Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Several Viruses are attacking my computer. [Closed]


  • Please log in to reply

#1
MNISather

MNISather

    Member

  • Member
  • PipPip
  • 25 posts
Hi. This past month I have been having some issues with viruses. At first, I noticed my McAfee Firewall wouldnt turn on. Then I started noticing browser redirections, and errors. I then installed Norton Anti-Virus. I ran that and the Norton Power Eraser and It keeps finding these 4 things:

Trojan.Gen.2
Backdoor.Trojan
Trojan.Zeroaccess.B
Bitcoinminer

I have no clue how to get rid of these because all of your solutions say they are different for each computer so I was wondering if I could get some help? Plus can you inform me on what to post such as logs in my replies? Please and thank you.
  • 0

Advertisements


#2
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,149 posts
Hello MNISather and welcome to Geeks To Go !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them.
You get an advantage as you have 2 people examining your issue.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.

Hi MNISather,
I am going to have you run an OTL custom scan for me. I will post back after I get my fix approved by my instructor.
It was very wise not to run someone else's fix on your machine, as these infections can be different from one machine to another.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
%systemdrive%\$Recycle.Bin|@;true;true;true
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs in your next response

  • 0

#3
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Okay this is the OTL.txt


OTL logfile created on: 9/5/2012 10:08:03 PM - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Sather\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.90 Gb Total Physical Memory | 13.24 Gb Available Physical Memory | 83.24% Memory free
31.81 Gb Paging File | 28.94 Gb Available in Paging File | 90.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.22 Gb Total Space | 135.87 Gb Free Space | 29.78% Space Free | Partition Type: NTFS
Drive D: | 7.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SATHER-PC | User Name: Sather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2012/09/05 22:06:08 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Sather\Downloads\OTL.exe
PRC - [2012/08/25 21:12:42 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/07/10 22:56:38 | 000,935,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/10 22:56:37 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
PRC - [2012/05/29 10:37:22 | 025,249,400 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2012/05/04 15:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/04/25 11:35:32 | 002,135,624 | ---- | M] (MediaFire LLC) -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe
PRC - [2012/04/25 11:34:10 | 001,974,856 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_status.exe
PRC - [2012/04/25 11:31:11 | 002,905,160 | ---- | M] (MediaFire) -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_services.exe
PRC - [2012/04/25 11:23:15 | 001,991,752 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_daemon.exe
PRC - [2012/04/04 06:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe
PRC - [2012/03/23 15:01:00 | 002,014,208 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
PRC - [2012/03/19 06:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 06:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 06:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/03/04 14:51:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/02/21 19:55:24 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/02/21 19:55:22 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012/02/21 19:55:18 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/02/21 19:55:16 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012/02/17 01:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\AlienRespawn\SftService.exe
PRC - [2012/02/09 11:21:20 | 000,014,152 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2012/02/09 11:14:02 | 000,069,448 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2012/02/09 11:09:02 | 000,016,200 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2012/02/01 17:44:12 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/01 17:44:12 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/01 17:43:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/27 16:30:20 | 000,320,832 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 21:51:44 | 004,005,184 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Toaster.exe
PRC - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
PRC - [2011/12/21 21:20:26 | 000,880,640 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/03 18:01:44 | 001,546,096 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
PRC - [2011/10/19 19:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) -- c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe
PRC - [2010/06/24 00:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/10 22:56:38 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/10 22:56:37 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/06/14 03:41:53 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
MOD - [2012/06/14 03:37:48 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MOD - [2012/06/14 03:21:17 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/14 03:21:11 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 03:21:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:21:01 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 03:20:59 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/06/14 03:03:16 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/14 03:03:08 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/14 03:03:07 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:03:03 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/14 03:03:02 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/20 20:59:02 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012/05/20 20:59:00 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
MOD - [2012/05/20 20:58:27 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/20 20:58:08 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012/05/20 20:58:08 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
MOD - [2012/05/20 20:58:07 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012/05/20 20:58:06 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\676a0584b48c64d242d4ad3aa07d9214\System.ServiceModel.ni.dll
MOD - [2012/05/20 20:57:56 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MOD - [2012/05/20 19:23:59 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/20 19:23:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/20 19:23:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/20 19:23:24 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/20 19:23:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/20 19:23:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/20 19:23:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/18 16:31:21 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/18 16:30:34 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
MOD - [2012/05/18 16:30:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
MOD - [2012/05/18 16:30:01 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/18 15:53:22 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/18 15:53:18 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/18 15:53:15 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/18 15:53:13 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/18 15:53:12 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/18 15:53:08 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/18 15:53:08 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/04/30 02:55:46 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012/04/30 02:55:46 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012/04/30 02:55:46 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012/04/30 02:55:46 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2012/04/25 11:34:10 | 001,974,856 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_status.exe
MOD - [2012/04/25 11:23:15 | 001,991,752 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_daemon.exe
MOD - [2012/04/25 11:13:44 | 018,678,784 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\QtGui4.dll
MOD - [2012/04/25 11:13:44 | 001,352,223 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\mediafire_api_connect.dll
MOD - [2012/04/25 11:13:44 | 000,978,958 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\libstdc++-6.dll
MOD - [2012/04/25 11:13:44 | 000,978,432 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\QtNetwork4.dll
MOD - [2012/04/25 11:13:44 | 000,338,432 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\QtXml4.dll
MOD - [2012/04/25 11:13:44 | 000,151,054 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\libexpat-1.dll
MOD - [2012/04/25 11:13:44 | 000,118,784 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\libgcc_s_dw2-1.dll
MOD - [2012/04/25 11:13:43 | 004,533,248 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\QtCore4.dll
MOD - [2012/04/25 11:07:41 | 000,231,424 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\imageformats\qjpeg4.dll
MOD - [2012/04/25 11:07:41 | 000,028,160 | ---- | M] () -- C:\Users\Sather\AppData\Local\MediaFire Express\imageformats\qgif4.dll
MOD - [2012/03/04 17:52:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
MOD - [2011/11/03 18:01:44 | 001,546,096 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/20 22:24:09 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010/11/20 22:24:09 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2009/12/18 11:07:06 | 000,577,536 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (MSK80Service)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McProxy)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McNASvc)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McNaiAnn)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (mcmscsvc)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McMPFSvc)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012/02/26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/02/26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/02/26 05:07:32 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/02/26 05:07:26 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/02/09 11:09:02 | 000,014,664 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2012/01/17 16:12:28 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/01/09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2012/08/26 22:43:32 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/25 21:12:42 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/08/15 00:57:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/07/10 22:56:38 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe -- (NAV)
SRV - [2012/05/12 01:15:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/05/12 01:15:50 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)
SRV - [2012/03/19 06:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/03/06 10:19:00 | 003,953,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/03/04 17:52:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/03/04 14:51:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/02/21 19:55:24 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/02/21 19:55:22 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012/02/21 19:55:18 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/02/17 19:07:22 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2012/02/01 17:44:12 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/01 17:44:12 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/01 17:43:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/19 19:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2011/05/09 13:01:06 | 000,430,080 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2011/03/21 12:41:18 | 000,178,224 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe -- (VZWConfigService)
SRV - [2011/02/17 07:02:26 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe -- (RoxMediaDBGame1X)
SRV - [2010/06/24 00:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/06/14 11:00:48 | 000,270,848 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe -- (NWVZHelper)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/05 20:33:18 | 000,095,392 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR310.SYS -- (SMR310)
DRV:64bit: - [2012/09/01 18:18:50 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2012/05/12 02:55:50 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/12 02:55:50 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/17 21:13:32 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 21:13:22 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys -- (SymDS)
DRV:64bit: - [2012/04/17 20:42:14 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/27 21:58:10 | 001,052,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtHda.sys -- (cthda)
DRV:64bit: - [2012/03/15 23:12:20 | 000,426,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/03/04 18:31:18 | 000,398,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/03/04 17:52:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2012/03/04 17:52:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/14 13:47:36 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/02/14 12:38:56 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/02/01 17:43:56 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/01/31 14:38:02 | 000,340,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/01/03 16:04:52 | 000,067,184 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_ACCEL.sys -- (ST_ACCEL)
DRV:64bit: - [2011/12/28 23:14:04 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/12/20 17:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 17:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/06 06:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/30 11:19:48 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/11/30 11:19:46 | 000,094,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/09/19 05:54:44 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/07/15 21:31:22 | 000,022,128 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2011/06/14 18:47:10 | 000,347,648 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NWRmNet_001.sys -- (NWRmNet_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,261,120 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser2_001.sys -- (NWUSBPort2_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser_001.sys -- (NWUSBPort_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbmdm_001.sys -- (NWUSBModem_001)
DRV:64bit: - [2011/01/26 19:38:28 | 000,683,392 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2011/01/26 19:37:44 | 001,063,552 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 08:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 06:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/12/23 11:36:04 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2009/10/02 12:53:48 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/26 15:43:42 | 000,016,752 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/09/05 19:39:20 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\VirusDefs\20120905.017\ex64.sys -- (NAVEX15)
DRV - [2012/09/05 19:39:20 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\VirusDefs\20120905.017\eng64.sys -- (NAVENG)
DRV - [2012/09/03 22:45:31 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/09/03 22:45:31 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/31 19:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\IPSDefs\20120905.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/23 03:52:48 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\BASHDefs\20120823.007\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/26 15:43:42 | 000,013,680 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com
IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-06-25 22:39:24&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000685d4320e2d5
IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-25 22:39:24&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sather\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sather\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sather\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/10 22:57:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/27 14:37:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/28 22:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\IPSFFPlgn\ [2012/09/01 18:18:54 | 000,000,000 | ---D | M]

[2012/07/05 20:45:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/07/05 20:45:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2012/05/28 17:35:02 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]

========== Chrome ==========

CHR - homepage: http://search.babylo...000685d4320e2d5
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...000685d4320e2d5
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sather\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: YouTube = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Click 2 Save = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfbkhdpdndhaejllgoppclbkcngghcg\1.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Fast save = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\chjdocjndfmmccgohapcbkddcnnncmme\1.1_0\
CHR - Extension: Google Search = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Speed Dial = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.2_0\
CHR - Extension: bloomind ct deepdark = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd\1_0\
CHR - Extension: SiteAdvisor = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: AdBlock = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: 1Click Downloader = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Google Mail Checker = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Facebook Notifications = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/28 19:46:45 | 000,001,204 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Alienware)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc..)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Sound Blaster Recon3Di Control Panel] c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002..\Run: [Facebook Update] C:\Users\Sather\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002..\Run: [MediaFire Tray] C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe (MediaFire LLC)
O4 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKLM..\RunOnce\Setup: [Registering MS MPEG4 ActiveX filter...] C:\Windows\SysWOW64\MPG4ds32.ax (Microcrap Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC}: NameServer = 174.114.184.185
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99FA023C-2392-4A16-A069-179D136652B1}: DhcpNameServer = 66.174.71.33 66.174.95.44
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD535A9E-FAE2-48C1-AB4A-0F1E6B077C91}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E94E7494-6CFA-4D01-9607-797C55A0C4BB}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/01 14:44:05 | 000,000,027 | RH-- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{383cb6c8-9c08-11e1-8ada-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{383cb6c8-9c08-11e1-8ada-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010/06/30 05:08:46 | 000,808,256 | R--- | M] (Acresso Software Inc. )
O33 - MountPoints2\{5e94a5fc-a09b-11e1-85b4-685d4320e2d8}\Shell - "" = AutoRun
O33 - MountPoints2\{5e94a5fc-a09b-11e1-85b4-685d4320e2d8}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{a90fe1e5-b279-11e1-8ab4-685d4320e2d8}\Shell - "" = AutoRun
O33 - MountPoints2\{a90fe1e5-b279-11e1-8ab4-685d4320e2d8}\Shell\AutoRun\command - "" = E:\Launcher.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 360 Days ==========

