 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2014/07/16 05:15:45 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2014/07/16 05:15:45 | 000,032,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ploptin.dll
[2014/07/16 05:15:45 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\spaceport.sys.mui
[2014/07/16 05:15:45 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2014/07/16 05:15:45 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2014/07/16 05:14:55 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/16 05:14:55 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/16 05:14:47 | 001,417,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/07/16 05:14:47 | 000,735,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/07/16 05:14:47 | 000,436,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2014/07/16 05:14:47 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2014/07/16 05:14:40 | 000,834,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/16 05:14:40 | 000,779,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/16 05:14:36 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/16 05:14:36 | 000,488,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/16 05:14:21 | 013,287,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/07/16 05:14:21 | 011,792,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/07/16 05:14:21 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,923,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/07/16 05:14:21 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2014/07/16 05:14:21 | 000,827,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/16 05:14:21 | 000,756,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/07/16 05:14:21 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/16 05:14:21 | 000,555,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.appcore.dll
[2014/07/16 05:14:21 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/16 05:14:21 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/16 05:14:21 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/16 05:14:21 | 000,054,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/16 05:14:11 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2014/07/16 05:14:11 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/07/16 05:14:11 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drvcfg.exe
[2014/07/16 05:14:02 | 016,871,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 012,711,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/07/16 05:14:02 | 000,668,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2014/07/16 05:14:02 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
[2014/07/16 05:14:02 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2014/07/16 05:14:02 | 000,467,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/07/16 05:14:02 | 000,440,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/07/16 05:14:02 | 000,428,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/07/16 05:14:02 | 000,423,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2014/07/16 05:14:02 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/07/16 05:14:02 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DaOtpCredentialProvider.dll
[2014/07/16 05:14:02 | 000,216,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2014/07/16 05:14:02 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/07/16 05:14:02 | 000,027,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/07/16 05:13:47 | 003,360,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/07/16 05:13:42 | 003,118,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/07/16 05:13:42 | 003,048,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe
[2014/07/16 05:13:42 | 002,861,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WpcWebSync.dll
[2014/07/16 05:13:42 | 002,834,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2014/07/16 05:13:42 | 002,344,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/07/16 05:13:42 | 000,055,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wpcfltr.sys
[2014/07/16 05:13:37 | 001,336,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/07/16 05:13:33 | 001,975,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/07/16 05:13:18 | 005,721,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/16 05:13:18 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/16 05:13:18 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/16 05:13:18 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/16 05:13:18 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/16 05:13:18 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/16 05:13:18 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/16 05:13:18 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/16 05:13:18 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/16 05:13:18 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/16 05:13:18 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/16 05:13:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/16 05:13:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/16 05:13:18 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/16 05:13:18 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/16 05:13:18 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/16 05:13:18 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/16 05:13:18 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/16 05:13:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/16 05:13:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/16 05:13:18 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/16 05:13:18 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/16 05:13:18 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/16 05:13:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/16 05:12:54 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2014/07/16 05:12:54 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
[2014/07/16 05:12:39 | 001,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/16 05:12:39 | 000,419,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.appcore.dll
[2014/07/16 05:12:39 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/07/16 05:12:39 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/07/16 05:12:39 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/07/16 05:12:39 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/16 05:12:39 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/16 05:12:39 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSReset.exe
[2014/07/16 05:12:39 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/07/16 05:12:39 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/16 05:12:39 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/16 05:12:39 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/07/16 05:12:30 | 000,086,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt_map.dll
[2014/07/16 05:12:30 | 000,080,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt_map.dll
[2014/07/16 05:12:30 | 000,028,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt100.dll