[2012/09/05 20:33:18 | 000,095,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR310.SYS
[2012/09/01 18:42:34 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\CrashDumps
[2012/09/01 18:33:29 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\NPE
[2012/09/01 18:18:50 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/09/01 18:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/09/01 18:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/09/01 18:18:48 | 001,129,120 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys
[2012/09/01 18:18:48 | 000,737,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys
[2012/09/01 18:18:48 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys
[2012/09/01 18:18:48 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys
[2012/09/01 18:18:48 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys
[2012/09/01 18:18:48 | 000,167,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys
[2012/09/01 18:18:48 | 000,037,536 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys
[2012/09/01 18:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2012/09/01 18:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E
[2012/09/01 18:18:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2012/09/01 18:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2012/08/31 01:10:34 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Warner Bros. Interactive Entertainment
[2012/08/30 23:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warner Bros. Interactive Entertainment
[2012/08/30 22:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/08/30 15:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012/08/29 14:38:34 | 000,000,000 | ---D | C] -- C:\Minecraft_Backup
[2012/08/29 01:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/08/29 01:06:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005
[2012/08/29 01:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/08/29 01:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/28 22:08:43 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\DivX
[2012/08/28 22:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/08/28 22:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/08/28 22:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012/08/28 22:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/08/28 22:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/08/28 22:03:08 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{708ADA2D-C87C-42B1-8B85-F19010C73E5D}
[2012/08/28 21:36:18 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll.backup
[2012/08/28 21:36:16 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll.backup
[2012/08/28 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\UniversalThemePatcher_20090409
[2012/08/28 21:32:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\callofdutyblackopsw7theme
[2012/08/27 20:53:28 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MidiEditor
[2012/08/27 20:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MidiEditor
[2012/08/26 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\McAfee
[2012/08/26 15:34:58 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\Fabtasy
[2012/08/25 20:09:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{52DAD54D-5785-4A1B-86A5-0435CA2C3466}
[2012/08/25 19:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\WEngineLite
[2012/08/25 19:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Verizon Wireless
[2012/08/25 19:06:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\hpqLog
[2012/08/25 15:25:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Smith Micro
[2012/08/25 01:06:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{1E13D1BB-B324-4C06-AAAE-E3F25C50F975}
[2012/08/24 22:31:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{4963992C-EB83-4AD1-A3F9-333A1DCF5F69}
[2012/08/23 22:22:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{F7E3E906-8466-4476-A471-29DA243F5B80}
[2012/08/23 21:42:20 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\skyz
[2012/08/23 14:51:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienAutopsy
[2012/08/23 14:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/23 10:27:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Chromium
[2012/08/23 10:27:10 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Rockstar Games
[2012/08/23 09:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/08/22 15:52:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{ED1522AB-FAE0-41F9-91E7-E9D266A820B1}
[2012/08/22 10:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sleeping Dogs
[2012/08/21 23:15:42 | 000,229,479 | ---- | C] (Sun Microsystems) -- C:\Windows\SysWow64\jpicpl32.cpl
[2012/08/21 03:04:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\DarknessII
[2012/08/21 02:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012/08/21 02:01:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2012/08/20 15:37:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Sony Online Entertainment
[2012/08/20 15:36:55 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/08/20 12:58:26 | 000,000,000 | ---D | C] -- C:\Crash
[2012/08/19 22:39:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\SCE
[2012/08/19 16:28:05 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Malwarebytes
[2012/08/19 16:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/16 02:08:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/16 02:08:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/16 02:08:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/16 02:08:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/16 02:08:26 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/16 02:08:26 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/16 02:08:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/16 02:08:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/16 02:08:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/16 02:08:26 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/16 02:08:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/16 02:08:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/16 02:08:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/15 22:05:38 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/15 22:05:36 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/15 22:05:36 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/15 22:05:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/15 22:04:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/15 22:04:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/15 22:04:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/15 22:04:08 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/15 22:01:43 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Darksiders2
[2012/08/15 21:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012/08/15 21:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2012/08/14 01:28:49 | 000,000,000 | -HSD | C] -- C:\Users\Sather\AppData\Roaming\wyUpdate AU
[2012/08/14 01:28:49 | 000,000,000 | -HSD | C] -- C:\Users\Sather\wc
[2012/08/14 01:28:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Cyberduck
[2012/08/14 00:58:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\cYo
[2012/08/14 00:58:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\cYo
[2012/08/14 00:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
[2012/08/14 00:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\ComicRack
[2012/08/13 16:28:30 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012/08/13 16:28:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Form
[2012/08/13 16:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trapcode Form
[2012/08/13 16:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trapcode
[2012/08/13 15:31:22 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\MW3 Intro Template
[2012/08/11 00:53:55 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{6DF686DB-5BC3-465D-8E3F-2E45C140CC29}
[2012/08/11 00:53:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{DEF66CDA-6F20-46EF-8D35-07B29CF4BA27}
[2012/08/09 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Atari
[2012/08/09 01:42:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cry of Fear
[2012/08/09 01:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cry of Fear
[2012/08/06 13:09:11 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Daedalic Entertainment
[2012/08/06 13:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lace Mamba Global Ltd
[2012/08/06 13:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lace Mamba Global Ltd
[2012/08/04 21:10:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\PowerUp Software
[2012/08/04 19:22:39 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\ArmA 2 OA
[2012/08/04 19:19:46 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\ArmA 2
[2012/08/04 19:19:46 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\ArmA 2
[2012/08/04 18:51:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/08/04 15:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PowerUp Software
[2012/08/04 15:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
[2012/08/04 15:23:05 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dx7vb.dll
[2012/08/04 15:23:05 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capicom.dll
[2012/08/04 15:23:05 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2012/08/04 15:23:05 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswinsck.ocx
[2012/08/04 15:23:05 | 000,094,208 | R-S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstkprp.dll
[2012/08/04 15:23:05 | 000,091,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsofile.dll
[2012/08/04 15:23:05 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5DB.DLL
[2012/08/04 15:23:05 | 000,045,056 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\NTSVC.ocx
[2012/08/04 15:23:05 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\SSubTmr6.dll
[2012/08/04 15:23:04 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advp844.rra
[2012/08/04 15:23:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vers873.rra
[2012/08/04 15:23:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsoc883.rra
[2012/08/04 15:23:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shfo873.rra
[2012/08/04 15:23:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerUp Software
[2012/08/04 08:42:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Syndicate
[2012/08/04 08:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2012/08/01 17:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
[2012/08/01 17:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\MAXON
[2012/08/01 17:00:50 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\MAXON
[2012/07/31 20:40:12 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\ooVoo Details
[2012/07/31 20:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/07/31 20:39:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\APN
[2012/07/31 20:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2012/07/31 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2012/07/31 18:41:31 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\SplitMediaLabs
[2012/07/31 18:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2012/07/31 18:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2012/07/31 18:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2012/07/31 18:40:32 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\SplitMediaLabs
[2012/07/31 18:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal
[2012/07/31 18:04:10 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\by_dekart811
[2012/07/31 17:24:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Strogino CS Portal
[2012/07/30 16:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/07/30 13:25:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/30 13:25:06 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/29 15:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012/07/29 15:45:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\PAYDAY
[2012/07/29 15:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Payday The Heist
[2012/07/29 14:20:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/07/28 18:59:35 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\My Games
[2012/07/28 18:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012/07/27 11:33:31 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{C9D09E72-E929-48FE-8775-4A764CA4605E}
[2012/07/27 11:33:11 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{CF84A9C0-B588-4099-9C10-82B301AB4CEC}
[2012/07/27 10:58:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Reflection
[2012/07/27 10:51:10 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Plutinosoft_LLC
[2012/07/26 15:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\xml_param
[2012/07/26 15:45:35 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Wondershare Video Converter Ultimate
[2012/07/26 15:45:35 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Wondershare Video Converter Ultimate
[2012/07/26 15:45:28 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Wondershare
[2012/07/26 15:45:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
[2012/07/26 15:45:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2012/07/26 15:45:21 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll
[2012/07/26 15:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2012/07/26 09:44:47 | 000,000,000 | ---D | C] -- C:\Users\Sather\My Backup Files
[2012/07/18 19:30:03 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\CallBurner
[2012/07/18 18:57:52 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Evaer
[2012/07/18 18:57:52 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Evaer
[2012/07/18 18:57:52 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\CrashRpt
[2012/07/18 16:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UDK
[2012/07/16 10:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garrys Mod [DiGiTALZONE]
[2012/07/16 10:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garrys Mod Final [DiGiTALZONE] 2010 Edition
[2012/07/16 10:53:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria
[2012/07/16 10:52:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Terraria
[2012/07/15 10:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lucasarts
[2012/07/14 21:30:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
[2012/07/14 21:23:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/07/14 19:45:43 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LIMBO
[2012/07/10 21:58:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{26C65F28-7D20-433B-A39C-B35DBC01D8F0}
[2012/07/10 20:59:05 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{8F55C499-7EEF-42A7-A92E-931E03916F04}
[2012/07/10 19:55:47 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{46CBEA34-2083-4FF6-A037-D440A1CFF2B1}
[2012/07/10 19:55:47 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{2CCA0BB3-1753-4006-9583-50AEA73AE561}
[2012/07/10 14:31:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/10 14:31:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/10 14:31:36 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/10 14:31:31 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/10 14:31:28 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/09 20:06:24 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Diagnostics
[2012/07/08 18:29:34 | 000,000,000 | ---D | C] -- C:\House of The Dead
[2012/07/08 17:41:36 | 000,000,000 | R--D | C] -- C:\Users\Sather\Virtual Machines
[2012/07/08 17:32:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2012/07/08 17:32:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2012/07/08 17:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/07/08 17:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/07/08 17:23:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2012/07/08 17:23:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2012/07/08 17:23:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2012/07/08 17:23:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2012/07/08 17:23:00 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2012/07/08 17:23:00 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2012/07/08 17:23:00 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2012/07/08 17:23:00 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2012/07/08 17:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui
[2012/07/08 17:22:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui
[2012/07/08 17:22:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2012/07/08 17:22:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2012/07/08 17:22:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2012/07/08 17:22:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2012/07/08 17:22:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2012/07/08 17:22:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2012/07/08 17:22:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2012/07/08 17:22:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2012/07/08 17:22:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2012/07/08 17:22:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2012/07/08 17:22:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2012/07/08 17:22:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2012/07/08 17:22:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2012/07/08 17:22:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2012/07/08 17:22:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2012/07/08 17:22:54 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2012/07/08 17:22:54 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2012/07/08 17:22:54 | 000,194,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2012/07/08 17:22:54 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2012/07/08 17:22:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2012/07/08 17:22:53 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2012/07/08 17:22:53 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2012/07/08 17:22:53 | 000,360,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2012/07/08 17:22:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2012/07/08 17:22:52 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2012/07/08 17:22:52 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2012/07/08 17:22:52 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2012/07/08 16:48:24 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\DOSBox
[2012/07/08 16:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012/07/06 20:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/07/06 20:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/07/06 13:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2012/07/06 13:34:42 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Paint.NET
[2012/07/06 12:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/07/05 20:45:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Babylon
[2012/07/05 20:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/07/04 13:01:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\.Nitrous
[2012/07/02 18:01:59 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\GOL_byHasbro
[2012/07/02 18:01:38 | 000,000,000 | ---D | C] -- C:\Windows\The Game Of Life by Hasbro
[2012/07/01 01:12:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Microsoft Games
[2012/06/27 23:47:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\TabIt Tabs
[2012/06/27 23:02:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2012/06/27 21:48:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MixMeister BPM Analyzer
[2012/06/27 21:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
[2012/06/27 21:37:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
[2012/06/27 21:37:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Power Tab Software
[2012/06/26 14:18:22 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Adobe
[2012/06/26 00:07:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{6F1264BC-3C11-4368-90B2-3CFA961093D4}
[2012/06/26 00:07:12 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{4BB19A84-238D-4863-AF28-55A7329ACA3A}
[2012/06/26 00:06:11 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/26 00:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/06/26 00:00:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/06/25 23:59:19 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Windows Live
[2012/06/25 23:59:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/06/25 22:39:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\AVG Secure Search
[2012/06/25 22:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/06/25 22:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/06/25 22:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/06/25 22:39:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/25 22:23:01 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Pro Tools Projects
[2012/06/25 22:22:44 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Leadertech
[2012/06/25 22:22:41 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Digidesign
[2012/06/25 22:21:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\PACE Anti-Piracy
[2012/06/25 22:21:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\PACE Anti-Piracy
[2012/06/25 22:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2012/06/25 22:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE Anti-Piracy
[2012/06/25 21:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
[2012/06/25 21:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\M-Audio
[2012/06/25 21:49:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InterLok
[2012/06/25 21:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digidesign
[2012/06/25 21:44:11 | 000,836,096 | ---- | C] (PACE Anti-Piracy) -- C:\Windows\SysWow64\ilinet.dll
[2012/06/25 21:44:09 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2012/06/25 21:43:45 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2012/06/25 21:43:44 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2012/06/25 21:43:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digidesign
[2012/06/25 21:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2012/06/24 22:09:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3FC66E2C-85B6-4398-82FB-C13C51DE9DD8}
[2012/06/21 01:45:27 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/21 01:45:27 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/21 01:45:27 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/21 01:45:26 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/21 01:45:26 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/21 01:45:26 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/21 01:45:25 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/21 01:45:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/20 20:10:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2012/06/20 20:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Reallusion
[2012/06/20 18:43:59 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\1.2.5 mo creeps
[2012/06/20 14:40:08 | 000,000,000 | -H-D | C] -- C:\Users\Sather\AppData\Local\UCzGrxkL
[2012/06/19 03:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
[2012/06/19 03:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam
[2012/06/13 22:56:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 22:56:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 22:56:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/13 22:56:31 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 22:56:31 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 22:56:29 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 22:56:27 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 22:56:25 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/13 22:56:13 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 02:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/06/13 02:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/06/11 01:07:46 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Games for Windows - LIVE Demos
[2012/06/11 01:07:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/06/11 01:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/06/11 01:07:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/06/11 00:58:05 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\WB Games
[2012/06/10 22:41:05 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\2K Sports
[2012/06/10 22:37:19 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
[2012/06/10 22:36:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Sports
[2012/06/10 22:34:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2012/06/10 22:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2012/06/10 21:44:58 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\GameRanger
[2012/06/10 19:37:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Macrovision
[2012/06/10 19:36:36 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Roxio
[2012/06/10 19:36:32 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Sonic Solutions
[2012/06/10 19:36:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Sonic_Solutions
[2012/06/09 23:51:42 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Youtube Videos
[2012/06/09 22:40:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Apple Computer
[2012/06/09 22:40:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Apple Computer
[2012/06/09 22:40:16 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/06/09 22:40:16 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/06/09 22:40:16 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/06/09 22:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/09 22:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/09 22:39:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/09 22:39:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/06/09 22:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/06/09 22:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/06/09 22:39:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Apple
[2012/06/09 22:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/06/09 22:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/06/09 22:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/06/09 22:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/06/09 22:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/06/09 22:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/06/09 21:59:58 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Mixcraft Projects
[2012/06/09 21:46:20 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\SynthMaker
[2012/06/09 21:46:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Acoustica
[2012/06/09 21:43:46 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 6
[2012/06/09 21:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VST
[2012/06/09 21:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Mixcraft 6
[2012/06/09 21:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2012/06/09 16:24:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/06/09 16:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012/06/09 16:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012/06/08 15:59:24 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012/06/08 15:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/06/08 15:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/06/08 15:59:04 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\LogMeIn Hamachi
[2012/06/07 15:40:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\fltk.org
[2012/06/07 15:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2012/06/07 15:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2012/06/07 15:40:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Amnesia
[2012/06/07 15:36:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/07 15:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/07 14:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/06/06 08:49:52 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012/06/02 21:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/06/02 21:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/06/02 21:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2012/06/02 21:01:27 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2012/06/02 21:01:27 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2012/06/02 21:01:27 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2012/06/02 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012/06/02 21:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/06/02 21:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012/06/02 21:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/06/02 20:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2012/06/02 20:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio Game Capture
[2012/06/02 20:54:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Roxio Log Files
[2012/05/29 15:56:24 | 000,750,440 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPM8e11.dll
[2012/05/29 15:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/05/29 15:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/05/29 15:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012/05/29 15:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/05/29 15:55:50 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\HP
[2012/05/28 19:42:26 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\PDAppFlex
[2012/05/28 19:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/05/28 19:13:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Adobe
[2012/05/28 17:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/05/28 17:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/05/28 17:35:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Mozilla
[2012/05/28 17:34:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/05/26 18:37:09 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Facebook
[2012/05/24 17:34:34 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Sony Creative Software Inc
[2012/05/24 16:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/05/24 16:45:07 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaFire Express
[2012/05/24 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaFire Express
[2012/05/24 16:45:04 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\MediaFire Express
[2012/05/24 16:29:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Publish Providers
[2012/05/24 16:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012/05/24 16:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012/05/24 16:27:15 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012/05/24 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Sony
[2012/05/24 16:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012/05/24 16:20:32 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Sony
[2012/05/23 17:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/05/23 17:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/05/23 17:14:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/05/23 17:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/05/23 17:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/05/23 17:12:46 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Microsoft Help
[2012/05/23 17:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/05/23 17:12:41 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/05/22 20:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam2
[2012/05/22 20:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/05/22 20:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/05/22 20:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/05/22 20:16:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\Folders
[2012/05/22 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\MotioninJoy
[2012/05/22 19:37:19 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2012/05/22 19:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2012/05/22 19:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2012/05/22 17:52:55 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\DeadIsland
[2012/05/22 06:39:54 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\SKIDROW
[2012/05/21 00:02:22 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\GTA San Andreas User Files
[2012/05/21 00:02:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/20 19:47:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Logitech
[2012/05/20 19:20:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/05/20 19:20:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/05/20 19:19:20 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Tunngle
[2012/05/20 19:19:20 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Tunngle
[2012/05/20 19:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012/05/20 19:19:18 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012/05/19 16:53:06 | 003,953,632 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012/05/19 16:52:59 | 000,004,774 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2012/05/19 16:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012/05/19 15:51:57 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/05/19 11:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/05/19 11:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2012/05/19 11:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/05/18 23:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cracked Steam
[2012/05/18 18:20:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\NVIDIA
[2012/05/18 15:50:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/05/18 15:50:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/05/18 15:50:41 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/05/17 22:44:59 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Reallusion
[2012/05/17 22:41:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/05/17 17:51:33 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Verizon Wireless
[2012/05/17 17:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon Wireless
[2012/05/17 17:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Novatel Wireless
[2012/05/17 17:43:39 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Downloaded Installations
[2012/05/17 17:43:37 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\InstallShield
[2012/05/17 15:46:14 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/17 15:46:11 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/05/17 15:46:11 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/05/17 15:45:59 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Dell
[2012/05/17 15:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\AlienAutopsy
[2012/05/17 15:43:31 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\PCDr
[2012/05/17 15:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012/05/16 22:39:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\LolClient
[2012/05/16 22:22:16 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/05/16 22:22:16 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/05/16 22:22:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/05/16 21:50:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\PMB Files
[2012/05/16 21:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012/05/16 21:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012/05/16 21:18:32 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\TS3Client
[2012/05/16 21:11:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\TeamViewer
[2012/05/16 20:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012/05/16 20:58:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2012/05/16 20:55:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\ESN Sonar
[2012/05/16 20:53:07 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Audacity
[2012/05/16 20:46:00 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Snagit
[2012/05/16 20:45:59 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\assembly
[2012/05/16 19:25:03 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\TechSmith
[2012/05/16 19:24:59 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Camtasia Studio
[2012/05/16 19:00:29 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\PunkBuster
[2012/05/16 19:00:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Battlefield 3
[2012/05/16 18:59:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2012/05/16 18:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012/05/16 18:58:21 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012/05/16 18:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2012/05/16 18:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/05/16 18:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2012/05/16 18:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2012/05/16 18:39:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2012/05/16 18:38:08 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\WinRAR
[2012/05/16 18:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/05/16 17:16:38 | 000,955,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/05/16 17:16:38 | 000,839,112 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/05/16 17:16:38 | 000,268,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/05/16 17:16:36 | 000,189,384 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/05/16 17:16:36 | 000,188,872 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/05/16 17:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/05/16 17:15:41 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\.minecraft
[2012/05/16 17:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/05/16 17:13:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/05/16 17:13:17 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/05/16 17:13:17 | 000,687,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/05/16 17:13:15 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/05/16 17:13:15 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/05/16 17:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/05/16 17:06:12 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/05/16 17:06:12 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/05/16 17:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012/05/16 17:05:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/05/16 17:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2012/05/16 17:04:48 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/05/16 17:04:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/05/16 17:04:48 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/05/16 17:04:48 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/05/16 17:04:48 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/05/16 17:04:48 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/05/16 17:04:48 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/05/16 17:04:48 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/05/16 17:04:47 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/05/16 17:04:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/05/16 17:04:47 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/05/16 17:04:47 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/05/16 17:04:47 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/05/16 17:04:47 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/05/16 17:04:47 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/05/16 17:04:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/05/16 17:04:47 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/05/16 17:04:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/05/16 17:04:47 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/05/16 17:04:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/05/16 17:04:46 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/05/16 17:04:46 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/05/16 17:04:46 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/05/16 17:04:46 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/05/16 17:04:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/05/16 17:04:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/05/16 17:04:46 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/05/16 17:04:46 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/05/16 17:04:46 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/05/16 17:04:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/05/16 17:04:45 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/05/16 17:04:45 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/05/16 17:04:45 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/05/16 17:04:45 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/05/16 17:04:45 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/05/16 17:04:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/05/16 17:04:45 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/05/16 17:04:45 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/05/16 17:04:44 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/05/16 17:04:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/05/16 17:04:44 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/05/16 17:04:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/05/16 17:04:44 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/05/16 17:04:44 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/05/16 17:04:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/05/16 17:04:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/05/16 17:04:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/05/16 17:04:44 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/05/16 17:04:44 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/05/16 17:04:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/05/16 17:04:43 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/05/16 17:04:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/05/16 17:04:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/05/16 17:04:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/05/16 17:04:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/05/16 17:04:43 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/05/16 17:04:43 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/05/16 17:04:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/05/16 17:04:43 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/05/16 17:04:43 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/05/16 17:04:43 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/05/16 17:04:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/05/16 17:04:42 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/05/16 17:04:42 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/05/16 17:04:42 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/05/16 17:04:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/05/16 17:04:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/05/16 17:04:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/05/16 17:04:42 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/05/16 17:04:42 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/05/16 17:04:42 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/05/16 17:04:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/05/16 17:04:42 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/05/16 17:04:42 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/05/16 17:04:41 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/05/16 17:04:40 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/05/16 17:04:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/05/16 17:04:40 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/05/16 17:04:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/05/16 17:04:40 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/05/16 17:04:40 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/05/16 17:04:40 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/05/16 17:04:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/05/16 17:04:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/05/16 17:04:40 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/05/16 17:04:40 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/05/16 17:04:40 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/05/16 17:04:40 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/05/16 17:04:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/05/16 17:04:39 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/05/16 17:04:39 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/05/16 17:04:39 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/05/16 17:04:39 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/05/16 17:04:39 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/05/16 17:04:39 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/05/16 17:04:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/05/16 17:04:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/05/16 17:04:39 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/05/16 17:04:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/05/16 17:04:38 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/05/16 17:04:38 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/05/16 17:04:38 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/05/16 17:04:38 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/05/16 17:04:38 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/05/16 17:04:38 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/05/16 17:04:38 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/05/16 17:04:38 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/05/16 17:04:37 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/05/16 17:04:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/05/16 17:04:37 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/05/16 17:04:37 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/05/16 17:04:36 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/05/16 17:04:36 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/05/16 17:04:36 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/05/16 17:04:36 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/05/16 17:04:36 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/05/16 17:04:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/05/16 17:04:36 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/05/16 17:04:36 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/05/16 17:04:36 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/05/16 17:04:36 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/05/16 17:04:35 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/05/16 17:04:35 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/05/16 17:04:35 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/05/16 17:04:35 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/05/16 17:04:35 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/05/16 17:04:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/05/16 17:04:35 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/05/16 17:04:35 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/05/16 17:04:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/05/16 17:04:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/05/16 17:04:35 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/05/16 17:04:35 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/05/16 17:04:35 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/05/16 17:04:35 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/05/16 17:04:34 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/05/16 17:04:34 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/05/16 17:04:34 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/05/16 17:04:34 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/05/16 17:04:34 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/05/16 17:04:34 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/05/16 17:04:34 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/05/16 17:04:34 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/05/16 17:04:33 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/05/16 17:04:33 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/05/16 17:04:33 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/05/16 17:04:33 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/05/16 17:04:33 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/05/16 17:04:33 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/05/16 17:04:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/05/16 17:04:33 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/05/16 17:04:33 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/05/16 17:04:33 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/05/16 17:04:33 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/05/16 17:04:33 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/05/16 17:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/05/16 17:04:32 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/05/16 17:04:32 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/05/16 17:04:32 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/05/16 17:04:32 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/05/16 17:04:32 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/05/16 17:04:32 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/05/16 17:04:30 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/05/16 17:04:30 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/05/16 17:04:30 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/05/16 17:04:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/05/16 17:04:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/05/16 17:04:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/05/16 17:04:30 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/05/16 17:04:30 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/05/16 17:04:30 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/05/16 17:04:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/05/16 17:04:29 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/05/16 17:04:29 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/05/16 17:04:29 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/05/16 17:04:29 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/05/16 17:04:29 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/05/16 17:04:29 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/05/16 17:04:29 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/05/16 17:04:29 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/05/16 17:03:18 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\uTorrent
[2012/05/16 16:39:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/05/16 16:38:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Google
[2012/05/16 16:38:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Deployment
[2012/05/16 16:38:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Apps
[2012/05/16 16:37:49 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Macromedia
[2012/05/16 16:37:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Adobe
[2012/05/16 16:31:24 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Origin
[2012/05/16 16:31:23 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Origin
[2012/05/16 16:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/05/16 16:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/05/16 16:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/05/16 16:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/05/16 16:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/05/16 16:24:31 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Skype
[2012/05/16 16:23:52 | 000,000,000 | -HSD | C] -- C:\System Recovery
[2012/05/16 16:20:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Creative
[2012/05/16 16:20:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\AlienFX
[2012/05/16 16:19:58 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Intel Corporation
[2012/05/16 16:19:51 | 000,000,000 | R--D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/16 16:19:51 | 000,000,000 | R--D | C] -- C:\Users\Sather\Searches
[2012/05/16 16:19:51 | 000,000,000 | R--D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/16 16:19:51 | 000,000,000 | -H-D | C] -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/16 16:19:44 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Identities
[2012/05/16 16:19:43 | 000,000,000 | R--D | C] -- C:\Users\Sather\Contacts
[2012/05/16 16:19:42 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\VirtualStore
[2012/05/16 16:16:49 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/05/16 16:16:49 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/05/16 16:15:27 | 000,000,000 | --SD | C] -- C:\Users\Sather\AppData\Roaming\Microsoft
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Videos
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Saved Games
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Pictures
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Music
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Links
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Favorites
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Downloads
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Documents
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\Desktop
[2012/05/16 16:15:27 | 000,000,000 | R--D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\AppData\Local\Temporary Internet Files
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Templates
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Start Menu
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\SendTo
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Recent
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\PrintHood
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\NetHood
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Documents\My Videos
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Documents\My Pictures
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Documents\My Music
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\My Documents
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Local Settings
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\AppData\Local\History
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Cookies
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\Application Data
[2012/05/16 16:15:27 | 000,000,000 | -HSD | C] -- C:\Users\Sather\AppData\Local\Application Data
[2012/05/16 16:15:27 | 000,000,000 | -H-D | C] -- C:\Users\Sather\AppData
[2012/05/16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Temp
[2012/05/16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\SoftThinks
[2012/05/16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\Roaming
[2012/05/16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Microsoft
[2012/05/16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Media Center Programs
[2012/05/16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Intel
[2012/05/16 16:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/05/12 02:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/05/12 02:58:57 | 006,083,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/05/12 02:58:57 | 003,090,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/05/12 02:58:57 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/05/12 02:58:57 | 000,850,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2012/05/12 02:58:57 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/05/12 02:58:57 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/05/12 02:58:57 | 000,055,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2012/05/12 02:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/05/12 02:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/05/12 02:58:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/05/12 02:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/05/12 02:58:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/05/12 02:58:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/05/12 02:58:45 | 000,000,000 | ---D | C] -- C:\Intel
[2012/05/12 02:58:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/05/12 02:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/05/12 02:55:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/05/12 02:55:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/05/12 02:55:54 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/05/12 02:55:54 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/05/12 02:55:54 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/05/12 02:55:54 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/05/12 02:55:54 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/05/12 02:55:54 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/05/12 02:55:54 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/05/12 02:55:54 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/05/12 02:55:54 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/05/12 02:55:54 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/05/12 02:55:54 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/05/12 02:55:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/05/12 02:55:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/05/12 02:55:53 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/05/12 02:55:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/05/12 02:55:53 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/05/12 02:55:52 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/05/12 02:55:52 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/05/12 02:55:52 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/05/12 02:55:52 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/05/12 02:55:52 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/05/12 02:55:52 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/05/12 02:55:52 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/05/12 02:55:52 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/05/12 02:55:52 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/05/12 02:55:52 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/05/12 02:55:52 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/05/12 02:55:52 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/05/12 02:55:52 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/05/12 02:55:52 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/05/12 02:55:52 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/05/12 02:55:52 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/05/12 02:55:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/05/12 02:55:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/05/12 02:55:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/05/12 02:55:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/05/12 02:55:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/05/12 02:55:51 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/05/12 02:55:51 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/05/12 02:55:51 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/05/12 02:55:51 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/05/12 02:55:51 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/05/12 02:55:51 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/05/12 02:55:51 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/05/12 02:55:51 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/05/12 02:55:51 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/05/12 02:55:51 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/05/12 02:55:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/05/12 02:55:51 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/05/12 02:55:51 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/05/12 02:55:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/05/12 02:55:51 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/05/12 02:55:51 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/05/12 02:55:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/05/12 02:55:51 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/05/12 02:55:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/05/12 02:55:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/05/12 02:55:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/05/12 02:55:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/05/12 02:55:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/05/12 02:55:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/05/12 02:55:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/05/12 02:55:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/05/12 02:55:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/05/12 02:55:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/05/12 02:55:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/05/12 02:55:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/05/12 02:55:50 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/05/12 02:55:50 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/05/12 02:55:50 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/05/12 02:55:50 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/05/12 02:55:50 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/05/12 02:55:50 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/05/12 02:55:50 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/05/12 02:55:50 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/05/12 02:55:50 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/05/12 02:55:50 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/05/12 02:55:50 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/05/12 02:55:50 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/05/12 02:55:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/05/12 02:55:50 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/05/12 02:55:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/05/12 02:55:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/05/12 02:55:50 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/05/12 02:55:50 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/05/12 02:55:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/05/12 02:55:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/05/12 02:55:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/05/12 02:55:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/05/12 02:55:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/05/12 02:55:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/05/12 02:55:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/05/12 02:55:50 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/05/12 02:55:50 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/05/12 02:55:49 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/05/12 02:55:49 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/05/12 02:55:49 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/05/12 02:55:49 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/05/12 02:55:49 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/05/12 02:55:49 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/05/12 02:55:49 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/05/12 02:55:49 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/05/12 02:55:49 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/05/12 02:55:49 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/05/12 02:55:49 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/05/12 02:55:49 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/05/12 02:55:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/05/12 02:55:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/05/12 02:55:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/05/12 02:55:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/05/12 02:55:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/05/12 02:55:49 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/05/12 02:55:49 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/05/12 02:55:49 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/05/12 02:55:48 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/05/12 02:55:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/05/12 02:55:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/05/12 02:55:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/05/12 02:55:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/05/12 02:54:09 | 000,000,000 | ---D | C] -- C:\apps
[2012/05/12 02:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/05/12 02:52:06 | 001,466,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvir3dgenco6420140.dll
[2012/05/12 02:52:06 | 000,398,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2012/05/12 02:52:05 | 025,555,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/05/12 02:52:05 | 019,456,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/05/12 02:52:05 | 009,732,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/05/12 02:52:05 | 007,726,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/05/12 02:52:05 | 000,963,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/05/12 02:52:05 | 000,813,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/05/12 02:52:05 | 000,028,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012/05/12 02:52:04 | 017,663,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/05/12 02:52:04 | 015,028,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/05/12 02:52:04 | 008,038,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/05/12 02:52:04 | 005,920,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/05/12 02:52:04 | 002,873,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/05/12 02:52:04 | 002,673,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/05/12 02:52:04 | 002,518,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/05/12 02:52:04 | 002,438,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/05/12 02:52:04 | 001,737,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/05/12 02:52:04 | 001,466,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/05/12 02:52:04 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/05/12 02:52:04 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/05/12 02:52:04 | 000,260,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/05/12 02:52:04 | 000,249,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvkflt.sys
[2012/05/12 02:52:04 | 000,215,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/05/12 02:52:02 | 025,222,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/05/12 02:52:02 | 017,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/05/12 02:52:02 | 002,677,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/05/12 02:52:02 | 002,316,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/05/12 02:51:57 | 009,888,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2012/05/12 02:51:57 | 000,340,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2012/05/12 02:51:43 | 000,108,656 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012/05/12 02:51:41 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2012/05/12 02:51:41 | 000,426,768 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2012/05/12 02:51:41 | 000,229,648 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2012/05/12 02:51:41 | 000,150,800 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo9.dll
[2012/05/12 02:51:41 | 000,113,936 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2012/05/12 02:51:41 | 000,068,880 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/05/12 02:51:40 | 000,727,312 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2012/05/12 02:51:40 | 000,396,560 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2012/05/12 02:51:40 | 000,282,896 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2012/05/12 02:51:40 | 000,228,624 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2012/05/12 02:51:23 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/05/12 02:51:21 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/05/12 02:51:17 | 014,692,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012/05/12 02:51:17 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012/05/12 02:51:17 | 008,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012/05/12 02:51:17 | 006,120,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012/05/12 02:51:17 | 002,967,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2012/05/12 02:51:17 | 002,321,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2012/05/12 02:51:17 | 000,588,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2012/05/12 02:51:17 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012/05/12 02:51:17 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012/05/12 02:51:17 | 000,516,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2012/05/12 02:51:17 | 000,511,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012/05/12 02:51:17 | 000,440,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012/05/12 02:51:17 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012/05/12 02:51:17 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012/05/12 02:51:17 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012/05/12 02:51:17 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012/05/12 02:51:17 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012/05/12 02:51:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012/05/12 02:51:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012/05/12 02:51:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012/05/12 02:51:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012/05/12 02:51:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012/05/12 02:51:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012/05/12 02:51:17 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012/05/12 02:51:17 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012/05/12 02:51:17 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012/05/12 02:51:17 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012/05/12 02:51:17 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012/05/12 02:51:17 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012/05/12 02:51:17 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012/05/12 02:51:17 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012/05/12 02:51:17 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012/05/12 02:51:17 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012/05/12 02:51:17 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012/05/12 02:51:17 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012/05/12 02:51:17 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012/05/12 02:51:17 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012/05/12 02:51:17 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012/05/12 02:51:17 | 000,430,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012/05/12 02:51:17 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012/05/12 02:51:17 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012/05/12 02:51:17 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012/05/12 02:51:17 | 000,386,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012/05/12 02:51:17 | 000,331,264 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012/05/12 02:51:17 | 000,321,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012/05/12 02:51:17 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012/05/12 02:51:17 | 000,276,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2012/05/12 02:51:17 | 000,250,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012/05/12 02:51:17 | 000,237,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012/05/12 02:51:17 | 000,236,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2012/05/12 02:51:17 | 000,213,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012/05/12 02:51:17 | 000,193,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012/05/12 02:51:17 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2012/05/12 02:51:17 | 000,177,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012/05/12 02:51:17 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012/05/12 02:51:17 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012/05/12 02:51:17 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012/05/12 02:51:17 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2653.dll
[2012/05/12 02:51:17 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012/05/12 02:51:17 | 000,052,736 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/05/12 02:51:17 | 000,051,200 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/05/12 02:51:17 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012/05/12 02:51:17 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012/05/12 02:51:17 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012/05/12 02:51:16 | 028,979,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2012/05/12 02:51:16 | 023,463,424 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2012/05/12 02:51:16 | 009,605,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012/05/12 02:51:16 | 007,794,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012/05/12 02:51:16 | 003,747,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2012/05/12 02:51:16 | 002,866,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2012/05/12 02:51:15 | 005,886,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012/05/12 02:51:15 | 000,398,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012/05/12 02:51:15 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2012/05/12 02:51:15 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012/05/12 02:51:15 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012/05/12 02:50:35 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/05/12 02:50:35 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/05/12 02:50:35 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/05/12 02:50:35 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/05/12 02:50:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/05/12 02:50:35 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/05/12 02:50:35 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/05/12 02:50:35 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/05/12 02:50:35 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/05/12 02:50:35 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/05/12 02:50:35 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/05/12 02:50:35 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/05/12 02:50:35 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/05/12 02:50:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/05/12 02:50:35 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/05/12 02:50:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/05/12 02:50:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/05/12 02:50:35 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/05/12 02:50:35 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/05/12 02:50:35 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/05/12 02:50:35 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/05/12 02:50:35 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/05/12 02:50:35 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/05/12 02:50:35 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/05/12 02:50:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/05/12 02:50:35 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/05/12 02:50:35 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/05/12 02:50:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/05/12 02:50:35 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/05/12 02:50:35 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/05/12 02:50:35 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/05/12 02:50:35 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/05/12 02:50:35 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/05/12 02:50:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/05/12 02:50:35 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/05/12 02:50:35 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/05/12 02:50:35 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/05/12 02:50:35 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/05/12 02:50:35 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/05/12 02:50:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/05/12 02:50:35 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/05/12 02:50:35 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/05/12 02:50:35 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/05/12 02:50:35 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/05/12 02:50:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/05/12 02:50:35 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/05/12 02:50:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/05/12 02:50:35 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/05/12 02:50:35 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/05/12 02:50:35 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/05/12 02:50:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/05/12 02:50:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/05/12 02:50:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/05/12 02:50:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/05/12 02:50:35 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/05/12 02:50:35 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/05/12 02:50:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/05/12 02:50:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/05/12 02:50:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/05/12 02:49:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2012/05/12 01:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2012/05/12 01:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mcafee
[2012/05/12 01:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/05/12 01:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/05/12 01:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/05/12 01:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/05/12 01:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Integrated Webcam
[2012/05/12 01:21:32 | 000,224,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtAudDrv.sys
[2012/05/12 01:21:32 | 000,176,096 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtClsFlt.sys
[2012/05/12 01:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Integrated Webcam
[2012/05/12 01:21:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative Live! Cam
[2012/05/12 01:21:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/05/12 01:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/05/12 01:20:51 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/05/12 01:20:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documentation
[2012/05/12 01:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/05/12 01:19:05 | 000,000,000 | ---D | C] -- C:\Temp
[2012/05/12 01:19:02 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys
[2012/05/12 01:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienRespawn
[2012/05/12 01:18:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AlienRespawn
[2012/05/12 01:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
[2012/05/12 01:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2012/05/12 01:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/05/12 01:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
[2012/05/12 01:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Alienware
[2012/05/12 01:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\XP32
[2012/05/12 01:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Win764
[2012/05/12 01:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Win732
[2012/05/12 01:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista64
[2012/05/12 01:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista32
[2012/05/12 01:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alienware On-Screen Display
[2012/05/12 01:16:07 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/05/12 01:15:53 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012/05/12 01:15:53 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012/05/12 01:15:53 | 000,123,480 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012/05/12 01:15:53 | 000,109,144 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012/05/12 01:15:53 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\Updreg.EXE
[2012/05/12 01:15:52 | 002,906,586 | ---- | C] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2012/05/12 01:15:52 | 001,944,064 | ---- | C] (Creative) -- C:\Windows\SysNative\Sens_oal.dll
[2012/05/12 01:15:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2012/05/12 01:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012/05/12 01:15:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/05/12 01:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012/05/12 01:15:35 | 001,052,760 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\CtHda.sys
[2012/05/12 01:15:35 | 000,889,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CtHRFX64.dll
[2012/05/12 01:15:35 | 000,574,464 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CtHdaC64.dll
[2012/05/12 01:15:35 | 000,470,016 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CtHdaCtl.dll
[2012/05/12 01:15:35 | 000,235,520 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\CtDco64.dll
[2012/05/12 01:15:35 | 000,134,144 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CtHdaS64.exe
[2012/05/12 01:15:35 | 000,122,880 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CtHdaSvc.exe
[2012/05/12 01:15:35 | 000,048,400 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\AddCat.exe
[2012/05/12 01:15:35 | 000,025,088 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\MEptDef.exe
[2012/05/12 01:15:35 | 000,010,240 | R--- | C] (Creative Technology Ltd.) -- C:\Windows\InstHlp.exe
[2012/05/12 01:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2012/05/12 01:14:47 | 000,022,128 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdcfltn.sys
[2012/05/12 01:14:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/05/12 01:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/05/12 01:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics
[2012/05/12 01:14:45 | 000,067,184 | ---- | C] (STMicroelectronics) -- C:\Windows\SysNative\drivers\ST_ACCEL.sys
[2012/05/12 01:14:45 | 000,065,136 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\stdcfltnco02.dll
[2012/05/12 01:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ST Microelectronics
[2012/05/12 01:14:00 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012/05/12 01:14:00 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012/05/12 01:14:00 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2012/05/12 01:14:00 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012/05/12 01:13:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/05/12 01:13:56 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/05/12 01:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/05/12 01:13:30 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles
[2012/05/12 01:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012/05/12 01:12:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/05/12 01:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/05/12 01:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/05/12 01:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/05/12 01:04:07 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/12 01:04:07 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/12 01:04:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/05/12 01:04:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/05/12 01:03:23 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/05/12 01:03:23 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/05/12 01:03:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/05/12 01:01:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012/05/12 01:01:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012/04/18 20:56:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2012/04/18 20:56:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2012/04/08 13:11:06 | 000,000,000 | -H-D | C] -- C:\Users\Sather\AppData\Local\hyBkqHK4k2QOHuk
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/02/28 02:10:26 | 000,947,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjava.dll
[2012/02/26 04:28:48 | 004,246,016 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\wlihvui.dll
[2012/02/26 04:26:24 | 002,462,720 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\iwmssvc.dll
[2012/02/20 12:36:58 | 011,471,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Netwsw00.sys
[2012/02/20 12:36:58 | 003,381,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Netwrw00.dll
[2012/02/20 12:36:58 | 000,885,520 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Netwcw00.dll
[2012/02/15 11:01:50 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012/02/15 11:01:50 | 000,052,736 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012/02/14 12:38:56 | 000,060,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys
[2012/02/09 11:19:08 | 000,021,320 | ---- | C] (Alienware Corp.) -- C:\Windows\SysWow64\LightFXConfigurator32.dll
[2012/02/09 11:19:02 | 000,023,368 | ---- | C] (Alienware Corp.) -- C:\Windows\SysNative\LightFXConfigurator64.dll
[2012/02/09 11:18:56 | 000,023,368 | ---- | C] (Alienware) -- C:\Windows\SysNative\LightFX.dll
[2012/02/09 11:08:32 | 000,015,688 | ---- | C] (Alienware) -- C:\Windows\SysWow64\alienfusionapi.dll
[2012/01/09 12:32:40 | 000,195,584 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AmpPal.sys
[2012/01/07 09:22:08 | 000,460,800 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax
[2012/01/07 09:22:04 | 000,448,000 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax
[2012/01/07 09:22:04 | 000,212,992 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax
[2012/01/07 09:20:24 | 000,142,336 | ---- | C] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
[2012/01/03 19:48:42 | 000,354,176 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2011/12/20 17:38:36 | 000,034,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\intelaud.sys
[2011/12/20 17:38:36 | 000,025,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iwdbus.sys
[2011/12/08 13:43:56 | 000,047,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\opphelper.dll
[2011/12/08 09:56:24 | 000,354,816 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\mbtleapi.dll
[2011/12/08 09:56:22 | 000,274,432 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mbtleapi.dll
[2011/12/03 01:41:18 | 000,201,728 | ---- | C] (Evaer Technology) -- C:\Windows\SysWow64\mp4decoder.dll
[2011/11/30 11:19:48 | 000,747,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\btmhsf.sys
[2011/11/30 11:19:46 | 000,094,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\btmaux.sys
[2011/10/22 06:05:10 | 000,071,680 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2011/10/22 06:05:08 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2011/10/20 18:26:22 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2011/09/28 17:45:42 | 015,453,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xlive.dll
[2011/09/28 17:45:42 | 013,642,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xlivefnt.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 360 Days ==========

[2012/09/05 21:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/05 21:49:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/09/05 20:39:54 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/05 20:39:54 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/05 20:37:20 | 000,778,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/05 20:37:20 | 000,661,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/05 20:37:20 | 000,121,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/05 20:33:19 | 000,000,020 | ---- | M] () -- C:\Windows\SysNative\drivers\SMR310.dat
[2012/09/05 20:33:18 | 000,095,392 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR310.SYS
[2012/09/05 20:32:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/05 20:32:39 | 4218,138,622 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/05 20:26:44 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2012/09/05 20:17:13 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/09/05 18:37:32 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/05 18:37:32 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/05 17:54:23 | 017,893,619 | ---- | M] () -- C:\Users\Sather\Desktop\unfinished apb.wmv
[2012/09/05 17:49:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/05 17:28:48 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/09/03 22:45:31 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\VT20120731.038
[2012/09/03 21:06:25 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/01 18:18:54 | 001,548,348 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Cat.DB
[2012/09/01 18:18:50 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/09/01 18:18:50 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/09/01 18:18:50 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/09/01 18:18:49 | 000,002,475 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/08/30 23:32:23 | 000,000,820 | ---- | M] () -- C:\Users\Sather\Desktop\LEGO® Batman™ 2 DC Super Heroes.lnk
[2012/08/29 04:49:53 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sather.job
[2012/08/29 01:06:43 | 000,001,345 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/08/28 22:08:57 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/28 22:08:57 | 000,001,619 | ---- | M] () -- C:\Users\Sather\Desktop\DivX Movies.lnk
[2012/08/28 22:08:41 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/28 21:36:18 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2012/08/28 21:36:16 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2012/08/28 13:01:54 | 886,275,156 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/27 20:53:28 | 000,001,923 | ---- | M] () -- C:\Users\Sather\Desktop\MidiEditor.lnk
[2012/08/27 20:49:02 | 000,041,502 | ---- | M] () -- C:\Users\Sather\Desktop\coldplay-paradise.mid
[2012/08/27 03:43:34 | 000,071,961 | ---- | M] () -- C:\Users\Sather\Desktop\nevergon_rickashley.mid
[2012/08/26 19:52:47 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2012/08/25 21:12:42 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/25 20:55:49 | 000,892,991 | ---- | M] () -- C:\Users\Sather\Desktop\614851_514975008528823_906330673_o.jpg
[2012/08/25 20:20:58 | 017,548,635 | ---- | M] () -- C:\Users\Sather\Desktop\transition.psd
[2012/08/25 19:48:21 | 022,949,940 | ---- | M] () -- C:\Users\Sather\Desktop\car.psd
[2012/08/25 19:14:01 | 000,268,459 | ---- | M] () -- C:\Users\Sather\Desktop\car.jpg
[2012/08/25 19:06:57 | 000,001,290 | ---- | M] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2012/08/23 20:40:51 | 000,000,223 | ---- | M] () -- C:\Users\Sather\Desktop\APB Reloaded.url
[2012/08/23 03:25:30 | 000,002,337 | ---- | M] () -- C:\Users\Sather\Desktop\Xpadder.ini
[2012/08/22 10:22:55 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\Sleeping Dogs.lnk
[2012/08/20 15:37:26 | 000,001,846 | ---- | M] () -- C:\Users\Sather\Desktop\Bullet Run.lnk
[2012/08/19 21:13:55 | 000,000,132 | ---- | M] () -- C:\Users\Sather\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/08/19 19:09:00 | 000,362,414 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 4.wav
[2012/08/19 19:09:00 | 000,001,472 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 4.sfk
[2012/08/19 19:04:45 | 000,266,954 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 3.wav
[2012/08/19 19:04:45 | 000,001,096 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 3.sfk
[2012/08/19 19:04:28 | 000,430,886 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 2.wav
[2012/08/19 19:04:28 | 000,001,736 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 2.sfk
[2012/08/19 19:04:16 | 000,595,294 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 1.wav
[2012/08/19 19:04:16 | 000,002,384 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 1.sfk
[2012/08/19 18:58:37 | 000,975,630 | ---- | M] () -- C:\Users\Sather\Documents\Track 4 - 1.wav
[2012/08/19 18:58:37 | 000,003,864 | ---- | M] () -- C:\Users\Sather\Documents\Track 4 - 1.sfk
[2012/08/19 18:52:02 | 000,954,974 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 9.wav
[2012/08/19 18:52:02 | 000,003,784 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 9.sfk
[2012/08/19 18:51:38 | 001,041,258 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 8.wav
[2012/08/19 18:51:38 | 000,004,120 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 8.sfk
[2012/08/19 18:51:11 | 001,010,670 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 7.wav
[2012/08/19 18:51:11 | 000,004,000 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 7.sfk
[2012/08/19 18:50:30 | 000,914,358 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 6.wav
[2012/08/19 18:50:30 | 000,003,624 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 6.sfk
[2012/08/17 00:33:30 | 693,980,008 | ---- | M] () -- C:\Users\Sather\Desktop\Final Output 720p HD.avi
[2012/08/16 11:16:58 | 005,098,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/15 21:58:55 | 000,002,055 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders II.lnk
[2012/08/15 20:48:54 | 005,860,570 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 5.wav
[2012/08/15 20:48:54 | 000,022,952 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 5.sfk
[2012/08/15 20:47:38 | 004,095,342 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 4.wav
[2012/08/15 20:47:38 | 000,016,056 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 4.sfk
[2012/08/15 20:46:53 | 005,477,318 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 3.wav
[2012/08/15 20:46:53 | 000,021,448 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 3.sfk
[2012/08/15 20:45:55 | 002,555,502 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 2.wav
[2012/08/15 20:45:55 | 000,010,040 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 2.sfk
[2012/08/15 20:45:28 | 002,167,170 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 1.wav
[2012/08/15 20:45:28 | 000,008,520 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 1.sfk
[2012/08/15 00:57:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/15 00:57:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/13 02:44:47 | 000,121,304 | ---- | M] () -- C:\Users\Sather\Documents\apb.veg
[2012/08/13 02:33:41 | 000,120,344 | ---- | M] () -- C:\Users\Sather\Documents\apb.veg.bak
[2012/08/10 00:49:06 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\isolate.ini
[2012/08/09 14:53:57 | 000,015,872 | ---- | M] () -- C:\Users\Sather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/09 00:48:31 | 000,022,760 | ---- | M] () -- C:\Users\Sather\Documents\JAMES.veg
[2012/08/09 00:37:32 | 000,023,008 | ---- | M] () -- C:\Users\Sather\Documents\JAMES.veg.bak
[2012/08/09 00:14:48 | 166,418,606 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 2.wav
[2012/08/09 00:14:48 | 000,650,128 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 2.sfk
[2012/08/08 23:57:20 | 000,348,434 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 1.wav
[2012/08/08 23:57:20 | 000,001,416 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 1.sfk
[2012/08/08 23:36:44 | 000,016,008 | ---- | M] () -- C:\Users\Sather\Documents\slender.veg
[2012/08/04 19:14:49 | 000,775,304 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/04 15:30:07 | 000,001,031 | ---- | M] () -- C:\Users\Sather\Desktop\DS Games.lnk
[2012/08/04 15:29:48 | 000,000,943 | ---- | M] () -- C:\Users\Sather\Desktop\Sumotori Dreams.lnk
[2012/08/04 15:23:06 | 000,002,112 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Game Profiler.lnk
[2012/08/04 14:30:17 | 000,061,832 | ---- | M] () -- C:\Users\Sather\Documents\LOLLIPOP.veg
[2012/08/01 21:23:56 | 000,001,039 | ---- | M] () -- C:\Users\Sather\Desktop\CINEMA 4D 64 Bit.lnk
[2012/08/01 19:25:35 | 000,069,464 | ---- | M] () -- C:\Users\Sather\Documents\Untitled.veg.bak
[2012/07/31 20:39:35 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/07/31 18:20:21 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2012/07/28 18:52:35 | 000,001,013 | ---- | M] () -- C:\Users\Sather\Desktop\Terraria.lnk
[2012/07/27 11:00:00 | 000,000,513 | ---- | M] () -- C:\Users\Sather\AppData\Roaming\com.plutinosoft.idemo.plist
[2012/07/26 20:32:59 | 000,001,021 | ---- | M] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/07/26 20:32:59 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/07/26 15:45:27 | 000,001,421 | ---- | M] () -- C:\Users\Sather\Desktop\Wondershare Video Converter Ultimate.lnk
[2012/07/16 11:56:45 | 000,001,268 | ---- | M] () -- C:\Users\Sather\Desktop\Slender.lnk
[2012/07/16 10:59:25 | 000,002,237 | ---- | M] () -- C:\Users\Public\Desktop\Garrys Mod.lnk
[2012/07/16 10:59:25 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\Source Dedicated Server.lnk
[2012/07/14 15:14:44 | 000,000,179 | ---- | M] () -- C:\WirelessDiagLog.csv
[2012/07/08 19:24:58 | 000,000,972 | ---- | M] () -- C:\Users\Sather\Desktop\The House of the Dead.lnk
[2012/07/08 16:51:00 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/07/06 14:21:40 | 000,000,000 | -H-- | M] () -- C:\Users\Sather\Documents\Default.rdp
[2012/07/06 13:34:50 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/07/06 00:06:49 | 003,130,440 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/07/05 23:05:19 | 000,000,223 | ---- | M] () -- C:\Users\Sather\Desktop\Blacklight Retribution.url
[2012/07/05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/07/05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/07/05 21:17:58 | 000,037,536 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys
[2012/07/05 21:17:57 | 000,737,952 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys
[2012/07/05 21:17:57 | 000,007,406 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.cat
[2012/07/05 21:17:57 | 000,007,402 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.cat
[2012/07/05 21:17:57 | 000,001,437 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.inf
[2012/07/05 21:17:57 | 000,001,419 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.inf
[2012/07/05 20:45:33 | 000,000,249 | ---- | M] () -- C:\user.js
[2012/07/04 17:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/07/04 17:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/07/04 16:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/07/02 17:59:55 | 000,000,000 | ---- | M] () -- C:\Users\Sather\wusa.exe
[2012/06/28 22:56:34 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/28 22:48:07 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/28 22:47:35 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/28 22:44:51 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/28 22:43:49 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/28 22:40:11 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/28 22:35:21 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/28 19:08:59 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/28 19:07:44 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/28 19:04:43 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/28 19:04:02 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/28 19:01:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/28 18:57:46 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/27 23:03:04 | 000,001,013 | ---- | M] () -- C:\Users\Sather\Desktop\Audacity.lnk
[2012/06/27 01:43:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/06/27 01:43:11 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/06/26 14:41:53 | 000,001,456 | ---- | M] () -- C:\Users\Sather\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/26 14:20:32 | 000,000,132 | ---- | M] () -- C:\Users\Sather\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/25 21:44:13 | 000,002,017 | ---- | M] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Pro Tools SE.lnk
[2012/06/25 21:44:13 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Pro Tools SE.lnk
[2012/06/25 02:33:37 | 000,000,057 | ---- | M] () -- C:\Windows\hegames.ini
[2012/06/22 03:30:42 | 000,171,796 | ---- | M] () -- C:\Users\Sather\Documents\DONT DELETE TOOK A LOT OF EFFING EFFORT.png
[2012/06/20 21:04:54 | 000,255,995 | ---- | M] () -- C:\Users\Sather\Documents\Video call snapshot 184.png
[2012/06/20 20:10:55 | 000,002,660 | ---- | M] () -- C:\Users\Public\Desktop\Live! Cam Avatar Creator.lnk
[2012/06/20 20:10:47 | 000,000,075 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2012/06/13 21:06:03 | 000,007,438 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.cat
[2012/06/12 02:11:30 | 000,007,446 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccsetx64.cat
[2012/06/11 09:57:02 | 000,000,979 | ---- | M] () -- C:\Users\Sather\Desktop\Amnesia.lnk
[2012/06/11 09:56:01 | 000,001,528 | ---- | M] () -- C:\Users\Sather\Desktop\Saints Row the Third.lnk
[2012/06/11 09:55:36 | 000,001,590 | ---- | M] () -- C:\Users\Sather\Desktop\BatmanAC.lnk
[2012/06/10 22:37:19 | 000,001,164 | ---- | M] () -- C:\Users\Sather\Desktop\NBA 2K12.lnk
[2012/06/10 22:35:02 | 000,001,256 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2012/06/09 22:40:16 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/09 21:43:46 | 000,002,006 | ---- | M] () -- C:\Users\Sather\Desktop\Mixcraft 6.lnk
[2012/06/09 20:14:19 | 000,000,437 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012/06/09 16:21:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012/06/08 17:19:24 | 000,840,264 | ---- | M] () -- C:\Windows\SysWow64\pbsvc (1).exe
[2012/06/07 15:36:38 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/06/06 23:43:38 | 000,167,072 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys
[2012/06/06 21:37:34 | 000,000,853 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.inf
[2012/06/06 14:51:01 | 000,173,700 | ---- | M] () -- C:\Users\Sather\Documents\COUPON.psd
[2012/06/06 08:49:52 | 001,070,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012/06/06 01:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/06/06 00:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/06/02 21:01:29 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Game Capture.lnk
[2012/06/02 17:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/02 17:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 17:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 17:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/02 17:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 17:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/02 00:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/05/29 01:14:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/05/28 19:46:45 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/24 16:27:26 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 10.0 (64-bit).lnk
[2012/05/22 20:30:12 | 000,000,222 | ---- | M] () -- C:\Users\Sather\Desktop\Dead Island.url
[2012/05/22 20:23:28 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/05/22 19:43:13 | 001,165,824 | ---- | M] () -- C:\Users\Sather\Desktop\Xpadder.exe
[2012/05/22 19:37:19 | 000,000,949 | ---- | M] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2012/05/22 19:37:19 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2012/05/22 07:03:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/21 20:37:12 | 001,129,120 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys
[2012/05/21 20:37:12 | 000,003,435 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA.inf
[2012/05/19 12:02:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf
[2012/05/18 19:19:31 | 000,079,227 | ---- | M] () -- C:\Users\Sather\Desktop\OMG DO THIS.jpg
[2012/05/18 08:50:40 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/05/16 20:58:12 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012/05/16 18:39:48 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012/05/16 17:17:34 | 000,000,088 | ---- | M] () -- C:\Users\Sather\Desktop\minecraft.bat
[2012/05/16 17:16:33 | 000,268,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/05/16 17:16:33 | 000,189,384 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/05/16 17:16:33 | 000,188,872 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/05/16 17:16:32 | 000,955,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/05/16 17:16:32 | 000,839,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/05/16 17:15:37 | 000,278,561 | ---- | M] () -- C:\Users\Sather\Desktop\Minecraft.exe
[2012/05/16 17:06:12 | 000,000,564 | ---- | M] () -- C:\Users\Sather\Desktop\Fraps.lnk
[2012/05/16 17:05:45 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/16 17:05:24 | 000,001,176 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012/05/16 17:04:35 | 000,000,973 | ---- | M] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/05/16 17:04:35 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/05/16 16:37:46 | 000,001,443 | ---- | M] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/16 16:31:18 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/05/16 16:14:42 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/05/16 16:14:42 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/05/14 20:21:59 | 000,008,942 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymVTcer.dat
[2012/05/14 00:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/05/12 02:59:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/05/12 02:57:10 | 000,027,380 | RH-- | M] () -- C:\mfg.sdr
[2012/05/12 02:55:55 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/05/12 02:55:55 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/05/12 02:55:54 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/05/12 02:55:54 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/05/12 02:55:54 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/05/12 02:55:54 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/05/12 02:55:54 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/05/12 02:55:54 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/05/12 02:55:54 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/05/12 02:55:54 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/05/12 02:55:54 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/05/12 02:55:54 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/05/12 02:55:54 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/05/12 02:55:54 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/05/12 02:55:54 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/05/12 02:55:53 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/05/12 02:55:53 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/05/12 02:55:53 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/05/12 02:55:52 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/05/12 02:55:52 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/05/12 02:55:52 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/05/12 02:55:52 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/05/12 02:55:52 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/05/12 02:55:52 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/05/12 02:55:52 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/05/12 02:55:52 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/05/12 02:55:52 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/05/12 02:55:52 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/05/12 02:55:52 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/05/12 02:55:52 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/05/12 02:55:52 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/05/12 02:55:52 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/05/12 02:55:52 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/05/12 02:55:52 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/05/12 02:55:52 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/05/12 02:55:52 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/05/12 02:55:52 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/05/12 02:55:52 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/05/12 02:55:51 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/05/12 02:55:51 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/05/12 02:55:51 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/05/12 02:55:51 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/05/12 02:55:51 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/05/12 02:55:51 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/05/12 02:55:51 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/05/12 02:55:51 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/05/12 02:55:51 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/05/12 02:55:51 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/05/12 02:55:51 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/05/12 02:55:51 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/05/12 02:55:51 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/05/12 02:55:51 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/05/12 02:55:51 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/05/12 02:55:51 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/05/12 02:55:51 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/05/12 02:55:51 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/05/12 02:55:51 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/05/12 02:55:51 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/05/12 02:55:51 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/05/12 02:55:51 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/05/12 02:55:51 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/05/12 02:55:51 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/05/12 02:55:51 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/05/12 02:55:51 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/05/12 02:55:51 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/05/12 02:55:51 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/05/12 02:55:51 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/05/12 02:55:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/05/12 02:55:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/05/12 02:55:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/05/12 02:55:50 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/05/12 02:55:50 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/05/12 02:55:50 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/05/12 02:55:50 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/05/12 02:55:50 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/05/12 02:55:50 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/05/12 02:55:50 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/05/12 02:55:50 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/05/12 02:55:50 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/05/12 02:55:50 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/05/12 02:55:50 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/05/12 02:55:50 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/05/12 02:55:50 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/05/12 02:55:50 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/05/12 02:55:50 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/05/12 02:55:50 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/05/12 02:55:50 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/05/12 02:55:50 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/05/12 02:55:50 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/05/12 02:55:50 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/05/12 02:55:50 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/05/12 02:55:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/05/12 02:55:50 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/05/12 02:55:50 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/05/12 02:55:50 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/05/12 02:55:50 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/05/12 02:55:50 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/05/12 02:55:49 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/05/12 02:55:49 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/05/12 02:55:49 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/05/12 02:55:49 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/05/12 02:55:49 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/05/12 02:55:49 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/05/12 02:55:49 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/05/12 02:55:49 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/05/12 02:55:49 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/05/12 02:55:49 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/05/12 02:55:49 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/05/12 02:55:49 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/05/12 02:55:49 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/05/12 02:55:49 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/05/12 02:55:49 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/05/12 02:55:49 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/05/12 02:55:49 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/05/12 02:55:49 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/05/12 02:55:49 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/05/12 02:55:49 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/05/12 02:55:48 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/05/12 02:55:48 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/05/12 02:55:48 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/05/12 02:55:48 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/05/12 02:55:48 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/05/12 02:55:48 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/05/12 02:55:48 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/05/12 02:51:01 | 000,003,588 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_ALI_M14XR2.mrk
[2012/05/12 02:51:01 | 000,003,588 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_ALI_M14XR2.mrk
[2012/05/12 02:50:35 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/05/12 02:50:35 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/05/12 02:50:35 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/05/12 02:50:35 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/05/12 02:50:35 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/05/12 02:50:35 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/05/12 02:50:35 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/05/12 02:50:35 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/05/12 02:50:35 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/05/12 02:50:35 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/05/12 02:50:35 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/05/12 02:50:35 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/05/12 02:50:35 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/05/12 02:50:35 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/05/12 02:50:35 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/05/12 02:50:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/05/12 02:50:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/05/12 02:50:35 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/05/12 02:50:35 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/05/12 02:50:35 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/05/12 02:50:35 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/05/12 02:50:35 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/05/12 02:50:35 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/05/12 02:50:35 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/05/12 02:50:35 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/05/12 02:50:35 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/05/12 02:50:35 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/05/12 02:50:35 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/05/12 02:50:35 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/05/12 02:50:35 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/05/12 02:50:35 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/05/12 02:50:35 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/05/12 02:50:35 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/05/12 02:50:35 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/05/12 02:50:35 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/05/12 02:50:35 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/05/12 02:50:35 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/05/12 02:50:35 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/05/12 02:50:35 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/05/12 02:50:35 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/05/12 02:50:35 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/05/12 02:50:35 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/05/12 02:50:35 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/05/12 02:50:35 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/05/12 02:50:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/05/12 02:50:35 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/05/12 02:50:35 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/05/12 02:50:35 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/05/12 02:50:35 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/05/12 02:50:35 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/05/12 02:50:35 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/05/12 02:50:35 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/05/12 02:50:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/05/12 02:50:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/05/12 02:50:35 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/05/12 02:50:35 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/05/12 02:50:35 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/05/12 02:50:35 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/05/12 02:50:35 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/05/12 02:50:35 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/05/12 02:50:35 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/05/12 01:18:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf
[2012/05/12 01:18:33 | 000,002,042 | ---- | M] () -- C:\Users\Public\Desktop\Intel® WiDi.lnk
[2012/05/12 01:17:32 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2012/05/12 01:16:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012/05/12 01:16:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012/05/12 01:16:00 | 000,000,523 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012/05/12 01:15:53 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012/05/12 01:15:53 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012/05/12 01:15:53 | 000,123,480 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012/05/12 01:15:53 | 000,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012/05/12 01:14:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ST_ACCEL_01009.Wdf
[2012/05/12 01:14:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/05/12 01:13:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2012/05/05 03:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/05/04 06:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/04 05:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/04 05:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/26 00:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/26 00:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/26 00:34:27 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/04/24 00:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/04/24 00:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/04/18 20:56:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2012/04/18 20:56:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2012/04/17 21:13:32 | 000,405,624 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys
[2012/04/17 21:13:31 | 000,007,458 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnet64.cat
[2012/04/17 21:13:31 | 000,001,441 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymNet.inf
[2012/04/17 21:13:22 | 000,451,192 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys
[2012/04/17 21:13:22 | 000,007,496 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.cat
[2012/04/17 21:13:22 | 000,002,852 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS.inf
[2012/04/17 20:42:14 | 000,190,072 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys
[2012/04/17 20:42:14 | 000,007,450 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\iron.cat
[2012/04/17 20:42:14 | 000,000,772 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Iron.inf
[2012/04/07 07:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/03/27 21:58:10 | 001,052,760 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\CtHda.sys
[2012/03/27 21:54:18 | 000,019,605 | ---- | M] () -- C:\Windows\SysNative\CtHda.ini
[2012/03/27 21:54:08 | 000,134,144 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysNative\CtHdaS64.exe
[2012/03/27 21:53:54 | 000,574,464 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysNative\CtHdaC64.dll
[2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWow64\CtHdaSvc.exe
[2012/03/27 21:52:24 | 000,470,016 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWow64\CtHdaCtl.dll
[2012/03/15 23:12:20 | 000,426,768 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2012/03/15 23:12:16 | 000,068,880 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/03/15 23:12:14 | 000,113,936 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2012/03/15 23:12:08 | 000,229,648 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2012/03/15 23:12:08 | 000,150,800 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo9.dll
[2012/03/15 23:12:04 | 000,396,560 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2012/03/15 23:12:04 | 000,282,896 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2012/03/15 23:12:04 | 000,228,624 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2012/03/15 23:12:02 | 000,727,312 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/06 10:19:00 | 003,953,632 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012/03/04 18:31:18 | 001,466,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvir3dgenco6420140.dll
[2012/03/04 18:31:18 | 000,398,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2012/03/04 17:52:00 | 025,555,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/03/04 17:52:00 | 025,222,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/03/04 17:52:00 | 019,456,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/03/04 17:52:00 | 017,663,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/03/04 17:52:00 | 017,543,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/03/04 17:52:00 | 015,028,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/03/04 17:52:00 | 009,732,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/03/04 17:52:00 | 008,038,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/03/04 17:52:00 | 007,726,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/03/04 17:52:00 | 005,920,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/03/04 17:52:00 | 002,873,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/03/04 17:52:00 | 002,677,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/03/04 17:52:00 | 002,673,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/03/04 17:52:00 | 002,518,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/03/04 17:52:00 | 002,438,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/03/04 17:52:00 | 002,316,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/03/04 17:52:00 | 001,737,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/03/04 17:52:00 | 001,466,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/03/04 17:52:00 | 000,963,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/03/04 17:52:00 | 000,813,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/03/04 17:52:00 | 000,364,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/03/04 17:52:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/03/04 17:52:00 | 000,260,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/03/04 17:52:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvkflt.sys
[2012/03/04 17:52:00 | 000,215,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/03/04 17:52:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012/03/04 17:52:00 | 000,012,780 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012/03/04 17:04:05 | 003,090,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/03/04 17:03:20 | 006,083,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/03/04 17:02:26 | 002,944,183 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/03/04 17:02:11 | 002,561,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/03/04 17:02:11 | 000,850,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2012/03/04 17:02:10 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/03/04 17:02:09 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/03/04 17:02:09 | 000,055,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2012/03/04 14:51:56 | 000,417,600 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/03/03 01:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/03 00:41:06 | 000,025,088 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\MEptDef.exe
[2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 01:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 01:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/02/29 14:34:06 | 000,010,240 | R--- | M] (Creative Technology Ltd.) -- C:\Windows\InstHlp.exe
[2012/02/28 02:10:26 | 000,947,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msjava.dll
[2012/02/26 04:28:48 | 004,246,016 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\wlihvui.dll
[2012/02/26 04:26:24 | 002,462,720 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\iwmssvc.dll
[2012/02/20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\Netwsw00.sys
[2012/02/20 12:36:58 | 003,381,008 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\Netwrw00.dll
[2012/02/20 12:36:58 | 000,885,520 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\Netwcw00.dll
[2012/02/17 19:07:22 | 000,276,248 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2012/02/17 19:07:18 | 000,170,264 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012/02/17 19:07:16 | 000,511,768 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012/02/17 19:07:12 | 000,440,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012/02/17 19:07:10 | 000,250,136 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012/02/17 19:07:08 | 000,398,616 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012/02/17 19:07:06 | 005,886,232 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012/02/17 19:07:02 | 000,184,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2012/02/17 01:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 01:31:34 | 000,041,984 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2012/02/17 00:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/15 11:01:50 | 004,547,944 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012/02/14 16:35:14 | 000,018,520 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/02/14 13:53:24 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2653.dll
[2012/02/14 13:51:00 | 000,735,796 | ---- | M] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/02/14 13:51:00 | 000,735,796 | ---- | M] () -- C:\Windows\SysNative\igkrng700.bin
[2012/02/14 13:51:00 | 000,561,508 | ---- | M] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/02/14 13:51:00 | 000,561,508 | ---- | M] () -- C:\Windows\SysNative\igfcg700m.bin