[2014/07/16 05:12:30 | 000,026,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt100.dll
[2014/07/16 05:12:27 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/07/16 05:12:27 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/07/16 05:12:20 | 000,257,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/07/16 05:12:20 | 000,123,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2014/07/16 05:12:20 | 000,035,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/07/16 05:11:46 | 000,029,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2014/07/16 05:11:46 | 000,028,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2014/07/16 05:10:29 | 002,900,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/07/16 05:10:29 | 002,373,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/07/16 05:10:29 | 002,270,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/07/16 05:10:29 | 002,141,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/07/16 05:10:29 | 002,133,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/07/16 05:10:29 | 002,088,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/07/16 05:10:29 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2014/07/16 05:10:29 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2014/07/16 05:10:29 | 001,779,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/07/16 05:10:29 | 001,764,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/07/16 05:10:29 | 001,656,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014/07/16 05:10:29 | 001,542,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2014/07/16 05:10:29 | 001,351,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2014/07/16 05:10:29 | 001,306,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2014/07/16 05:10:29 | 001,291,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/07/16 05:10:29 | 001,112,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/07/16 05:10:29 | 001,015,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2014/07/16 05:10:29 | 000,950,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2014/07/16 05:10:29 | 000,924,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2014/07/16 05:10:29 | 000,918,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,887,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2014/07/16 05:10:29 | 000,834,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2014/07/16 05:10:29 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2014/07/16 05:10:29 | 000,717,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/07/16 05:10:29 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2014/07/16 05:10:29 | 000,655,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/07/16 05:10:29 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/07/16 05:10:29 | 000,621,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAgent.exe
[2014/07/16 05:10:29 | 000,567,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/07/16 05:10:29 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,518,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/07/16 05:10:29 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlidprov.dll
[2014/07/16 05:10:29 | 000,488,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2014/07/16 05:10:29 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2014/07/16 05:10:29 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
[2014/07/16 05:10:29 | 000,412,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,402,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.dll
[2014/07/16 05:10:29 | 000,390,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2014/07/16 05:10:29 | 000,387,210 | ---- | M] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/07/16 05:10:29 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2014/07/16 05:10:29 | 000,379,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/07/16 05:10:29 | 000,376,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2014/07/16 05:10:29 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidprov.dll
[2014/07/16 05:10:29 | 000,356,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dcomp.dll
[2014/07/16 05:10:29 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/07/16 05:10:29 | 000,299,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2014/07/16 05:10:29 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2014/07/16 05:10:29 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/07/16 05:10:29 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2014/07/16 05:10:29 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/07/16 05:10:29 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/07/16 05:10:29 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2014/07/16 05:10:29 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsApi.dll
[2014/07/16 05:10:29 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2014/07/16 05:10:29 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dcomp.dll
[2014/07/16 05:10:29 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/07/16 05:10:29 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ReInfo.dll
[2014/07/16 05:10:29 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2014/07/16 05:10:29 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dafWfdProvider.dll
[2014/07/16 05:10:29 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ReInfo.dll
[2014/07/16 05:10:29 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsApi.dll
[2014/07/16 05:10:29 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,157,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wof.sys
[2014/07/16 05:10:29 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2014/07/16 05:10:29 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2014/07/16 05:10:29 | 000,136,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/07/16 05:10:29 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll
[2014/07/16 05:10:29 | 000,113,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2014/07/16 05:10:29 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/07/16 05:10:29 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/07/16 05:10:29 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMapi.dll
[2014/07/16 05:10:29 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sxproxy.dll
[2014/07/16 05:10:29 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\w32tm.exe
[2014/07/16 05:10:29 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2014/07/16 05:10:29 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\l2gpstore.dll
[2014/07/16 05:10:29 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\l2gpstore.dll
[2014/07/16 05:10:29 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\HidBthLE.dll
[2014/07/16 05:10:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetNetworkLocation.dll
[2014/07/16 05:10:29 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/07/16 05:10:29 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sxproxy.dll
[2014/07/16 05:10:29 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CredentialMigrationHandler.dll
[2014/07/16 05:10:29 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CredentialMigrationHandler.dll
 