[2012/02/14 13:47:38 | 008,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012/02/14 13:47:36 | 014,692,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012/02/14 13:47:04 | 000,079,360 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2012/02/14 13:44:52 | 006,120,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012/02/14 13:44:22 | 000,058,880 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2012/02/14 13:42:56 | 009,605,632 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012/02/14 13:35:24 | 007,794,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012/02/14 13:29:14 | 003,747,840 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2012/02/14 13:29:10 | 000,588,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2012/02/14 13:29:06 | 000,236,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2012/02/14 13:27:52 | 000,516,608 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2012/02/14 13:27:50 | 002,866,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2012/02/14 13:27:48 | 000,188,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2012/02/14 13:24:24 | 028,979,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2012/02/14 13:15:24 | 023,463,424 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2012/02/14 13:08:52 | 017,213,440 | ---- | M] () -- C:\Windows\SysNative\ig7icd64.dll
[2012/02/14 13:01:50 | 013,020,160 | ---- | M] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/02/14 12:58:06 | 000,144,338 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012/02/14 12:58:06 | 000,139,487 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012/02/14 12:58:04 | 000,221,099 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012/02/14 12:58:04 | 000,143,155 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012/02/14 12:58:04 | 000,124,962 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012/02/14 12:58:04 | 000,123,467 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012/02/14 12:58:02 | 000,191,775 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012/02/14 12:58:02 | 000,141,435 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012/02/14 12:58:02 | 000,140,122 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012/02/14 12:58:02 | 000,136,451 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012/02/14 12:58:00 | 000,142,664 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012/02/14 12:58:00 | 000,141,644 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012/02/14 12:58:00 | 000,140,923 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012/02/14 12:57:58 | 000,161,613 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012/02/14 12:57:58 | 000,146,675 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012/02/14 12:57:58 | 000,142,335 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012/02/14 12:57:58 | 000,136,369 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012/02/14 12:57:56 | 000,157,226 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012/02/14 12:57:56 | 000,148,033 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012/02/14 12:57:56 | 000,143,805 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012/02/14 12:57:56 | 000,142,189 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012/02/14 12:57:54 | 000,207,830 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012/02/14 12:57:54 | 000,145,687 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012/02/14 12:57:54 | 000,145,579 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012/02/14 12:57:54 | 000,140,549 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012/02/14 12:57:52 | 000,164,334 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012/02/14 12:57:52 | 000,140,885 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012/02/14 12:57:52 | 000,135,868 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012/02/14 12:57:50 | 000,439,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012/02/14 12:57:50 | 000,439,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012/02/14 12:57:50 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012/02/14 12:57:50 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012/02/14 12:57:50 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012/02/14 12:57:50 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012/02/14 12:57:50 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012/02/14 12:57:50 | 000,437,248 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012/02/14 12:57:48 | 000,439,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012/02/14 12:57:48 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012/02/14 12:57:48 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012/02/14 12:57:48 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012/02/14 12:57:48 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012/02/14 12:57:48 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012/02/14 12:57:48 | 000,432,128 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012/02/14 12:57:48 | 000,430,592 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012/02/14 12:57:46 | 000,440,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012/02/14 12:57:46 | 000,439,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012/02/14 12:57:46 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012/02/14 12:57:46 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012/02/14 12:57:46 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012/02/14 12:57:46 | 000,435,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012/02/14 12:57:44 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012/02/14 12:57:44 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012/02/14 12:57:44 | 000,437,248 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012/02/14 12:57:44 | 000,429,056 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012/02/14 12:57:44 | 000,428,544 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012/02/14 12:57:42 | 000,435,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012/02/14 12:57:42 | 000,131,317 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012/02/14 12:57:40 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012/02/14 12:57:20 | 000,386,048 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012/02/14 12:57:16 | 000,410,624 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012/02/14 12:57:12 | 000,028,672 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012/02/14 12:57:04 | 000,063,488 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012/02/14 12:56:40 | 000,110,592 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012/02/14 12:56:32 | 000,430,080 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012/02/14 12:56:32 | 000,172,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012/02/14 12:56:32 | 000,009,216 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012/02/14 12:56:04 | 000,286,208 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012/02/14 12:56:02 | 000,142,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012/02/14 12:56:00 | 009,007,616 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012/02/14 12:55:04 | 000,025,088 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012/02/14 12:54:34 | 000,321,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012/02/14 12:53:24 | 000,000,264 | ---- | M] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012/02/14 12:53:10 | 000,052,736 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/02/14 12:53:10 | 000,051,200 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/02/14 12:53:06 | 002,967,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2012/02/14 12:53:06 | 002,321,408 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2012/02/14 12:53:06 | 001,981,696 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/02/14 12:53:06 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012/02/14 12:53:06 | 000,519,680 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012/02/14 12:53:06 | 000,237,056 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012/02/14 12:53:06 | 000,213,504 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012/02/14 12:53:06 | 000,193,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012/02/14 12:53:06 | 000,177,152 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012/02/14 12:53:06 | 000,094,208 | ---- | M] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012/02/14 12:53:06 | 000,059,425 | ---- | M] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/02/14 12:53:06 | 000,059,398 | ---- | M] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/02/14 12:53:06 | 000,059,230 | ---- | M] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/02/14 12:53:06 | 000,059,104 | ---- | M] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012/02/14 12:53:06 | 000,058,796 | ---- | M] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012/02/14 12:53:06 | 000,058,109 | ---- | M] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012/02/14 12:53:06 | 000,001,074 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/02/14 12:38:56 | 000,060,928 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys
[2012/02/13 21:16:14 | 000,889,856 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\CtHRFX64.dll
[2012/02/13 21:15:08 | 000,011,180 | ---- | M] () -- C:\Windows\CtHRFX64.hda
[2012/02/11 01:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/02/11 01:36:01 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/02/11 00:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/02/09 11:19:08 | 000,021,320 | ---- | M] (Alienware Corp.) -- C:\Windows\SysWow64\LightFXConfigurator32.dll
[2012/02/09 11:19:02 | 000,023,368 | ---- | M] (Alienware Corp.) -- C:\Windows\SysNative\LightFXConfigurator64.dll
[2012/02/09 11:19:02 | 000,021,320 | ---- | M] () -- C:\Windows\SysWow64\LightFX.dll
[2012/02/09 11:18:56 | 000,023,368 | ---- | M] (Alienware) -- C:\Windows\SysNative\LightFX.dll
[2012/02/09 11:08:32 | 000,015,688 | ---- | M] (Alienware) -- C:\Windows\SysWow64\alienfusionapi.dll
[2012/02/02 17:50:43 | 000,005,265 | ---- | M] () -- C:\Windows\SysWow64\nppt9x.vxd
[2012/02/02 17:50:43 | 000,004,774 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2012/02/01 17:44:02 | 000,015,128 | ---- | M] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/02/01 17:43:56 | 000,060,184 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/01/31 14:38:02 | 009,888,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2012/01/31 14:38:02 | 000,340,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012/01/18 09:29:00 | 000,025,088 | ---- | M] () -- C:\Windows\FUNC_01&VEN_1102&DEV_0011&SUBSYS_10280552.reg
[2012/01/13 11:23:54 | 001,944,064 | ---- | M] (Creative) -- C:\Windows\SysNative\Sens_oal.dll
[2012/01/13 11:21:40 | 002,906,586 | ---- | M] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2012/01/10 20:39:16 | 000,001,536 | ---- | M] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AmpPal.sys
[2012/01/07 09:22:08 | 000,460,800 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax
[2012/01/07 09:22:04 | 000,448,000 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax
[2012/01/07 09:22:04 | 000,212,992 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax
[2012/01/07 09:22:00 | 000,172,032 | ---- | M] () -- C:\Windows\SysWow64\libbluray.dll
[2012/01/07 09:21:50 | 006,366,094 | ---- | M] () -- C:\Windows\SysWow64\avcodec-lav-53.dll
[2012/01/07 09:21:50 | 001,007,151 | ---- | M] () -- C:\Windows\SysWow64\avformat-lav-53.dll
[2012/01/07 09:21:50 | 000,354,979 | ---- | M] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/01/07 09:21:50 | 000,203,306 | ---- | M] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/01/07 09:21:50 | 000,138,727 | ---- | M] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2012/01/07 09:20:24 | 000,142,336 | ---- | M] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
[2012/01/03 19:48:42 | 000,354,176 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2012/01/03 16:06:52 | 000,065,136 | ---- | M] (ST Microelectronics) -- C:\Windows\SysNative\stdcfltnco02.dll
[2012/01/03 16:04:52 | 000,067,184 | ---- | M] (STMicroelectronics) -- C:\Windows\SysNative\drivers\ST_ACCEL.sys
[2011/12/28 23:14:04 | 000,568,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/12/20 17:38:36 | 000,034,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\intelaud.sys
[2011/12/20 17:38:36 | 000,025,496 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iwdbus.sys
[2011/12/19 01:31:00 | 000,160,256 | ---- | M] () -- C:\Windows\SysWow64\xvid.ax
[2011/12/19 01:29:40 | 000,644,608 | ---- | M] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/12/19 01:27:16 | 000,236,544 | ---- | M] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/12/08 13:43:56 | 000,047,616 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\opphelper.dll
[2011/12/08 09:56:24 | 000,354,816 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\mbtleapi.dll
[2011/12/08 09:56:22 | 000,274,432 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\mbtleapi.dll
[2011/12/07 19:42:28 | 000,328,712 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2011/12/06 06:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2011/12/06 06:22:48 | 000,014,848 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2011/12/03 01:41:18 | 000,201,728 | ---- | M] (Evaer Technology) -- C:\Windows\SysWow64\mp4decoder.dll
[2011/11/30 11:19:48 | 000,747,008 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\btmhsf.sys
[2011/11/30 11:19:46 | 000,094,720 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\btmaux.sys
[2011/10/24 13:02:52 | 000,004,850 | ---- | M] () -- C:\Windows\cthdaeng.reg
[2011/10/22 06:05:10 | 000,071,680 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2011/10/22 06:05:08 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2011/10/20 18:26:22 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2011/09/28 17:45:42 | 015,453,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xlive.dll
[2011/09/28 17:45:42 | 013,642,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xlivefnt.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/19 05:54:44 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2011/09/14 21:11:16 | 001,048,576 | ---- | M] () -- C:\Windows\SysNative\syndata.bin
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/05 20:33:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\SMR310.dat
[2012/09/05 17:53:34 | 017,893,619 | ---- | C] () -- C:\Users\Sather\Desktop\unfinished apb.wmv
[2012/09/03 22:45:37 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\VT20120731.038
[2012/09/01 18:18:50 | 001,548,348 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Cat.DB
[2012/09/01 18:18:50 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/09/01 18:18:50 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/09/01 18:18:49 | 000,002,475 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/09/01 18:18:45 | 000,003,435 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA.inf
[2012/09/01 18:18:45 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS.inf
[2012/09/01 18:18:45 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymNet.inf
[2012/09/01 18:18:45 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.inf
[2012/09/01 18:18:45 | 000,001,419 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.inf
[2012/09/01 18:18:45 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.inf
[2012/09/01 18:18:45 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Iron.inf
[2012/09/01 18:18:36 | 000,008,942 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymVTcer.dat
[2012/09/01 18:18:36 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.cat
[2012/09/01 18:18:36 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnet64.cat
[2012/09/01 18:18:36 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\iron.cat
[2012/09/01 18:18:36 | 000,007,446 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccsetx64.cat
[2012/09/01 18:18:36 | 000,007,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.cat
[2012/09/01 18:18:36 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.cat
[2012/09/01 18:18:36 | 000,007,402 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.cat
[2012/09/01 18:18:36 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\isolate.ini
[2012/08/30 23:32:23 | 000,000,820 | ---- | C] () -- C:\Users\Sather\Desktop\LEGO® Batman™ 2 DC Super Heroes.lnk
[2012/08/29 01:06:47 | 000,000,450 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Sather.job
[2012/08/29 01:06:43 | 000,001,345 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/08/29 01:06:40 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/08/28 22:08:57 | 000,001,619 | ---- | C] () -- C:\Users\Sather\Desktop\DivX Movies.lnk
[2012/08/28 22:08:41 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/28 22:08:13 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/28 21:32:56 | 000,000,088 | ---- | C] () -- C:\Users\Sather\Desktop\Download More Windows 7 Themes.html
[2012/08/28 21:32:55 | 019,384,858 | ---- | C] () -- C:\Users\Sather\Desktop\callofdutyblackops.themepack
[2012/08/27 20:53:28 | 000,001,923 | ---- | C] () -- C:\Users\Sather\Desktop\MidiEditor.lnk
[2012/08/27 20:49:06 | 000,041,502 | ---- | C] () -- C:\Users\Sather\Desktop\coldplay-paradise.mid
[2012/08/27 03:43:37 | 000,071,961 | ---- | C] () -- C:\Users\Sather\Desktop\nevergon_rickashley.mid
[2012/08/26 19:52:47 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2012/08/26 19:52:22 | 000,002,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2012/08/25 20:55:20 | 000,892,991 | ---- | C] () -- C:\Users\Sather\Desktop\614851_514975008528823_906330673_o.jpg
[2012/08/25 20:20:56 | 017,548,635 | ---- | C] () -- C:\Users\Sather\Desktop\transition.psd
[2012/08/25 19:48:18 | 022,949,940 | ---- | C] () -- C:\Users\Sather\Desktop\car.psd
[2012/08/25 19:14:08 | 000,268,459 | ---- | C] () -- C:\Users\Sather\Desktop\car.jpg
[2012/08/25 19:06:57 | 000,001,302 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VZAccess Manager.lnk
[2012/08/25 19:06:57 | 000,001,290 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2012/08/23 20:40:51 | 000,000,223 | ---- | C] () -- C:\Users\Sather\Desktop\APB Reloaded.url
[2012/08/22 10:22:55 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\Sleeping Dogs.lnk
[2012/08/20 12:57:46 | 000,001,854 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bullet Run.lnk
[2012/08/20 12:57:46 | 000,001,846 | ---- | C] () -- C:\Users\Sather\Desktop\Bullet Run.lnk
[2012/08/19 19:09:00 | 000,001,472 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 4.sfk
[2012/08/19 19:04:45 | 000,362,414 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 4.wav
[2012/08/19 19:04:45 | 000,001,096 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 3.sfk
[2012/08/19 19:04:28 | 000,266,954 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 3.wav
[2012/08/19 19:04:28 | 000,001,736 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 2.sfk
[2012/08/19 19:04:16 | 000,430,886 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 2.wav
[2012/08/19 19:04:16 | 000,002,384 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 1.sfk
[2012/08/19 19:04:06 | 000,595,294 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 1.wav
[2012/08/19 18:58:37 | 000,003,864 | ---- | C] () -- C:\Users\Sather\Documents\Track 4 - 1.sfk
[2012/08/19 18:58:15 | 000,975,630 | ---- | C] () -- C:\Users\Sather\Documents\Track 4 - 1.wav
[2012/08/19 18:52:02 | 000,003,784 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 9.sfk
[2012/08/19 18:51:38 | 000,954,974 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 9.wav
[2012/08/19 18:51:38 | 000,004,120 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 8.sfk
[2012/08/19 18:51:11 | 001,041,258 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 8.wav
[2012/08/19 18:51:11 | 000,004,000 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 7.sfk
[2012/08/19 18:50:30 | 001,010,670 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 7.wav
[2012/08/19 18:50:30 | 000,003,624 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 6.sfk
[2012/08/19 18:49:58 | 000,914,358 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 6.wav
[2012/08/17 00:26:04 | 693,980,008 | ---- | C] () -- C:\Users\Sather\Desktop\Final Output 720p HD.avi
[2012/08/15 21:58:55 | 000,002,055 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders II.lnk
[2012/08/15 20:48:54 | 000,022,952 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 5.sfk
[2012/08/15 20:47:38 | 005,860,570 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 5.wav
[2012/08/15 20:47:38 | 000,016,056 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 4.sfk
[2012/08/15 20:46:53 | 004,095,342 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 4.wav
[2012/08/15 20:46:53 | 000,021,448 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 3.sfk
[2012/08/15 20:45:55 | 005,477,318 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 3.wav
[2012/08/15 20:45:55 | 000,010,040 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 2.sfk
[2012/08/15 20:45:28 | 002,555,502 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 2.wav
[2012/08/15 20:45:28 | 000,008,520 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 1.sfk
[2012/08/15 20:44:43 | 002,167,170 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 1.wav
[2012/08/13 01:36:18 | 000,121,304 | ---- | C] () -- C:\Users\Sather\Documents\apb.veg
[2012/08/13 01:36:18 | 000,120,344 | ---- | C] () -- C:\Users\Sather\Documents\apb.veg.bak
[2012/08/09 00:37:32 | 000,023,008 | ---- | C] () -- C:\Users\Sather\Documents\JAMES.veg.bak
[2012/08/09 00:37:32 | 000,022,760 | ---- | C] () -- C:\Users\Sather\Documents\JAMES.veg
[2012/08/09 00:14:48 | 000,650,128 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 2.sfk
[2012/08/08 23:57:20 | 166,418,606 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 2.wav
[2012/08/08 23:57:20 | 000,001,416 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 1.sfk
[2012/08/08 23:57:13 | 000,348,434 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 1.wav
[2012/08/08 23:36:44 | 000,016,008 | ---- | C] () -- C:\Users\Sather\Documents\slender.veg
[2012/08/04 15:30:07 | 000,001,031 | ---- | C] () -- C:\Users\Sather\Desktop\DS Games.lnk
[2012/08/04 15:29:48 | 000,000,943 | ---- | C] () -- C:\Users\Sather\Desktop\Sumotori Dreams.lnk
[2012/08/04 15:23:06 | 000,002,112 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Game Profiler.lnk
[2012/08/04 15:23:04 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/08/04 15:23:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2012/08/04 15:23:04 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2012/08/04 01:20:49 | 000,061,832 | ---- | C] () -- C:\Users\Sather\Documents\LOLLIPOP.veg
[2012/08/01 19:25:35 | 000,069,464 | ---- | C] () -- C:\Users\Sather\Documents\Untitled.veg.bak
[2012/08/01 17:10:00 | 000,001,039 | ---- | C] () -- C:\Users\Sather\Desktop\CINEMA 4D 64 Bit.lnk
[2012/07/31 20:39:35 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/07/31 18:20:21 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2012/07/30 14:12:35 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/07/30 14:12:35 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/07/29 14:21:19 | 000,001,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
[2012/07/29 14:20:51 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012/07/29 14:20:42 | 000,001,525 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012/07/29 14:20:39 | 000,001,092 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2012/07/29 14:20:12 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/07/27 10:53:13 | 000,000,513 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\com.plutinosoft.idemo.plist
[2012/07/26 15:45:27 | 000,001,421 | ---- | C] () -- C:\Users\Sather\Desktop\Wondershare Video Converter Ultimate.lnk
[2012/07/26 15:45:21 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2012/07/16 11:56:45 | 000,001,268 | ---- | C] () -- C:\Users\Sather\Desktop\Slender.lnk
[2012/07/16 10:59:25 | 000,002,237 | ---- | C] () -- C:\Users\Public\Desktop\Garrys Mod.lnk
[2012/07/16 10:59:25 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\Source Dedicated Server.lnk
[2012/07/16 10:53:06 | 000,001,013 | ---- | C] () -- C:\Users\Sather\Desktop\Terraria.lnk
[2012/07/09 20:03:24 | 000,000,179 | ---- | C] () -- C:\WirelessDiagLog.csv
[2012/07/08 19:24:58 | 000,000,972 | ---- | C] () -- C:\Users\Sather\Desktop\The House of the Dead.lnk
[2012/07/08 15:21:12 | 000,000,536 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/07/06 20:23:41 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012/07/06 20:22:07 | 000,001,359 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012/07/06 14:21:40 | 000,000,000 | -H-- | C] () -- C:\Users\Sather\Documents\Default.rdp
[2012/07/06 13:34:50 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2012/07/06 13:34:50 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/07/06 12:53:12 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/07/05 23:05:19 | 000,000,223 | ---- | C] () -- C:\Users\Sather\Desktop\Blacklight Retribution.url
[2012/07/05 20:45:33 | 000,000,249 | ---- | C] () -- C:\user.js
[2012/07/02 17:59:55 | 000,000,000 | ---- | C] () -- C:\Users\Sather\wusa.exe
[2012/06/27 23:03:04 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012/06/27 23:03:04 | 000,001,013 | ---- | C] () -- C:\Users\Sather\Desktop\Audacity.lnk
[2012/06/26 14:31:28 | 000,001,456 | ---- | C] () -- C:\Users\Sather\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/26 14:19:11 | 000,000,132 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/26 00:04:49 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/06/26 00:03:54 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/06/25 21:44:13 | 000,002,017 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Pro Tools SE.lnk
[2012/06/25 21:44:13 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Pro Tools SE.lnk
[2012/06/25 21:43:40 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2012/06/25 02:11:43 | 000,000,057 | ---- | C] () -- C:\Windows\hegames.ini
[2012/06/22 03:30:42 | 000,000,132 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/06/22 03:30:40 | 000,171,796 | ---- | C] () -- C:\Users\Sather\Documents\DONT DELETE TOOK A LOT OF EFFING EFFORT.png
[2012/06/20 21:04:38 | 000,255,995 | ---- | C] () -- C:\Users\Sather\Documents\Video call snapshot 184.png
[2012/06/20 20:10:55 | 000,002,660 | ---- | C] () -- C:\Users\Public\Desktop\Live! Cam Avatar Creator.lnk
[2012/06/20 20:10:47 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012/06/11 20:10:12 | 000,002,337 | ---- | C] () -- C:\Users\Sather\Desktop\Xpadder.ini
[2012/06/11 09:57:02 | 000,000,979 | ---- | C] () -- C:\Users\Sather\Desktop\Amnesia.lnk
[2012/06/11 09:55:36 | 000,001,590 | ---- | C] () -- C:\Users\Sather\Desktop\BatmanAC.lnk
[2012/06/10 22:37:19 | 000,001,164 | ---- | C] () -- C:\Users\Sather\Desktop\NBA 2K12.lnk
[2012/06/10 22:35:02 | 000,001,256 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2012/06/09 22:40:16 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/09 22:39:48 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/06/09 21:43:46 | 000,002,006 | ---- | C] () -- C:\Users\Sather\Desktop\Mixcraft 6.lnk
[2012/06/09 16:24:56 | 000,001,021 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/06/09 16:24:56 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/06/08 20:48:41 | 000,001,528 | ---- | C] () -- C:\Users\Sather\Desktop\Saints Row the Third.lnk
[2012/06/08 20:32:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/06/08 17:19:35 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/06/08 17:19:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/06/08 17:19:33 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc (1).exe
[2012/06/06 14:50:59 | 000,173,700 | ---- | C] () -- C:\Users\Sather\Documents\COUPON.psd
[2012/06/02 21:01:29 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Game Capture.lnk
[2012/05/29 01:14:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/05/24 16:27:26 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 10.0 (64-bit).lnk
[2012/05/22 20:23:28 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/05/22 19:43:02 | 001,165,824 | ---- | C] () -- C:\Users\Sather\Desktop\Xpadder.exe
[2012/05/22 19:37:19 | 000,000,949 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2012/05/22 19:37:19 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2012/05/22 17:05:30 | 000,000,222 | ---- | C] () -- C:\Users\Sather\Desktop\Dead Island.url
[2012/05/22 07:03:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/19 16:52:59 | 000,005,265 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2012/05/19 12:02:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf
[2012/05/18 19:19:37 | 000,079,227 | ---- | C] () -- C:\Users\Sather\Desktop\OMG DO THIS.jpg
[2012/05/17 22:41:45 | 886,275,156 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/05/17 17:43:51 | 000,002,648 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon Wireless USB551L Firmware Updates.lnk
[2012/05/16 20:58:12 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012/05/16 19:26:53 | 000,015,872 | ---- | C] () -- C:\Users\Sather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/16 19:00:32 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/05/16 18:39:48 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012/05/16 18:38:08 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2012/05/16 17:15:37 | 000,278,561 | ---- | C] () -- C:\Users\Sather\Desktop\Minecraft.exe
[2012/05/16 17:06:12 | 000,000,564 | ---- | C] () -- C:\Users\Sather\Desktop\Fraps.lnk
[2012/05/16 17:05:45 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/05/16 17:05:45 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/16 17:05:24 | 000,001,176 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012/05/16 17:04:49 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/05/16 17:04:35 | 000,000,973 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/05/16 17:04:35 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/05/16 16:38:39 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/05/16 16:38:39 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/05/16 16:37:46 | 000,001,443 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/16 16:31:18 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/05/16 16:19:54 | 000,001,415 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/16 16:19:52 | 000,001,449 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/16 16:15:27 | 000,000,290 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/16 16:15:27 | 000,000,272 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/05/12 02:59:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/05/12 02:58:57 | 002,944,183 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/05/12 02:58:15 | 4218,138,622 | -HS- | C] () -- C:\hiberfil.sys
[2012/05/12 02:57:10 | 000,027,380 | RH-- | C] () -- C:\mfg.sdr
[2012/05/12 02:55:50 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{cafa94ba-c707-5038-99e5-c03265f26caf}\@
[2012/05/12 02:52:04 | 000,012,780 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/05/12 02:51:40 | 001,048,576 | ---- | C] () -- C:\Windows\SysNative\syndata.bin
[2012/05/12 02:51:17 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/05/12 02:51:17 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/05/12 02:51:17 | 000,735,796 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2012/05/12 02:51:17 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/05/12 02:51:17 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2012/05/12 02:51:17 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/05/12 02:51:17 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/05/12 02:51:17 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/05/12 02:51:17 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012/05/12 02:51:17 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012/05/12 02:51:17 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012/05/12 02:51:17 | 000,018,520 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/05/12 02:51:17 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012/05/12 02:51:17 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/05/12 02:51:16 | 017,213,440 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2012/05/12 02:51:16 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012/05/12 02:51:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/12 02:51:15 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/05/12 02:51:15 | 000,221,099 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012/05/12 02:51:15 | 000,207,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012/05/12 02:51:15 | 000,191,775 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012/05/12 02:51:15 | 000,164,334 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012/05/12 02:51:15 | 000,161,613 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012/05/12 02:51:15 | 000,157,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012/05/12 02:51:15 | 000,148,033 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012/05/12 02:51:15 | 000,146,675 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012/05/12 02:51:15 | 000,145,687 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012/05/12 02:51:15 | 000,145,579 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012/05/12 02:51:15 | 000,144,338 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012/05/12 02:51:15 | 000,143,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012/05/12 02:51:15 | 000,143,155 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012/05/12 02:51:15 | 000,142,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012/05/12 02:51:15 | 000,142,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012/05/12 02:51:15 | 000,142,189 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012/05/12 02:51:15 | 000,141,644 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012/05/12 02:51:15 | 000,141,435 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012/05/12 02:51:15 | 000,140,923 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012/05/12 02:51:15 | 000,140,885 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012/05/12 02:51:15 | 000,140,549 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012/05/12 02:51:15 | 000,140,122 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012/05/12 02:51:15 | 000,139,487 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012/05/12 02:51:15 | 000,136,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012/05/12 02:51:15 | 000,136,369 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012/05/12 02:51:15 | 000,135,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012/05/12 02:51:15 | 000,131,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012/05/12 02:51:15 | 000,124,962 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012/05/12 02:51:15 | 000,123,467 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012/05/12 02:51:15 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012/05/12 02:51:15 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012/05/12 02:51:01 | 000,003,588 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_ALI_M14XR2.mrk
[2012/05/12 02:51:01 | 000,003,588 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_ALI_M14XR2.mrk
[2012/05/12 02:50:35 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/05/12 02:50:35 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/05/12 01:22:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/12 01:21:43 | 000,057,656 | ---- | C] () -- C:\Windows\SysNative\drivers\FilterPC.bmp
[2012/05/12 01:21:43 | 000,024,995 | ---- | C] () -- C:\Windows\SysNative\drivers\FilterPC.jpg
[2012/05/12 01:18:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf
[2012/05/12 01:18:33 | 000,002,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® WiDi.lnk
[2012/05/12 01:18:33 | 000,002,042 | ---- | C] () -- C:\Users\Public\Desktop\Intel® WiDi.lnk
[2012/05/12 01:17:32 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2012/05/12 01:16:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012/05/12 01:16:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012/05/12 01:16:00 | 000,025,088 | ---- | C] () -- C:\Windows\FUNC_01&VEN_1102&DEV_0011&SUBSYS_10280552.reg
[2012/05/12 01:15:52 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2012/05/12 01:15:35 | 000,011,180 | ---- | C] () -- C:\Windows\CtHRFX64.hda
[2012/05/12 01:15:35 | 000,004,850 | ---- | C] () -- C:\Windows\cthdaeng.reg
[2012/05/12 01:15:35 | 000,000,523 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2012/05/12 01:14:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ST_ACCEL_01009.Wdf
[2012/05/12 01:14:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/05/12 01:13:51 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/05/12 01:13:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2012/05/12 01:04:07 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/27 21:54:18 | 000,019,605 | ---- | C] () -- C:\Windows\SysNative\CtHda.ini
[2012/03/04 14:51:56 | 000,417,600 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/09 11:19:02 | 000,021,320 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2012/01/17 19:07:16 | 000,000,088 | ---- | C] () -- C:\Users\Sather\Desktop\minecraft.bat
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/01/07 09:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/01/07 09:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-53.dll
[2012/01/07 09:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-53.dll
[2012/01/07 09:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/01/07 09:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/01/07 09:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2011/12/19 01:31:00 | 000,160,256 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011/12/19 01:29:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/12/19 01:27:16 | 000,236,544 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/06/27 08:07:14 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2011/02/10 11:10:51 | 000,775,304 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:35:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=E1C4BA29B3A2502D20B64C230CF7295C -- C:\Users\Sather\Desktop\callofdutyblackopsw7theme\Start Orb\explorer.exe
[2009/10/31 08:35:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=E1C4BA29B3A2502D20B64C230CF7295C -- C:\Windows\Resources\Themes\callofdutyblackopsw7theme\Start Orb\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2010/11/15 21:02:36 | 000,000,264 | ---- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,225 | ---- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,245 | ---- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,225 | ---- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,228 | ---- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2010/11/15 21:02:24 | 000,000,230 | ---- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,233 | ---- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,231 | ---- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,230 | ---- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,226 | ---- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
[2010/11/15 21:02:36 | 000,000,232 | ---- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,233 | ---- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2010/11/15 21:02:36 | 000,000,231 | ---- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,231 | ---- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,225 | ---- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,228 | ---- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2010/11/15 21:02:24 | 000,000,231 | ---- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,228 | ---- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,232 | ---- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2010/11/15 21:02:38 | 000,000,231 | ---- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,231 | ---- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,228 | ---- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,229 | ---- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,234 | ---- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,227 | ---- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,229 | ---- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2010/11/15 21:02:22 | 000,032,633 | ---- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009/07/13 20:39:37 | 000,329,216 | ---- | M] (Microsoft Corporation) MD5=50BEA589F7D7958BDD2528A8F69D05CC -- C:\Windows\SysNative\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/06/30 02:59:38 | 000,000,351 | ---- | M] () MD5=A13853D67374C9F61F42D0490C7B60DD -- C:\Users\Sather\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK8F2VZ2\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2012/08/17 16:32:54 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\AlienAutopsy\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1321 bytes -> C:\ProgramData\Microsoft:WpJUVR2x6o0pE7yDjm4l
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 1265 bytes -> C:\Program Files (x86)\Common Files\System:8wCKIXkqIGbCex4DyZODWiKFuFC4
@Alternate Data Stream - 1196 bytes -> C:\ProgramData\Microsoft:u4leMMvvLEMoGFnpDcXSA
@Alternate Data Stream - 1160 bytes -> C:\Users\Sather\AppData\Local\Temp:dx3kgfwr9nY931z1TSPSzj

< End of report >





And here is the Extras.txt



OTL Extras logfile created on: 9/5/2012 10:08:03 PM - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Sather\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.90 Gb Total Physical Memory | 13.24 Gb Available Physical Memory | 83.24% Memory free
31.81 Gb Paging File | 28.94 Gb Available in Paging File | 90.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.22 Gb Total Space | 135.87 Gb Free Space | 29.78% Space Free | Partition Type: NTFS
Drive D: | 7.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SATHER-PC | User Name: Sather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java™ 7 Update 4 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.0000
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{520C4DD4-2BC7-409B-BA48-E1A4F832662D}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C616FD4F-11F5-11E0-A38F-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{C874B99C-8480-4AFB-A646-4B1DCAB185B2}" = M-Audio FastTrack Driver 6.0.2 (x64)
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}" = Alienware Command Center
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi Software
"{F4330A8B-3610-4483-975E-69789B70A764}" = HP Photosmart Plus B210 series Basic Device Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ComicRack" = ComicRack v0.9.139
"MAXON8C02D5E0" = CINEMA 4D 12.016
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = AlienAutopsy
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = AlienRespawn
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12383012-3529-41F8-8EBE-6B2BC6FD0FEA}_is1" = Garrys Mod Update version 3
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D106581-6726-4D1B-ABEC-0CA02410F24F}" = Adobe Photoshop CS6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 5
"{2B5EB659-A315-444E-9EB8-F0B99BF94EB9}_is1" = Garry's Mod Update #5 version 5.0
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{330B7AAD-B2FE-4989-B02A-DDA5A174FCDF}" = Accidental Damage Services Agreement
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{371F27A1-9502-4762-AE97-1C1938B21055}" = Avid Pro Tools SE 8.0.3
"{38E1F008-11EC-4888-A04A-246EF784365C}_is1" = Garrys Mod Update #2 version 2.0
"{3A9527CF-4E91-4683-A03F-F1AD022126E5}" = DirectX 9 Runtime
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41AA8F20-FD30-4878-9080-6D5BE575FD41}" = Dell InHome Service Agreement
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}" = LEGO® Batman™ 2: DC Super Heroes
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5F187E71-93D7-4849-B5C2-1DD1747C81A7}" = Sonic CinePlayer Decoder Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AE29EAE-1BFC-464B-889B-D38154D3CA8C}_is1" = Garrys Mod Update #4 version 4.0
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93B6F95C-7009-4CF3-886B-F80AA6101B14}" = Roxio GAMECAP
"{93F34C5C-ACAA-48F3-9B26-70359A117F12}" = Intel® WiDi
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{A19BD7EF-9D03-48B2-B912-7112893CAAB3}" = VZAccess Manager
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = AlienRespawn - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACC78BCD-6B12-4C73-8D98-5B96A4A6D73A}" = XSplit
"{AE31570F-2469-4F54-8185-208113295105}" = Verizon Mobile Broadband Drivers
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA7DBD3F-34B7-4872-860E-89E5B6AFA6AC}" = Roxio Game Capture
"{BBB95D0D-D40F-4F46-808D-4D295BBB9490}" = Verizon Wireless USB551L Firmware Updates
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C45E715E-442E-4D82-BD46-A08A0870957C}" = Sound Blaster Recon3Di Extras
"{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}" = Sound Blaster Recon3Di
"{CBB0788A-A349-4119-B11D-C7D006A90DD8}_is1" = Portal 2 version 2.0.0.1
"{CD0159C9-17FB-11D6-A76A-00B0D079AF64}" = Java 2 Runtime Environment, SE v1.4.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F1D74CF1-09D3-4FEB-8C35-C31BB4E05CDC}_is1" = Garry's Mod Update #6 version 6.0
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FCF3DA77-F819-45BC-AC5E-743AA7A920C2}" = Roxio Game Capture
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownloader" = 1ClickDownloader
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 2.0
"AVG Secure Search" = AVG Security Toolbar
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Darksiders II_is1" = Darksiders II
"DivX Setup" = DivX Setup
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Garrys Mod Final [DiGiTALZONE] 2010 Edition" = Garrys Mod Final [DiGiTALZONE] 2010 Edition
"iFunbox_is1" = iFunbox (v1.96.938.649), iFunbox DevTeam
"InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"InstallShield_{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}" = Alienware Command Center
"Integrated Webcam Live! Central" = Integrated Webcam Live! Central
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Virtual Technician" = McAfee Virtual Technician
"MediaFire Express 0.12.3.3540" = MediaFire Express
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"NAV" = Norton AntiVirus
"NSS" = Norton Security Scan
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sleeping Dogs_is1" = Sleeping Dogs version 1.4
"Steam App 113400" = APB Reloaded
"Steam App 209870" = Blacklight: Retribution
"Steam App 91310" = Dead Island
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Trapcode Form" = Trapcode Form
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 5.7.5.4)
"xvid" = Xvid MPEG-4 Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2259069413-2578279797-1013439322-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = ooVoo toolbar, powered by Ask.com Updater
"Garrys Mod Update #1" = Garrys Mod Update #1
"Google Chrome" = Google Chrome
"MidiEditor" = MidiEditor
"SOE-Bullet Run" = Bullet Run

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19

Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20

Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21

Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22

Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23

Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24

Error - 8/29/2012 3:40:25 PM | Computer Name = Sather-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 15

Error - 8/30/2012 1:13:49 AM | Computer Name = Sather-PC | Source = Google Update | ID = 20
Description =

Error - 8/30/2012 3:23:21 AM | Computer Name = Sather-PC | Source = Google Update | ID = 20
Description =

Error - 8/30/2012 3:28:49 AM | Computer Name = Sather-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/30/2012 10:26:25 PM | Computer Name = Sather-PC | Source = DCOM | ID = 10016
Description =

Error - 8/30/2012 10:27:05 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 8/30/2012 10:27:05 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 8/30/2012 10:27:12 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7003
Description = The McAfee Personal Firewall Service service depends the following
service: MpsSvc. This service might not be installed.