========== Files Created - No Company Name ==========
 
[2014/08/09 13:59:53 | 000,000,885 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2014/08/09 13:59:04 | 000,002,779 | ---- | C] () -- C:\Users\Public\Desktop\Tukui Client.lnk
[2014/08/09 13:50:00 | 001,366,203 | ---- | C] () -- C:\Users\zvika\Desktop\AdwCleaner.exe
[2014/08/08 18:00:31 | 000,000,000 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2014/08/08 17:59:44 | 000,000,318 | ---- | C] () -- C:\Users\zvika\Desktop\Curse Client.appref-ms
[2014/08/07 23:50:49 | 000,000,836 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/07 23:39:46 | 000,854,410 | ---- | C] () -- C:\Users\zvika\Desktop\SecurityCheck.exe
[2014/08/07 21:04:26 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/08/07 20:55:27 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/07 20:55:12 | 000,002,579 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/08/07 20:34:26 | 000,002,155 | ---- | C] () -- C:\Users\zvika\Desktop\Windows 8 Manager.lnk
[2014/08/07 20:34:26 | 000,002,144 | ---- | C] () -- C:\Users\zvika\Desktop\1-Click Cleaner.lnk
[2014/08/06 23:11:28 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/06 23:06:40 | 000,001,021 | ---- | C] () -- C:\Users\zvika\Desktop\Internet Download Manager.lnk
[2014/08/06 23:06:37 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014/08/06 22:58:55 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/06 22:54:31 | 000,833,312 | ---- | C] () -- C:\Windows\SysNative\PLTGC.exe
[2014/08/06 22:54:31 | 000,000,415 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2014/08/06 22:54:31 | 000,000,124 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2014/08/06 22:54:26 | 000,365,856 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2014/08/06 22:54:26 | 000,004,024 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2014/08/06 22:54:26 | 000,000,714 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2014/08/06 22:54:26 | 000,000,612 | ---- | C] () -- C:\Windows\System\PLTGC.ini
[2014/08/06 22:54:25 | 000,000,498 | ---- | C] () -- C:\Windows\PLTGC.ini
[2014/08/05 23:32:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/08/05 23:31:22 | 000,001,363 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/08/05 23:30:42 | 003,826,628 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/08/05 23:29:45 | 000,835,032 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll
[2014/08/05 23:29:45 | 000,026,353 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/08/05 23:22:00 | 000,002,299 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/08/05 23:22:00 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/05 23:21:42 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/05 23:21:42 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/05 23:20:51 | 000,001,436 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/05 23:18:34 | 000,001,442 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/08/05 23:18:08 | 000,000,369 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/08/05 23:18:08 | 000,000,369 | ---- | C] () -- C:\Users\zvika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/08/05 23:18:08 | 000,000,352 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/08/05 23:18:08 | 000,000,334 | ---- | C] () -- C:\Users\zvika\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/08/05 23:12:53 | 475,073,134 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/08/05 23:12:53 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/07/16 05:16:44 | 000,050,745 | ---- | C] () -- C:\Windows\SysNative\srms.dat
[2014/07/16 05:10:29 | 000,387,210 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/03/18 03:21:15 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 03:20:26 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 08:36:25 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 08:36:24 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 07:45:38 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/16 05:15:45 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/16 05:15:45 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/08/06 23:06:40 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\Battle.net
[2014/08/08 18:01:44 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\Curse Advertising
[2014/08/09 14:28:39 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\DMCache
[2014/08/05 23:22:40 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\ESET
[2014/08/08 13:44:42 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\IDM
[2014/08/09 14:05:10 | 000,000,000 | ---D | M] -- C:\Users\zvika\AppData\Roaming\SteelSeries
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\zvika\OneDrive:ms-properties
 
< End of report >


#10 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:37 PM

Posted 09 August 2014 - 06:49 AM

Hello zvi8875,


Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:37 PM

Posted 12 August 2014 - 10:06 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users