Error - 8/30/2012 10:27:12 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7003
Description = The McAfee Personal Firewall Service service depends the following
service: MpsSvc. This service might not be installed.

Error - 8/30/2012 10:27:12 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7003
Description = The McAfee Personal Firewall Service service depends the following
service: MpsSvc. This service might not be installed.

Error - 8/30/2012 10:27:12 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7003
Description = The McAfee Personal Firewall Service service depends the following
service: MpsSvc. This service might not be installed.

Error - 8/30/2012 10:32:10 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Security with the following error:
%%5

Error - 8/30/2012 10:32:10 PM | Computer Name = Sather-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Security with the following error:
%%5

Error - 8/31/2012 2:09:39 AM | Computer Name = Sather-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:07:49 AM on ?8/?31/?2012 was unexpected.


< End of report >


Edited by MNISather, 05 September 2012 - 09:24 PM.

  • 0

#4
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,149 posts
No logs in that post.

Please copy the text from the 2 files, and paste them into your next post, don't attach them

Never mind, I see you got them posted. Give me some time to look them over.


Edited by Crowbar, 05 September 2012 - 09:27 PM.

  • 0

#5
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I posted them, then I forgot you said not to attach them. So I re-edited it. Take all the time you need.
  • 0

#6
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Norton just alerted me that it has picked up a Trojan.Zeroaccess!inf4 and Trojan.Patchep!sys
  • 0

#7
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,149 posts
Hi MNISather,
Sorry it took me so long to examine your log, you seem to have changed the file scan age time to 360 days from 30, and that made for a very big log file!
Next OTL scan, please leave it at the default of 30 days.

I do see the zeroaccess infection, so let's start removing it :)

Step 1
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
    [createrestorepoint]
    :OTL
    IE - HKU\S-1-5-21-2259069413-2578279797-1013439322-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000685d4320e2d5
    [2012/07/05 20:45:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
    O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
    O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
    O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.1)
    @Alternate Data Stream - 1160 bytes -> C:\Users\Sather\AppData\Local\Temp:dx3kgfwr9nY931z1TSPSzj
    :files
    C:\Windows\Installer\{cafa94ba-c707-5038-99e5-c03265f26caf}
    :commands
    [emptytemp]
    [reboot]
    
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.

Posted Image

  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.Step 2

Step 3
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 4
Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
%systemdrive%\$Recycle.Bin|@;true;true;true
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs in your next response

In your next reply I would like to see:
  • OTL fix log
  • Roguekiller log files
  • Malwarebytes log
  • Fresh OTL custom scan
  • How is the computer doing at this point?

  • 0

#8
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Ok this is the OTL.txt but i didnt seem to find a second log after this one it had the same name "OTL.txt" so i dont know if it overwrote this file?

OTL logfile created on: 9/6/2012 4:19:22 PM - Run 3
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Sather\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.90 Gb Total Physical Memory | 12.38 Gb Available Physical Memory | 77.83% Memory free
31.81 Gb Paging File | 27.93 Gb Available in Paging File | 87.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.22 Gb Total Space | 165.95 Gb Free Space | 36.38% Space Free | Partition Type: NTFS
Drive D: | 7.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SATHER-PC | User Name: Sather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/06 16:04:57 | 001,378,816 | ---- | M] () -- C:\Users\Sather\Desktop\RogueKiller.exe
PRC - [2012/09/05 22:33:30 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/09/05 22:33:29 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/09/05 22:06:08 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Sather\Desktop\OTL.exe
PRC - [2012/08/25 21:12:42 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/07/03 13:46:42 | 000,973,488 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
PRC - [2012/05/29 10:37:22 | 025,249,400 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe
PRC - [2012/03/23 15:01:00 | 002,014,208 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
PRC - [2012/03/19 06:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 06:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 06:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/03/04 14:51:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/02/21 19:55:24 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/02/21 19:55:22 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012/02/21 19:55:18 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/02/21 19:55:16 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012/02/17 01:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\AlienRespawn\SftService.exe
PRC - [2012/02/09 11:21:20 | 000,014,152 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2012/02/09 11:14:02 | 000,069,448 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2012/02/09 11:09:02 | 000,016,200 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2012/02/01 17:44:12 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/01 17:44:12 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/01 17:43:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/27 16:30:20 | 000,320,832 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 21:51:44 | 004,005,184 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Toaster.exe
PRC - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
PRC - [2011/12/21 21:20:26 | 000,880,640 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/03 18:01:44 | 001,546,096 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
PRC - [2011/10/19 19:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) -- c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe
PRC - [2010/06/24 00:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/05 22:33:30 | 000,564,832 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/09/05 22:33:30 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/09/05 22:33:29 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/08/29 21:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012/08/29 21:58:44 | 012,237,336 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
MOD - [2012/08/29 21:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012/08/29 21:57:27 | 000,526,872 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll
MOD - [2012/08/29 21:57:26 | 000,104,984 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll
MOD - [2012/08/29 21:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012/08/29 21:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012/08/29 21:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012/06/14 03:41:53 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
MOD - [2012/06/14 03:37:48 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MOD - [2012/06/14 03:21:17 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/14 03:21:11 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 03:21:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:21:01 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 03:20:59 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/06/14 03:03:16 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/14 03:03:08 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/14 03:03:07 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:03:03 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/14 03:03:02 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/20 20:59:02 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012/05/20 20:59:00 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
MOD - [2012/05/20 20:58:27 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/20 20:58:08 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012/05/20 20:58:08 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
MOD - [2012/05/20 20:58:07 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012/05/20 20:58:06 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\676a0584b48c64d242d4ad3aa07d9214\System.ServiceModel.ni.dll
MOD - [2012/05/20 20:57:56 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MOD - [2012/05/20 19:23:59 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/20 19:23:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/20 19:23:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/20 19:23:24 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/20 19:23:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/20 19:23:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/20 19:23:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/18 16:31:21 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/18 16:30:34 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
MOD - [2012/05/18 16:30:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
MOD - [2012/05/18 16:30:01 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/18 15:53:22 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/18 15:53:18 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/18 15:53:15 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/18 15:53:13 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/18 15:53:12 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/18 15:53:08 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/18 15:53:08 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/04/30 02:55:46 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012/04/30 02:55:46 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012/04/30 02:55:46 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012/04/30 02:55:46 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2012/03/04 17:52:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
MOD - [2011/11/03 18:01:44 | 001,546,096 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/12/18 11:07:06 | 000,577,536 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (MSK80Service)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McProxy)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McNASvc)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McNaiAnn)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (mcmscsvc)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McMPFSvc)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012/02/26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/02/26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/02/26 05:07:32 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/02/26 05:07:26 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/02/09 11:09:02 | 000,014,664 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2012/01/17 16:12:28 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/01/09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2012/09/05 22:59:27 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/05 22:33:30 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/08/25 21:12:42 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/08/15 00:57:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe -- (NAV)
SRV - [2012/05/12 01:15:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/05/12 01:15:50 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)
SRV - [2012/03/19 06:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/03/06 10:19:00 | 003,953,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/03/04 17:52:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/03/04 14:51:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/02/21 19:55:24 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/02/21 19:55:22 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012/02/21 19:55:18 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/02/17 19:07:22 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2012/02/01 17:44:12 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/01 17:44:12 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/01 17:43:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/19 19:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2011/05/09 13:01:06 | 000,430,080 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2011/03/21 12:41:18 | 000,178,224 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe -- (VZWConfigService)
SRV - [2011/02/17 07:02:26 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe -- (RoxMediaDBGame1X)
SRV - [2010/06/24 00:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/06/14 11:00:48 | 000,270,848 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe -- (NWVZHelper)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/05 22:33:30 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/09/01 18:18:50 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2012/05/12 02:55:50 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/12 02:55:50 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/17 21:13:32 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 21:13:22 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys -- (SymDS)
DRV:64bit: - [2012/04/17 20:42:14 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/27 21:58:10 | 001,052,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtHda.sys -- (cthda)
DRV:64bit: - [2012/03/15 23:12:20 | 000,426,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/03/04 18:31:18 | 000,398,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/03/04 17:52:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2012/03/04 17:52:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/14 13:47:36 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/02/14 12:38:56 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/02/01 17:43:56 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/01/31 14:38:02 | 000,340,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/01/03 16:04:52 | 000,067,184 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_ACCEL.sys -- (ST_ACCEL)
DRV:64bit: - [2011/12/28 23:14:04 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/12/20 17:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 17:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/06 06:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/30 11:19:48 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/11/30 11:19:46 | 000,094,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/09/19 05:54:44 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/07/15 21:31:22 | 000,022,128 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2011/06/14 18:47:10 | 000,347,648 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NWRmNet_001.sys -- (NWRmNet_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,261,120 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser2_001.sys -- (NWUSBPort2_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser_001.sys -- (NWUSBPort_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbmdm_001.sys -- (NWUSBModem_001)
DRV:64bit: - [2011/01/26 19:38:28 | 000,683,392 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2011/01/26 19:37:44 | 001,063,552 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 08:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 06:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/12/23 11:36:04 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2009/10/02 12:53:48 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/26 15:43:42 | 000,016,752 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/09/05 19:39:20 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\VirusDefs\20120905.017\ex64.sys -- (NAVEX15)
DRV - [2012/09/05 19:39:20 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\VirusDefs\20120905.017\eng64.sys -- (NAVENG)
DRV - [2012/09/03 22:45:31 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/09/03 22:45:31 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/31 19:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\IPSDefs\20120905.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/23 03:52:48 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\BASHDefs\20120823.007\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/26 15:43:42 | 000,013,680 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg....sa&d=2012-06-25 22:39:24&v=12.2.5.32&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-06-25 22:39:24&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sather\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sather\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sather\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/09/05 22:33:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/27 14:37:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/28 22:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\IPSFFPlgn\ [2012/09/01 18:18:54 | 000,000,000 | ---D | M]

[2012/09/06 15:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/05/28 17:35:02 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]

========== Chrome ==========

CHR - homepage: http://search.babylo...000685d4320e2d5
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...000685d4320e2d5
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sather\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: YouTube = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Click 2 Save = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfbkhdpdndhaejllgoppclbkcngghcg\1.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Fast save = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\chjdocjndfmmccgohapcbkddcnnncmme\1.1_0\
CHR - Extension: Google Search = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Speed Dial = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.2_0\
CHR - Extension: bloomind ct deepdark = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd\1_0\
CHR - Extension: SiteAdvisor = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: AdBlock = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: 1Click Downloader = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Google Mail Checker = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: AVG Secure Search = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.32_0\
CHR - Extension: Facebook Notifications = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/28 19:46:45 | 000,001,204 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Alienware)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc..)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [Sound Blaster Recon3Di Control Panel] c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Sather\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce\Setup: [Registering MS MPEG4 ActiveX filter...] C:\Windows\SysWOW64\MPG4ds32.ax (Microcrap Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC}: NameServer = 174.114.184.185
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99FA023C-2392-4A16-A069-179D136652B1}: DhcpNameServer = 66.174.71.33 66.174.95.44
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD535A9E-FAE2-48C1-AB4A-0F1E6B077C91}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E94E7494-6CFA-4D01-9607-797C55A0C4BB}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/01 14:44:05 | 000,000,027 | RH-- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{383cb6c8-9c08-11e1-8ada-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{383cb6c8-9c08-11e1-8ada-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010/06/30 05:08:46 | 000,808,256 | R--- | M] (Acresso Software Inc. )
O33 - MountPoints2\{5e94a5fc-a09b-11e1-85b4-685d4320e2d8}\Shell - "" = AutoRun
O33 - MountPoints2\{5e94a5fc-a09b-11e1-85b4-685d4320e2d8}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{a90fe1e5-b279-11e1-8ab4-685d4320e2d8}\Shell - "" = AutoRun
O33 - MountPoints2\{a90fe1e5-b279-11e1-8ab4-685d4320e2d8}\Shell\AutoRun\command - "" = E:\Launcher.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


========== Files/Folders - Created Within 30 Days ==========

[2012/09/06 16:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/06 16:13:40 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/06 16:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/06 16:05:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\RK_Quarantine
[2012/09/06 15:53:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/05 22:33:30 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/05 22:06:08 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Sather\Desktop\OTL.exe
[2012/09/01 18:42:34 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\CrashDumps
[2012/09/01 18:33:29 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\NPE
[2012/09/01 18:18:50 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/09/01 18:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/09/01 18:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/09/01 18:18:48 | 001,129,120 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys
[2012/09/01 18:18:48 | 000,737,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys
[2012/09/01 18:18:48 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys
[2012/09/01 18:18:48 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys
[2012/09/01 18:18:48 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys
[2012/09/01 18:18:48 | 000,167,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys
[2012/09/01 18:18:48 | 000,037,536 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys
[2012/09/01 18:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2012/09/01 18:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E
[2012/09/01 18:18:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2012/09/01 18:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2012/08/31 01:10:34 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Warner Bros. Interactive Entertainment
[2012/08/30 23:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warner Bros. Interactive Entertainment
[2012/08/30 22:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/08/30 15:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012/08/29 14:38:34 | 000,000,000 | ---D | C] -- C:\Minecraft_Backup
[2012/08/29 01:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/08/29 01:06:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005
[2012/08/29 01:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/08/29 01:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/28 22:08:43 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\DivX
[2012/08/28 22:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/08/28 22:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/08/28 22:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012/08/28 22:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/08/28 22:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/08/28 22:03:08 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{708ADA2D-C87C-42B1-8B85-F19010C73E5D}
[2012/08/28 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\UniversalThemePatcher_20090409
[2012/08/28 21:32:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\callofdutyblackopsw7theme
[2012/08/27 20:53:28 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MidiEditor
[2012/08/27 20:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MidiEditor
[2012/08/26 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\McAfee
[2012/08/26 15:34:58 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\Fabtasy
[2012/08/25 20:09:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{52DAD54D-5785-4A1B-86A5-0435CA2C3466}
[2012/08/25 19:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\WEngineLite
[2012/08/25 19:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Verizon Wireless
[2012/08/25 19:06:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\hpqLog
[2012/08/25 15:25:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Smith Micro
[2012/08/25 01:06:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{1E13D1BB-B324-4C06-AAAE-E3F25C50F975}
[2012/08/24 22:31:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{4963992C-EB83-4AD1-A3F9-333A1DCF5F69}
[2012/08/23 22:22:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{F7E3E906-8466-4476-A471-29DA243F5B80}
[2012/08/23 21:42:20 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\skyz
[2012/08/23 14:51:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienAutopsy
[2012/08/23 14:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/23 10:27:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Chromium
[2012/08/23 10:27:10 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Rockstar Games
[2012/08/23 09:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/08/22 15:52:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{ED1522AB-FAE0-41F9-91E7-E9D266A820B1}
[2012/08/22 10:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sleeping Dogs
[2012/08/21 03:04:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\DarknessII
[2012/08/21 02:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012/08/21 02:01:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2012/08/20 15:37:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Sony Online Entertainment
[2012/08/20 15:36:55 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/08/20 12:58:26 | 000,000,000 | ---D | C] -- C:\Crash
[2012/08/19 22:39:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\SCE
[2012/08/19 16:28:05 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Malwarebytes
[2012/08/19 16:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/15 22:01:43 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Darksiders2
[2012/08/15 21:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012/08/15 21:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2012/08/14 01:28:49 | 000,000,000 | --SD | C] -- C:\Users\Sather\AppData\Roaming\wyUpdate AU
[2012/08/14 01:28:49 | 000,000,000 | --SD | C] -- C:\Users\Sather\wc
[2012/08/14 01:28:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Cyberduck
[2012/08/14 00:58:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\cYo
[2012/08/14 00:58:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\cYo
[2012/08/14 00:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
[2012/08/14 00:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\ComicRack
[2012/08/13 16:28:30 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012/08/13 16:28:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Form
[2012/08/13 16:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trapcode Form
[2012/08/13 16:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trapcode
[2012/08/13 15:31:22 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\MW3 Intro Template
[2012/08/11 00:53:55 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{6DF686DB-5BC3-465D-8E3F-2E45C140CC29}
[2012/08/11 00:53:21 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{DEF66CDA-6F20-46EF-8D35-07B29CF4BA27}
[2012/08/09 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Atari
[2012/08/09 01:42:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cry of Fear
[2012/08/09 01:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cry of Fear

========== Files - Modified Within 30 Days ==========

[2012/09/06 16:16:02 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/06 16:16:02 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/06 16:13:52 | 000,778,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/06 16:13:52 | 000,661,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/06 16:13:52 | 000,121,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/06 16:13:41 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/06 16:08:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/06 16:08:46 | 4218,138,622 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/06 16:04:57 | 001,378,816 | ---- | M] () -- C:\Users\Sather\Desktop\RogueKiller.exe
[2012/09/06 15:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/06 15:49:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/09/06 15:47:05 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2012/09/06 15:44:36 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/09/05 23:39:39 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/05 23:39:39 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/05 23:00:51 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/09/05 22:33:30 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/05 22:06:08 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Sather\Desktop\OTL.exe
[2012/09/05 17:54:23 | 017,893,619 | ---- | M] () -- C:\Users\Sather\Desktop\unfinished apb.wmv
[2012/09/05 17:49:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/03 22:45:31 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\VT20120731.038
[2012/09/03 21:06:25 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/01 18:18:54 | 001,548,348 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Cat.DB
[2012/09/01 18:18:50 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/09/01 18:18:50 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/09/01 18:18:50 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/09/01 18:18:49 | 000,002,475 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/08/30 23:32:23 | 000,000,820 | ---- | M] () -- C:\Users\Sather\Desktop\LEGO® Batman™ 2 DC Super Heroes.lnk
[2012/08/29 04:49:53 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sather.job
[2012/08/29 01:06:43 | 000,001,345 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/08/28 22:08:57 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/28 22:08:57 | 000,001,619 | ---- | M] () -- C:\Users\Sather\Desktop\DivX Movies.lnk
[2012/08/28 22:08:41 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/28 13:01:54 | 886,275,156 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/27 20:53:28 | 000,001,923 | ---- | M] () -- C:\Users\Sather\Desktop\MidiEditor.lnk
[2012/08/27 20:49:02 | 000,041,502 | ---- | M] () -- C:\Users\Sather\Desktop\coldplay-paradise.mid
[2012/08/27 03:43:34 | 000,071,961 | ---- | M] () -- C:\Users\Sather\Desktop\nevergon_rickashley.mid
[2012/08/26 19:52:47 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2012/08/25 21:12:42 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/25 20:55:49 | 000,892,991 | ---- | M] () -- C:\Users\Sather\Desktop\614851_514975008528823_906330673_o.jpg
[2012/08/25 20:20:58 | 017,548,635 | ---- | M] () -- C:\Users\Sather\Desktop\transition.psd
[2012/08/25 19:48:21 | 022,949,940 | ---- | M] () -- C:\Users\Sather\Desktop\car.psd
[2012/08/25 19:14:01 | 000,268,459 | ---- | M] () -- C:\Users\Sather\Desktop\car.jpg
[2012/08/25 19:06:57 | 000,001,290 | ---- | M] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2012/08/23 20:40:51 | 000,000,223 | ---- | M] () -- C:\Users\Sather\Desktop\APB Reloaded.url
[2012/08/23 03:25:30 | 000,002,337 | ---- | M] () -- C:\Users\Sather\Desktop\Xpadder.ini
[2012/08/22 10:22:55 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\Sleeping Dogs.lnk
[2012/08/20 15:37:26 | 000,001,846 | ---- | M] () -- C:\Users\Sather\Desktop\Bullet Run.lnk
[2012/08/19 21:13:55 | 000,000,132 | ---- | M] () -- C:\Users\Sather\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/08/19 19:09:00 | 000,362,414 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 4.wav
[2012/08/19 19:09:00 | 000,001,472 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 4.sfk
[2012/08/19 19:04:45 | 000,266,954 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 3.wav
[2012/08/19 19:04:45 | 000,001,096 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 3.sfk
[2012/08/19 19:04:28 | 000,430,886 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 2.wav
[2012/08/19 19:04:28 | 000,001,736 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 2.sfk
[2012/08/19 19:04:16 | 000,595,294 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 1.wav
[2012/08/19 19:04:16 | 000,002,384 | ---- | M] () -- C:\Users\Sather\Documents\Track 2 - 1.sfk
[2012/08/19 18:58:37 | 000,975,630 | ---- | M] () -- C:\Users\Sather\Documents\Track 4 - 1.wav
[2012/08/19 18:58:37 | 000,003,864 | ---- | M] () -- C:\Users\Sather\Documents\Track 4 - 1.sfk
[2012/08/19 18:52:02 | 000,954,974 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 9.wav
[2012/08/19 18:52:02 | 000,003,784 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 9.sfk
[2012/08/19 18:51:38 | 001,041,258 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 8.wav
[2012/08/19 18:51:38 | 000,004,120 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 8.sfk
[2012/08/19 18:51:11 | 001,010,670 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 7.wav
[2012/08/19 18:51:11 | 000,004,000 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 7.sfk
[2012/08/19 18:50:30 | 000,914,358 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 6.wav
[2012/08/19 18:50:30 | 000,003,624 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 6.sfk
[2012/08/17 00:33:30 | 693,980,008 | ---- | M] () -- C:\Users\Sather\Desktop\Final Output 720p HD.avi
[2012/08/16 11:16:58 | 005,098,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/15 21:58:55 | 000,002,055 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders II.lnk
[2012/08/15 20:48:54 | 005,860,570 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 5.wav
[2012/08/15 20:48:54 | 000,022,952 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 5.sfk
[2012/08/15 20:47:38 | 004,095,342 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 4.wav
[2012/08/15 20:47:38 | 000,016,056 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 4.sfk
[2012/08/15 20:46:53 | 005,477,318 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 3.wav
[2012/08/15 20:46:53 | 000,021,448 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 3.sfk
[2012/08/15 20:45:55 | 002,555,502 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 2.wav
[2012/08/15 20:45:55 | 000,010,040 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 2.sfk
[2012/08/15 20:45:28 | 002,167,170 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 1.wav
[2012/08/15 20:45:28 | 000,008,520 | ---- | M] () -- C:\Users\Sather\Documents\Track 3 - 1.sfk
[2012/08/13 02:44:47 | 000,121,304 | ---- | M] () -- C:\Users\Sather\Documents\apb.veg
[2012/08/13 02:33:41 | 000,120,344 | ---- | M] () -- C:\Users\Sather\Documents\apb.veg.bak
[2012/08/10 00:49:06 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\isolate.ini
[2012/08/09 14:53:57 | 000,015,872 | ---- | M] () -- C:\Users\Sather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/09 00:48:31 | 000,022,760 | ---- | M] () -- C:\Users\Sather\Documents\JAMES.veg
[2012/08/09 00:37:32 | 000,023,008 | ---- | M] () -- C:\Users\Sather\Documents\JAMES.veg.bak
[2012/08/09 00:14:48 | 166,418,606 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 2.wav
[2012/08/09 00:14:48 | 000,650,128 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 2.sfk
[2012/08/08 23:57:20 | 000,348,434 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 1.wav
[2012/08/08 23:57:20 | 000,001,416 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 1.sfk
[2012/08/08 23:36:44 | 000,016,008 | ---- | M] () -- C:\Users\Sather\Documents\slender.veg

========== Files Created - No Company Name ==========

[2012/09/06 16:13:41 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/06 16:04:55 | 001,378,816 | ---- | C] () -- C:\Users\Sather\Desktop\RogueKiller.exe
[2012/09/05 17:53:34 | 017,893,619 | ---- | C] () -- C:\Users\Sather\Desktop\unfinished apb.wmv
[2012/09/03 22:45:37 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\VT20120731.038
[2012/09/01 18:18:50 | 001,548,348 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Cat.DB
[2012/09/01 18:18:50 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/09/01 18:18:50 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/09/01 18:18:49 | 000,002,475 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/09/01 18:18:45 | 000,003,435 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA.inf
[2012/09/01 18:18:45 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS.inf
[2012/09/01 18:18:45 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymNet.inf
[2012/09/01 18:18:45 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.inf
[2012/09/01 18:18:45 | 000,001,419 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.inf
[2012/09/01 18:18:45 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.inf
[2012/09/01 18:18:45 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Iron.inf
[2012/09/01 18:18:36 | 000,008,942 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymVTcer.dat
[2012/09/01 18:18:36 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.cat
[2012/09/01 18:18:36 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnet64.cat
[2012/09/01 18:18:36 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\iron.cat
[2012/09/01 18:18:36 | 000,007,446 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccsetx64.cat
[2012/09/01 18:18:36 | 000,007,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.cat
[2012/09/01 18:18:36 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.cat
[2012/09/01 18:18:36 | 000,007,402 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.cat
[2012/09/01 18:18:36 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\isolate.ini
[2012/08/30 23:32:23 | 000,000,820 | ---- | C] () -- C:\Users\Sather\Desktop\LEGO® Batman™ 2 DC Super Heroes.lnk
[2012/08/29 01:06:47 | 000,000,450 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Sather.job
[2012/08/29 01:06:43 | 000,001,345 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/08/29 01:06:40 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/08/28 22:08:57 | 000,001,619 | ---- | C] () -- C:\Users\Sather\Desktop\DivX Movies.lnk
[2012/08/28 22:08:41 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/28 22:08:13 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/28 21:32:56 | 000,000,088 | ---- | C] () -- C:\Users\Sather\Desktop\Download More Windows 7 Themes.html
[2012/08/28 21:32:55 | 019,384,858 | ---- | C] () -- C:\Users\Sather\Desktop\callofdutyblackops.themepack
[2012/08/27 20:53:28 | 000,001,923 | ---- | C] () -- C:\Users\Sather\Desktop\MidiEditor.lnk
[2012/08/27 20:49:06 | 000,041,502 | ---- | C] () -- C:\Users\Sather\Desktop\coldplay-paradise.mid
[2012/08/27 03:43:37 | 000,071,961 | ---- | C] () -- C:\Users\Sather\Desktop\nevergon_rickashley.mid
[2012/08/26 19:52:47 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2012/08/26 19:52:22 | 000,002,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2012/08/25 20:55:20 | 000,892,991 | ---- | C] () -- C:\Users\Sather\Desktop\614851_514975008528823_906330673_o.jpg
[2012/08/25 20:20:56 | 017,548,635 | ---- | C] () -- C:\Users\Sather\Desktop\transition.psd
[2012/08/25 19:48:18 | 022,949,940 | ---- | C] () -- C:\Users\Sather\Desktop\car.psd
[2012/08/25 19:14:08 | 000,268,459 | ---- | C] () -- C:\Users\Sather\Desktop\car.jpg
[2012/08/25 19:06:57 | 000,001,302 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VZAccess Manager.lnk
[2012/08/25 19:06:57 | 000,001,290 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2012/08/23 20:40:51 | 000,000,223 | ---- | C] () -- C:\Users\Sather\Desktop\APB Reloaded.url
[2012/08/22 10:22:55 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\Sleeping Dogs.lnk
[2012/08/20 12:57:46 | 000,001,854 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bullet Run.lnk
[2012/08/20 12:57:46 | 000,001,846 | ---- | C] () -- C:\Users\Sather\Desktop\Bullet Run.lnk
[2012/08/19 19:09:00 | 000,001,472 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 4.sfk
[2012/08/19 19:04:45 | 000,362,414 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 4.wav
[2012/08/19 19:04:45 | 000,001,096 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 3.sfk
[2012/08/19 19:04:28 | 000,266,954 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 3.wav
[2012/08/19 19:04:28 | 000,001,736 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 2.sfk
[2012/08/19 19:04:16 | 000,430,886 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 2.wav
[2012/08/19 19:04:16 | 000,002,384 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 1.sfk
[2012/08/19 19:04:06 | 000,595,294 | ---- | C] () -- C:\Users\Sather\Documents\Track 2 - 1.wav
[2012/08/19 18:58:37 | 000,003,864 | ---- | C] () -- C:\Users\Sather\Documents\Track 4 - 1.sfk
[2012/08/19 18:58:15 | 000,975,630 | ---- | C] () -- C:\Users\Sather\Documents\Track 4 - 1.wav
[2012/08/19 18:52:02 | 000,003,784 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 9.sfk
[2012/08/19 18:51:38 | 000,954,974 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 9.wav
[2012/08/19 18:51:38 | 000,004,120 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 8.sfk
[2012/08/19 18:51:11 | 001,041,258 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 8.wav
[2012/08/19 18:51:11 | 000,004,000 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 7.sfk
[2012/08/19 18:50:30 | 001,010,670 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 7.wav
[2012/08/19 18:50:30 | 000,003,624 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 6.sfk
[2012/08/19 18:49:58 | 000,914,358 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 6.wav
[2012/08/17 00:26:04 | 693,980,008 | ---- | C] () -- C:\Users\Sather\Desktop\Final Output 720p HD.avi
[2012/08/15 21:58:55 | 000,002,055 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders II.lnk
[2012/08/15 20:48:54 | 000,022,952 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 5.sfk
[2012/08/15 20:47:38 | 005,860,570 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 5.wav
[2012/08/15 20:47:38 | 000,016,056 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 4.sfk
[2012/08/15 20:46:53 | 004,095,342 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 4.wav
[2012/08/15 20:46:53 | 000,021,448 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 3.sfk
[2012/08/15 20:45:55 | 005,477,318 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 3.wav
[2012/08/15 20:45:55 | 000,010,040 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 2.sfk
[2012/08/15 20:45:28 | 002,555,502 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 2.wav
[2012/08/15 20:45:28 | 000,008,520 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 1.sfk
[2012/08/15 20:44:43 | 002,167,170 | ---- | C] () -- C:\Users\Sather\Documents\Track 3 - 1.wav
[2012/08/13 01:36:18 | 000,121,304 | ---- | C] () -- C:\Users\Sather\Documents\apb.veg
[2012/08/13 01:36:18 | 000,120,344 | ---- | C] () -- C:\Users\Sather\Documents\apb.veg.bak
[2012/08/09 00:37:32 | 000,023,008 | ---- | C] () -- C:\Users\Sather\Documents\JAMES.veg.bak
[2012/08/09 00:37:32 | 000,022,760 | ---- | C] () -- C:\Users\Sather\Documents\JAMES.veg
[2012/08/09 00:14:48 | 000,650,128 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 2.sfk
[2012/08/08 23:57:20 | 166,418,606 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 2.wav
[2012/08/08 23:57:20 | 000,001,416 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 1.sfk
[2012/08/08 23:57:13 | 000,348,434 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 1.wav
[2012/08/08 23:36:44 | 000,016,008 | ---- | C] () -- C:\Users\Sather\Documents\slender.veg
[2012/08/04 15:23:04 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/08/04 15:23:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2012/08/04 15:23:04 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2012/07/27 10:53:13 | 000,000,513 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\com.plutinosoft.idemo.plist
[2012/07/06 12:53:12 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/07/02 17:59:55 | 000,000,000 | ---- | C] () -- C:\Users\Sather\wusa.exe
[2012/06/26 14:31:28 | 000,001,456 | ---- | C] () -- C:\Users\Sather\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/26 14:19:11 | 000,000,132 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/25 21:43:40 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2012/06/25 02:11:43 | 000,000,057 | ---- | C] () -- C:\Windows\hegames.ini
[2012/06/22 03:30:42 | 000,000,132 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/06/20 20:10:47 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012/06/08 20:32:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/06/08 17:19:35 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/06/08 17:19:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/06/08 17:19:33 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc (1).exe
[2012/05/16 19:26:53 | 000,015,872 | ---- | C] () -- C:\Users\Sather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/12 02:51:17 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/05/12 02:51:17 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/05/12 02:51:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/12 02:51:15 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/03/04 14:51:56 | 000,417,600 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/09 11:19:02 | 000,021,320 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/01/07 09:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/01/07 09:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-53.dll
[2012/01/07 09:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-53.dll
[2012/01/07 09:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/01/07 09:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/01/07 09:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2011/12/19 01:29:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/12/19 01:27:16 | 000,236,544 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/06/27 08:07:14 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2011/02/10 11:10:51 | 000,775,304 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/08/30 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\.minecraft
[2012/07/04 15:25:02 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\.Nitrous
[2012/06/20 18:44:54 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\1.2.5 mo creeps
[2012/06/10 22:41:05 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\2K Sports
[2012/06/09 21:46:17 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Acoustica
[2012/08/16 01:51:18 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Atari
[2012/08/27 22:21:29 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Audacity
[2012/07/05 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Babylon
[2012/08/14 01:37:54 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Cyberduck
[2012/08/14 00:58:30 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\cYo
[2012/08/21 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\DarknessII
[2012/07/30 12:49:08 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Digidesign
[2012/07/18 18:59:41 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Evaer
[2012/06/07 15:40:25 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\fltk.org
[2012/07/10 14:41:16 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\GameRanger
[2012/07/02 18:01:59 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\GOL_byHasbro
[2012/06/25 22:22:44 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Leadertech
[2012/05/16 22:39:13 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\LolClient
[2012/08/01 17:10:09 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\MAXON
[2012/05/22 19:37:21 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\MotioninJoy
[2012/07/31 20:41:41 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\ooVoo Details
[2012/05/16 16:32:30 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Origin
[2012/06/25 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PACE Anti-Piracy
[2012/05/17 15:45:22 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PCDr
[2012/05/28 19:42:26 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PDAppFlex
[2012/08/04 21:10:30 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PowerUp Software
[2012/05/24 16:29:13 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Publish Providers
[2012/08/23 21:42:20 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\skyz
[2012/08/25 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Smith Micro
[2012/05/24 16:29:12 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Sony
[2012/05/24 17:34:34 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Sony Creative Software Inc
[2012/08/20 15:37:23 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Sony Online Entertainment
[2012/07/31 18:40:32 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\SplitMediaLabs
[2012/06/09 21:46:20 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\SynthMaker
[2012/08/14 20:45:58 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\TeamViewer
[2012/05/16 21:24:50 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\TS3Client
[2012/07/26 20:33:04 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Tunngle
[2012/09/01 18:34:52 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\uTorrent
[2012/08/31 01:10:34 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Warner Bros. Interactive Entertainment
[2012/07/26 15:45:35 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Wondershare Video Converter Ultimate
[2012/08/14 01:28:49 | 000,000,000 | --SD | M] -- C:\Users\Sather\AppData\Roaming\wyUpdate AU
[2012/09/03 21:06:25 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/06 15:44:36 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/07/08 16:51:00 | 000,000,536 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/08/22 20:42:13 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:35:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=E1C4BA29B3A2502D20B64C230CF7295C -- C:\Users\Sather\Desktop\callofdutyblackopsw7theme\Start Orb\explorer.exe
[2009/10/31 08:35:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=E1C4BA29B3A2502D20B64C230CF7295C -- C:\Windows\Resources\Themes\callofdutyblackopsw7theme\Start Orb\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2010/11/15 21:02:36 | 000,000,264 | ---- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,225 | ---- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,245 | ---- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,225 | ---- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,228 | ---- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2010/11/15 21:02:24 | 000,000,230 | ---- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,233 | ---- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,231 | ---- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,230 | ---- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,226 | ---- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
[2010/11/15 21:02:36 | 000,000,232 | ---- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,233 | ---- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2010/11/15 21:02:36 | 000,000,231 | ---- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,231 | ---- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,225 | ---- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,228 | ---- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2010/11/15 21:02:24 | 000,000,231 | ---- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,228 | ---- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,232 | ---- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2010/11/15 21:02:38 | 000,000,231 | ---- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,231 | ---- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,228 | ---- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,229 | ---- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,234 | ---- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,227 | ---- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,229 | ---- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2010/11/15 21:02:22 | 000,032,633 | ---- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2012/08/17 16:32:54 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\AlienAutopsy\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1321 bytes -> C:\ProgramData\Microsoft:WpJUVR2x6o0pE7yDjm4l
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 1265 bytes -> C:\Program Files (x86)\Common Files\System:8wCKIXkqIGbCex4DyZODWiKFuFC4
@Alternate Data Stream - 1196 bytes -> C:\ProgramData\Microsoft:u4leMMvvLEMoGFnpDcXSA

< End of report >




This is RKreport1


RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sather [Admin rights]
Mode : Scan -- Date : 09/06/2012 16:06:15

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] mf_systray.exe -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe -> KILLED [TermProc]
[SUSP PATH] OTL.exe -- C:\Users\Sather\Desktop\OTL.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MediaFire Tray ("C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe" --boot-start) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2259069413-2578279797-1013439322-1002[...]\Run : MediaFire Tray ("C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe" --boot-start) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC} : NameServer (174.114.184.185) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC} : NameServer (174.114.184.185) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> FOUND
[Susp.ASLR][FILE] services.exe : C:\Windows\system32\services.exe --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: M14XR2_RAID0 +++++
--- User ---
[MBR] 7ed6621f0b5d077b9652271b8a97c921
[BSP] b2af2510f23eb1a53f4f4e1bfb0f70bc : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 21182 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 43462656 | Size: 467169 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt







This is RKreport 2



RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sather [Admin rights]
Mode : Remove -- Date : 09/06/2012 16:07:34

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] mf_systray.exe -- C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe -> KILLED [TermProc]
[SUSP PATH] OTL.exe -- C:\Users\Sather\Desktop\OTL.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MediaFire Tray ("C:\Users\Sather\AppData\Local\MediaFire Express\mf_systray.exe" --boot-start) -> DELETED
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC} : NameServer (174.114.184.185) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC} : NameServer (174.114.184.185) -> NOT REMOVED, USE DNSFIX
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> REMOVED AT REBOOT
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> REMOVED AT REBOOT
[Susp.ASLR][FILE] services.exe : C:\Windows\system32\services.exe --> REPLACED AT REBOOT (C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe)

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: M14XR2_RAID0 +++++
--- User ---
[MBR] 7ed6621f0b5d077b9652271b8a97c921
[BSP] b2af2510f23eb1a53f4f4e1bfb0f70bc : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 21182 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 43462656 | Size: 467169 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt







This is RKreport3




RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sather [Admin rights]
Mode : Shortcuts HJfix -- Date : 09/06/2012 16:12:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 36 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 258 / Fail 0
My documents: Success 1 / Fail 1
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 414 / Fail 0
My videos: Success 1 / Fail 0
Local drives: Success 529 / Fail 8
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\CdRom1 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt






MBAM




Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.06.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sather :: SATHER-PC [administrator]

Protection: Enabled

9/6/2012 4:14:46 PM
mbam-log-2012-09-06 (16-14-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223778
Time elapsed: 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




And like I said, I only had one OTL txt file.
  • 0

#9
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Also after I did all that, I ran a Norton scan and it hasnt found anything! It seems to be going better
  • 0

#10
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,149 posts
Hi
Glad to hear the computer is feeling better :)
Good job so far, but we are not done yet.
When you reply you can just paste the text into the reply box, no need to use the quote button.
I notice that you have one or more P2P (Peer to Peer) file sharing programs installed on your computer.
  • uTorrent
This is a very easy way to get infected, as many of the files that can be downloaded with these P2P programs are infected with all sorts of malware.
You put your system at a very big risk by downloading these files, and that is why we recommend
that you remove these programs from your computer.
If you do not want to remove them, please DO NOT use them while we are cleaning your machine.

If you need any help removing them I will be glad to assist you.

Step 1
Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
    [createrestorepoint]
    :OTL
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC}: NameServer = 174.114.184.185
    [2012/07/05 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Babylon
    :commands
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 3
Please start Chrome and do the following:

Click the wrench icon wrench icon on the browser toolbar.
Select Settings.
Please remove the babylon search page from your home page under Appearance by clicking the word Change.

Step 4
Note: You can use either Internet Explorer or Mozilla FireFox for this Scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

In your next reply I would like to see:
  • contents of checkup.txt
  • then contents of the OTL quick scan
  • did you successfully change your home page in Chrome?
  • ESET Online Scanner log - it's easy to miss this one.

  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#12
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Hey. Im sorry I was away from my computer for a while and the topic was closed. I thought everything was running fine but now there has been some fishy behavior. Please tell me what to do?
  • 0

#13
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,149 posts

Hey. Im sorry I was away from my computer for a while and the topic was closed. I thought everything was running fine but now there has been some fishy behavior. Please tell me what to do?


Hi -
Let's take a look at what's going on in your computer.

Can you define fishy for me?

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTL.Txt.
  • Post this log in your next response

  • 0

#14
MNISather

MNISather

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
One time I turned on my computer, and all my network adapters were uninstalled. My McAfee firewall couldnt start up and neither could Windows's firewall.

Heres the log


OTL logfile created on: 9/21/2012 4:31:05 PM - Run 4
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Sather\Desktop\virus hel
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.90 Gb Total Physical Memory | 11.26 Gb Available Physical Memory | 70.82% Memory free
31.81 Gb Paging File | 25.54 Gb Available in Paging File | 80.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.22 Gb Total Space | 122.98 Gb Free Space | 26.96% Space Free | Partition Type: NTFS
Drive D: | 7.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SATHER-PC | User Name: Sather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/21 15:37:52 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/09/15 12:09:19 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012/09/15 12:09:11 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/09/05 22:33:30 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/09/05 22:06:08 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Sather\Desktop\virus hel\OTL.exe
PRC - [2012/08/16 10:21:34 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
PRC - [2012/05/29 10:37:22 | 025,249,400 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe
PRC - [2012/03/23 15:01:00 | 002,014,208 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
PRC - [2012/03/19 06:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 06:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 06:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/03/04 14:51:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/02/21 19:55:24 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/02/21 19:55:22 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012/02/21 19:55:18 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/02/21 19:55:16 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012/02/17 01:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\AlienRespawn\SftService.exe
PRC - [2012/02/09 11:21:20 | 000,014,152 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2012/02/09 11:14:02 | 000,069,448 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2012/02/09 11:09:02 | 000,016,200 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2012/02/01 17:44:12 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/01 17:44:12 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/01 17:43:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/27 16:30:20 | 000,320,832 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 21:51:44 | 004,005,184 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Toaster.exe
PRC - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
PRC - [2011/12/21 21:20:26 | 000,880,640 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/03 18:01:44 | 001,546,096 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
PRC - [2011/10/19 19:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) -- c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe
PRC - [2010/06/24 00:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/21 15:37:52 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/09/05 22:33:30 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/08/29 21:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012/08/29 21:58:44 | 012,237,336 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
MOD - [2012/08/29 21:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012/08/29 21:57:27 | 000,526,872 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll
MOD - [2012/08/29 21:57:26 | 000,104,984 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll
MOD - [2012/08/29 21:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012/08/29 21:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012/08/29 21:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/14 03:41:53 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
MOD - [2012/06/14 03:37:48 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MOD - [2012/06/14 03:21:17 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/14 03:21:11 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 03:21:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:21:01 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 03:20:59 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/06/14 03:03:16 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/14 03:03:08 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/14 03:03:07 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:03:03 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/14 03:03:02 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/20 20:59:02 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012/05/20 20:59:00 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
MOD - [2012/05/20 20:58:27 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/20 20:58:08 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012/05/20 20:58:08 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
MOD - [2012/05/20 20:58:07 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012/05/20 20:58:06 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\676a0584b48c64d242d4ad3aa07d9214\System.ServiceModel.ni.dll
MOD - [2012/05/20 20:57:56 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MOD - [2012/05/20 19:23:59 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/20 19:23:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/20 19:23:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/20 19:23:24 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/20 19:23:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/20 19:23:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/20 19:23:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/18 16:31:21 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/18 16:30:34 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
MOD - [2012/05/18 16:30:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
MOD - [2012/05/18 16:30:01 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/18 15:53:22 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/18 15:53:18 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/18 15:53:15 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/18 15:53:13 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/18 15:53:12 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/18 15:53:08 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/18 15:53:08 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/04/30 02:55:46 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012/04/30 02:55:46 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012/04/30 02:55:46 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012/04/30 02:55:46 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2012/03/04 17:52:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
MOD - [2011/11/03 18:01:44 | 001,546,096 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/12/18 11:07:06 | 000,577,536 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/16 10:23:17 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV:64bit: - [2012/06/22 07:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/02/26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/02/26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/02/26 05:07:32 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/02/26 05:07:26 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/02/09 11:09:02 | 000,014,664 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2012/01/17 16:12:28 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/01/09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2012/09/15 22:02:12 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/15 12:09:19 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012/09/15 12:09:11 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/09/07 17:38:12 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/05 22:33:30 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/07/19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe -- (NAV)
SRV - [2012/05/12 01:15:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/05/12 01:15:50 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/03/27 21:52:34 | 000,122,880 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)
SRV - [2012/03/19 06:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/03/06 10:19:00 | 003,953,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/03/04 17:52:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/03/04 14:51:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/02/21 19:55:24 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/02/21 19:55:22 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012/02/21 19:55:18 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/02/17 19:07:22 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2012/02/01 17:44:12 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/01 17:44:12 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/01 17:43:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/19 19:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2011/05/09 13:01:06 | 000,430,080 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2011/03/21 12:41:18 | 000,178,224 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe -- (VZWConfigService)
SRV - [2011/02/17 07:02:26 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe -- (RoxMediaDBGame1X)
SRV - [2010/06/24 00:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/06/14 11:00:48 | 000,270,848 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe -- (NWVZHelper)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/05 22:33:30 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/09/01 18:18:50 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/22 07:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/06/22 07:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/06/22 07:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2012/05/12 02:55:50 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/12 02:55:50 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/17 21:13:32 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 21:13:22 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys -- (SymDS)
DRV:64bit: - [2012/04/17 20:42:14 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/27 21:58:10 | 001,052,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtHda.sys -- (cthda)
DRV:64bit: - [2012/03/15 23:12:20 | 000,426,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/03/04 18:31:18 | 000,398,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/03/04 17:52:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2012/03/04 17:52:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/02/14 13:47:36 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/02/14 12:38:56 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/02/01 17:43:56 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/01/31 14:38:02 | 000,340,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/01/03 16:04:52 | 000,067,184 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_ACCEL.sys -- (ST_ACCEL)
DRV:64bit: - [2011/12/28 23:14:04 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/12/20 17:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 17:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/06 06:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/30 11:19:48 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/11/30 11:19:46 | 000,094,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/09/19 05:54:44 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/07/15 21:31:22 | 000,022,128 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2011/06/14 18:47:10 | 000,347,648 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NWRmNet_001.sys -- (NWRmNet_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,261,120 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser2_001.sys -- (NWUSBPort2_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser_001.sys -- (NWUSBPort_001)
DRV:64bit: - [2011/06/14 18:47:10 | 000,217,856 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbmdm_001.sys -- (NWUSBModem_001)
DRV:64bit: - [2011/01/26 19:38:28 | 000,683,392 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2011/01/26 19:37:44 | 001,063,552 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 08:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 06:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/12/23 11:36:04 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2009/10/02 12:53:48 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/26 15:43:42 | 000,016,752 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/09/15 22:30:09 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\VirusDefs\20120915.008\ex64.sys -- (NAVEX15)
DRV - [2012/09/15 22:30:09 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\VirusDefs\20120915.008\eng64.sys -- (NAVENG)
DRV - [2012/09/06 04:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\IPSDefs\20120914.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/03 22:45:31 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/31 17:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\Definitions\BASHDefs\20120905.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/26 15:43:42 | 000,013,680 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg....sa&d=2012-06-25 22:39:24&v=12.2.5.32&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-06-25 22:39:24&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sather\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sather\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sather\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/09/21 15:37:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/28 22:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.8.0.14\IPSFFPlgn\ [2012/09/20 00:44:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK

[2012/09/06 15:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/05/28 17:35:02 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\Sather\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]

========== Chrome ==========

CHR - homepage: http://search.babylo...000685d4320e2d5
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...000685d4320e2d5
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sather\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sather\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: YouTube = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Click 2 Save = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfbkhdpdndhaejllgoppclbkcngghcg\1.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Fast save = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\chjdocjndfmmccgohapcbkddcnnncmme\1.1_0\
CHR - Extension: Google Search = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Speed Dial = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.1_0\
CHR - Extension: bloomind ct deepdark = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd\1_0\
CHR - Extension: AdBlock = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: 1Click Downloader = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Google Mail Checker = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.3.6_0\
CHR - Extension: Facebook Notifications = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Sather\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/20 16:51:51 | 000,001,289 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Alienware)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc..)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [Sound Blaster Recon3Di Control Panel] c:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Sather\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKLM..\RunOnce\Setup: [Registering MS MPEG4 ActiveX filter...] C:\Windows\SysWOW64\MPG4ds32.ax (Microcrap Corporation)
O4 - Startup: C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IPMSG for Win32.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC082A9-994A-4B82-8CF2-04529DA83EAC}: NameServer = 174.114.184.185
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD535A9E-FAE2-48C1-AB4A-0F1E6B077C91}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E94E7494-6CFA-4D01-9607-797C55A0C4BB}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/01 14:44:05 | 000,000,027 | RH-- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{383cb6c8-9c08-11e1-8ada-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{383cb6c8-9c08-11e1-8ada-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010/06/30 05:08:46 | 000,808,256 | R--- | M] (Acresso Software Inc. )
O33 - MountPoints2\{5e94a5fc-a09b-11e1-85b4-685d4320e2d8}\Shell - "" = AutoRun
O33 - MountPoints2\{5e94a5fc-a09b-11e1-85b4-685d4320e2d8}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{a90fe1e5-b279-11e1-8ab4-685d4320e2d8}\Shell - "" = AutoRun
O33 - MountPoints2\{a90fe1e5-b279-11e1-8ab4-685d4320e2d8}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/21 16:29:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\virus hel
[2012/09/21 15:41:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\AVG Secure Search
[2012/09/20 20:47:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Guitar Pro 6
[2012/09/20 20:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Guitar Pro 6
[2012/09/20 20:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
[2012/09/20 20:46:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guitar Pro 6
[2012/09/20 19:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrashPlan
[2012/09/20 19:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CrashPlan
[2012/09/20 19:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\CrashPlan
[2012/09/20 19:09:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\CrashPlan
[2012/09/20 17:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/20 17:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/20 17:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/09/20 17:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/20 17:41:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/09/20 17:15:11 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\iPad Help
[2012/09/20 16:55:30 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\redsn0w
[2012/09/20 16:55:24 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\redsn0w_win_0.9.14b1
[2012/09/20 16:49:40 | 000,000,000 | ---D | C] -- C:\Users\Sather\.shsh
[2012/09/19 20:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/09/19 20:27:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/19 17:16:38 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Echobit
[2012/09/19 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Wippien
[2012/09/19 17:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\Wippien
[2012/09/19 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Language
[2012/09/19 16:52:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/09/19 16:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO
[2012/09/19 16:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo
[2012/09/19 16:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/09/19 16:45:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/09/19 16:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012/09/19 16:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/09/18 21:30:47 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unmechanical
[2012/09/18 20:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012/09/17 18:16:44 | 000,041,984 | ---- | C] (Gibbed) -- C:\Users\Sather\Desktop\Gibbed.Borderlands.SaveEdit.exe
[2012/09/17 18:16:44 | 000,020,992 | ---- | C] (Gibbed) -- C:\Users\Sather\Desktop\Gibbed.Borderlands.FileFormats.dll
[2012/09/15 21:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/15 21:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/09/15 12:18:53 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Ubisoft Game Launcher
[2012/09/15 12:18:49 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Ubisoft
[2012/09/15 12:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012/09/12 15:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012/09/12 14:53:55 | 000,177,144 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/09/12 14:45:18 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\GarenaPlus
[2012/09/12 14:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
[2012/09/12 14:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Plus
[2012/09/12 14:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\GarenaMessenger
[2012/09/11 19:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\IPMsg
[2012/09/11 18:40:31 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\MansionV110
[2012/09/11 18:26:45 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{63D0673E-6AA3-4B0A-8333-FFF22E7D0349}
[2012/09/11 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\Sanitorium
[2012/09/09 22:38:26 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\RotMG.Production
[2012/09/09 22:29:44 | 000,000,000 | ---D | C] -- C:\Users\Sather\jagexcache1
[2012/09/09 22:24:37 | 000,000,000 | ---D | C] -- C:\Users\Sather\jagexcache
[2012/09/08 14:02:37 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\EA Games
[2012/09/08 13:42:54 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\Shaders
[2012/09/06 16:05:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\RK_Quarantine
[2012/09/06 15:53:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/05 22:33:30 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/01 18:42:34 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\CrashDumps
[2012/09/01 18:33:29 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\NPE
[2012/09/01 18:18:50 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/09/01 18:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/09/01 18:18:48 | 001,129,120 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.sys
[2012/09/01 18:18:48 | 000,737,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.sys
[2012/09/01 18:18:48 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.sys
[2012/09/01 18:18:48 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnets.sys
[2012/09/01 18:18:48 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Ironx64.sys
[2012/09/01 18:18:48 | 000,167,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.sys
[2012/09/01 18:18:48 | 000,037,536 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.sys
[2012/09/01 18:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2012/09/01 18:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E
[2012/09/01 18:18:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2012/09/01 18:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2012/08/30 22:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/08/30 15:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012/08/29 14:38:34 | 000,000,000 | ---D | C] -- C:\Minecraft_Backup
[2012/08/29 01:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/08/29 01:06:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/08/29 01:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005
[2012/08/29 01:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/08/29 01:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/28 22:08:43 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\DivX
[2012/08/28 22:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/08/28 22:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/08/28 22:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012/08/28 22:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/08/28 22:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/08/28 22:03:08 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{708ADA2D-C87C-42B1-8B85-F19010C73E5D}
[2012/08/28 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\UniversalThemePatcher_20090409
[2012/08/28 21:32:56 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\callofdutyblackopsw7theme
[2012/08/27 20:53:28 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MidiEditor
[2012/08/27 20:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MidiEditor
[2012/08/26 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\McAfee
[2012/08/26 15:34:58 | 000,000,000 | ---D | C] -- C:\Users\Sather\Desktop\Fabtasy
[2012/08/25 20:09:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{52DAD54D-5785-4A1B-86A5-0435CA2C3466}
[2012/08/25 19:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\WEngineLite
[2012/08/25 19:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Verizon Wireless
[2012/08/25 19:06:02 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\hpqLog
[2012/08/25 15:25:13 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\Smith Micro
[2012/08/25 01:06:25 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{1E13D1BB-B324-4C06-AAAE-E3F25C50F975}
[2012/08/24 22:31:16 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{4963992C-EB83-4AD1-A3F9-333A1DCF5F69}
[2012/08/23 22:22:06 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\{F7E3E906-8466-4476-A471-29DA243F5B80}
[2012/08/23 21:42:20 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Roaming\skyz
[2012/08/23 14:51:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienAutopsy
[2012/08/23 14:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/23 10:27:17 | 000,000,000 | ---D | C] -- C:\Users\Sather\AppData\Local\Chromium
[2012/08/23 10:27:10 | 000,000,000 | ---D | C] -- C:\Users\Sather\Documents\Rockstar Games
[2012/08/23 09:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/21 16:09:03 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012/09/21 16:05:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/09/21 15:57:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/21 15:44:42 | 000,778,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/21 15:44:42 | 000,661,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/21 15:44:42 | 000,121,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/21 15:44:22 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/21 15:44:22 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/21 15:37:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/21 15:37:04 | 4218,138,622 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/21 05:17:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/09/21 00:41:20 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2012/09/20 21:59:28 | 000,003,344 | ---- | M] () -- C:\bootsqm.dat
[2012/09/20 20:47:14 | 000,000,998 | ---- | M] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Guitar Pro 6.lnk
[2012/09/20 20:47:14 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Pro 6.lnk
[2012/09/20 19:09:34 | 000,001,843 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
[2012/09/20 18:05:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/20 17:45:56 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/20 16:51:51 | 000,001,289 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.umbrella
[2012/09/20 16:51:51 | 000,001,289 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/20 16:47:18 | 000,001,261 | ---- | M] () -- C:\Users\Sather\Desktop\hosts
[2012/09/20 15:37:07 | 001,550,906 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Cat.DB
[2012/09/19 21:23:46 | 000,000,254 | ---- | M] () -- C:\WirelessDiagLog.csv
[2012/09/18 22:27:41 | 000,049,051 | ---- | M] () -- C:\Users\Sather\Desktop\5387752_700b_v1.jpg
[2012/09/18 22:24:18 | 000,073,814 | ---- | M] () -- C:\Users\Sather\Desktop\5392416_700b.jpg
[2012/09/18 20:24:37 | 000,002,352 | ---- | M] () -- C:\Users\Public\Desktop\Borderlands 2.lnk
[2012/09/18 17:42:00 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sather.job
[2012/09/16 17:58:45 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/15 21:05:18 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/15 12:09:19 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/15 12:09:11 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/09/14 21:27:24 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/14 21:27:24 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/09/14 17:05:32 | 000,062,938 | ---- | M] () -- C:\Users\Sather\Desktop\396085_437131792975076_816677859_n.jpg
[2012/09/14 17:04:41 | 000,032,557 | ---- | M] () -- C:\Users\Sather\Desktop\531638_447204401967815_1626097854_n.jpg
[2012/09/14 16:59:12 | 000,064,163 | ---- | M] () -- C:\Users\Sather\Desktop\524026_453602117994710_27970834_n.jpg
[2012/09/12 17:09:48 | 000,194,998 | ---- | M] () -- C:\Users\Sather\Desktop\slender.png
[2012/09/12 17:09:48 | 000,000,132 | ---- | M] () -- C:\Users\Sather\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/09/12 16:52:15 | 000,024,384 | ---- | M] () -- C:\Users\Sather\Desktop\slender.veg
[2012/09/12 16:50:03 | 427,560,799 | ---- | M] () -- C:\Users\Sather\Desktop\Mansion.wmv
[2012/09/12 14:45:17 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Garena Plus.lnk
[2012/09/11 23:37:46 | 000,001,497 | ---- | M] () -- C:\Users\Sather\Desktop\Borderlands.lnk
[2012/09/11 19:57:36 | 000,000,963 | ---- | M] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IPMSG for Win32.lnk
[2012/09/11 19:57:36 | 000,000,927 | ---- | M] () -- C:\Users\Sather\Desktop\IPMSG for Win32.lnk
[2012/09/11 18:53:30 | 107,732,486 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 6.wav
[2012/09/11 18:53:30 | 000,420,888 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 6.sfk
[2012/09/11 18:43:44 | 001,426,411 | ---- | M] () -- C:\Users\Sather\AppData\Local\Tempmusic.ogg
[2012/09/11 18:42:50 | 001,123,102 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 5.wav
[2012/09/11 18:42:50 | 000,004,440 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 5.sfk
[2012/09/11 18:41:56 | 000,513,350 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 4.wav
[2012/09/11 18:41:56 | 000,002,064 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 4.sfk
[2012/09/11 18:41:36 | 000,413,262 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 3.wav
[2012/09/11 18:41:36 | 000,001,672 | ---- | M] () -- C:\Users\Sather\Documents\Track 1 - 3.sfk
[2012/09/10 23:49:46 | 000,000,223 | ---- | M] () -- C:\Users\Sather\Desktop\Gotham City Impostors Free To Play.url
[2012/09/10 23:48:05 | 004,677,481 | ---- | M] () -- C:\Users\Sather\Desktop\apb unfished 2.wmv
[2012/09/09 22:38:17 | 000,000,001 | ---- | M] () -- C:\Users\Sather\random.dat
[2012/09/09 22:30:23 | 000,000,047 | ---- | M] () -- C:\Users\Sather\jagex_cl_loginapplet_LIVE.dat
[2012/09/09 22:29:44 | 000,000,046 | ---- | M] () -- C:\Users\Sather\jagex_cl_runescape_LIVE1.dat
[2012/09/09 22:29:44 | 000,000,045 | ---- | M] () -- C:\Users\Sather\jagex_cl_runescape_LIVE.dat
[2012/09/09 01:46:51 | 000,030,091 | ---- | M] () -- C:\Users\Sather\Desktop\4290384_460s.jpg
[2012/09/08 19:41:50 | 000,131,710 | ---- | M] () -- C:\Users\Sather\Desktop\sword.psd
[2012/09/08 13:59:57 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2012/09/08 00:02:21 | 000,000,222 | ---- | M] () -- C:\Users\Sather\Desktop\Puzzle Pirates.url
[2012/09/06 16:04:57 | 001,378,816 | ---- | M] () -- C:\Users\Sather\Desktop\RogueKiller.exe
[2012/09/05 17:54:23 | 017,893,619 | ---- | M] () -- C:\Users\Sather\Desktop\unfinished apb.wmv
[2012/09/03 22:45:31 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\VT20120731.038
[2012/09/01 18:18:50 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/09/01 18:18:50 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/09/01 18:18:50 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/09/01 18:18:49 | 000,002,475 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/08/30 23:32:23 | 000,000,820 | ---- | M] () -- C:\Users\Sather\Desktop\LEGO® Batman™ 2 DC Super Heroes.lnk
[2012/08/29 01:06:43 | 000,001,345 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/08/28 22:08:57 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/28 22:08:57 | 000,001,619 | ---- | M] () -- C:\Users\Sather\Desktop\DivX Movies.lnk
[2012/08/28 22:08:41 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/28 13:01:54 | 886,275,156 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/27 20:53:28 | 000,001,923 | ---- | M] () -- C:\Users\Sather\Desktop\MidiEditor.lnk
[2012/08/27 20:49:02 | 000,041,502 | ---- | M] () -- C:\Users\Sather\Desktop\coldplay-paradise.mid
[2012/08/27 03:43:34 | 000,071,961 | ---- | M] () -- C:\Users\Sather\Desktop\nevergon_rickashley.mid
[2012/08/26 19:52:47 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2012/08/26 09:25:14 | 000,302,553 | ---- | M] () -- C:\Users\Sather\Desktop\OptiFine_1.3.2_HD_U_B2.zip
[2012/08/25 20:55:49 | 000,892,991 | ---- | M] () -- C:\Users\Sather\Desktop\614851_514975008528823_906330673_o.jpg
[2012/08/25 20:20:58 | 017,548,635 | ---- | M] () -- C:\Users\Sather\Desktop\transition.psd
[2012/08/25 19:48:21 | 022,949,940 | ---- | M] () -- C:\Users\Sather\Desktop\car.psd
[2012/08/25 19:14:01 | 000,268,459 | ---- | M] () -- C:\Users\Sather\Desktop\car.jpg
[2012/08/25 19:06:57 | 000,001,290 | ---- | M] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2012/08/23 21:25:22 | 000,178,311 | ---- | M] () -- C:\Users\Sather\Desktop\ModLoader (2).zip
[2012/08/23 20:40:51 | 000,000,223 | ---- | M] () -- C:\Users\Sather\Desktop\APB Reloaded.url
[2012/08/23 03:25:30 | 000,002,337 | ---- | M] () -- C:\Users\Sather\Desktop\Xpadder.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/20 21:59:28 | 000,003,344 | ---- | C] () -- C:\bootsqm.dat
[2012/09/20 20:47:14 | 000,000,998 | ---- | C] () -- C:\Users\Sather\Application Data\Microsoft\Internet Explorer\Quick Launch\Guitar Pro 6.lnk
[2012/09/20 20:47:14 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Pro 6.lnk
[2012/09/20 19:09:34 | 000,001,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
[2012/09/20 17:45:56 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/20 17:42:38 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/20 16:40:45 | 000,001,261 | ---- | C] () -- C:\Users\Sather\Desktop\hosts
[2012/09/18 22:27:43 | 000,049,051 | ---- | C] () -- C:\Users\Sather\Desktop\5387752_700b_v1.jpg
[2012/09/18 22:24:24 | 000,073,814 | ---- | C] () -- C:\Users\Sather\Desktop\5392416_700b.jpg
[2012/09/18 20:24:37 | 000,002,352 | ---- | C] () -- C:\Users\Public\Desktop\Borderlands 2.lnk
[2012/09/17 18:16:44 | 000,022,016 | ---- | C] () -- C:\Users\Sather\Desktop\Gibbed.Helpers.dll
[2012/09/15 21:05:18 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/14 17:05:34 | 000,062,938 | ---- | C] () -- C:\Users\Sather\Desktop\396085_437131792975076_816677859_n.jpg
[2012/09/14 17:04:42 | 000,032,557 | ---- | C] () -- C:\Users\Sather\Desktop\531638_447204401967815_1626097854_n.jpg
[2012/09/14 16:59:15 | 000,064,163 | ---- | C] () -- C:\Users\Sather\Desktop\524026_453602117994710_27970834_n.jpg
[2012/09/12 17:09:47 | 000,194,998 | ---- | C] () -- C:\Users\Sather\Desktop\slender.png
[2012/09/12 16:52:15 | 000,024,384 | ---- | C] () -- C:\Users\Sather\Desktop\slender.veg
[2012/09/12 16:24:06 | 427,560,799 | ---- | C] () -- C:\Users\Sather\Desktop\Mansion.wmv
[2012/09/12 14:45:17 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Garena Plus.lnk
[2012/09/11 23:37:46 | 000,001,497 | ---- | C] () -- C:\Users\Sather\Desktop\Borderlands.lnk
[2012/09/11 19:57:36 | 000,000,963 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IPMSG for Win32.lnk
[2012/09/11 19:57:36 | 000,000,957 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IPMSG for Win32.lnk
[2012/09/11 19:57:36 | 000,000,927 | ---- | C] () -- C:\Users\Sather\Desktop\IPMSG for Win32.lnk
[2012/09/11 18:53:30 | 000,420,888 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 6.sfk
[2012/09/11 18:42:50 | 107,732,486 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 6.wav
[2012/09/11 18:42:50 | 000,004,440 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 5.sfk
[2012/09/11 18:41:56 | 001,123,102 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 5.wav
[2012/09/11 18:41:56 | 000,002,064 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 4.sfk
[2012/09/11 18:41:36 | 000,513,350 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 4.wav
[2012/09/11 18:41:36 | 000,001,672 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 3.sfk
[2012/09/11 18:41:26 | 000,413,262 | ---- | C] () -- C:\Users\Sather\Documents\Track 1 - 3.wav
[2012/09/11 18:22:21 | 001,426,411 | ---- | C] () -- C:\Users\Sather\AppData\Local\Tempmusic.ogg
[2012/09/10 23:49:46 | 000,000,223 | ---- | C] () -- C:\Users\Sather\Desktop\Gotham City Impostors Free To Play.url
[2012/09/10 23:47:55 | 004,677,481 | ---- | C] () -- C:\Users\Sather\Desktop\apb unfished 2.wmv
[2012/09/09 22:29:44 | 000,000,046 | ---- | C] () -- C:\Users\Sather\jagex_cl_runescape_LIVE1.dat
[2012/09/09 22:26:15 | 000,000,047 | ---- | C] () -- C:\Users\Sather\jagex_cl_loginapplet_LIVE.dat
[2012/09/09 22:24:37 | 000,000,045 | ---- | C] () -- C:\Users\Sather\jagex_cl_runescape_LIVE.dat
[2012/09/09 22:24:37 | 000,000,001 | ---- | C] () -- C:\Users\Sather\random.dat
[2012/09/09 01:46:40 | 000,030,091 | ---- | C] () -- C:\Users\Sather\Desktop\4290384_460s.jpg
[2012/09/08 19:41:50 | 000,131,710 | ---- | C] () -- C:\Users\Sather\Desktop\sword.psd
[2012/09/08 13:59:56 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2012/09/08 13:52:04 | 2239,692,799 | ---- | C] () -- C:\Users\Sather\Desktop\rld-mirk.iso
[2012/09/08 13:41:51 | 000,302,553 | ---- | C] () -- C:\Users\Sather\Desktop\OptiFine_1.3.2_HD_U_B2.zip
[2012/09/08 00:10:43 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012/09/08 00:02:21 | 000,000,222 | ---- | C] () -- C:\Users\Sather\Desktop\Puzzle Pirates.url
[2012/09/07 18:40:50 | 008,073,421 | ---- | C] () -- C:\Users\Sather\Desktop\Escapecraft3 v5 map.zip
[2012/09/06 16:04:55 | 001,378,816 | ---- | C] () -- C:\Users\Sather\Desktop\RogueKiller.exe
[2012/09/05 17:53:34 | 017,893,619 | ---- | C] () -- C:\Users\Sather\Desktop\unfinished apb.wmv
[2012/09/03 22:45:37 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\VT20120731.038
[2012/09/01 18:18:50 | 001,550,906 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Cat.DB
[2012/09/01 18:18:50 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/09/01 18:18:50 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/09/01 18:18:49 | 000,002,475 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/09/01 18:18:45 | 000,003,435 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA.inf
[2012/09/01 18:18:45 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS.inf
[2012/09/01 18:18:45 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymNet.inf
[2012/09/01 18:18:45 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.inf
[2012/09/01 18:18:45 | 000,001,419 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.inf
[2012/09/01 18:18:45 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccSetx64.inf
[2012/09/01 18:18:45 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\Iron.inf
[2012/09/01 18:18:36 | 000,008,942 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymVTcer.dat
[2012/09/01 18:18:36 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymDS64.cat
[2012/09/01 18:18:36 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\symnet64.cat
[2012/09/01 18:18:36 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\iron.cat
[2012/09/01 18:18:36 | 000,007,446 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\ccsetx64.cat
[2012/09/01 18:18:36 | 000,007,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\SymEFA64.cat
[2012/09/01 18:18:36 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtspx64.cat
[2012/09/01 18:18:36 | 000,007,402 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\srtsp64.cat
[2012/09/01 18:18:36 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1308000.00E\isolate.ini
[2012/08/30 23:32:23 | 000,000,820 | ---- | C] () -- C:\Users\Sather\Desktop\LEGO® Batman™ 2 DC Super Heroes.lnk
[2012/08/29 01:06:47 | 000,000,450 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Sather.job
[2012/08/29 01:06:43 | 000,001,345 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2012/08/29 01:06:40 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/08/28 22:08:57 | 000,001,619 | ---- | C] () -- C:\Users\Sather\Desktop\DivX Movies.lnk
[2012/08/28 22:08:41 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/28 22:08:13 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/28 21:32:56 | 000,000,088 | ---- | C] () -- C:\Users\Sather\Desktop\Download More Windows 7 Themes.html
[2012/08/28 21:32:55 | 019,384,858 | ---- | C] () -- C:\Users\Sather\Desktop\callofdutyblackops.themepack
[2012/08/27 20:53:28 | 000,001,923 | ---- | C] () -- C:\Users\Sather\Desktop\MidiEditor.lnk
[2012/08/27 20:49:06 | 000,041,502 | ---- | C] () -- C:\Users\Sather\Desktop\coldplay-paradise.mid
[2012/08/27 03:43:37 | 000,071,961 | ---- | C] () -- C:\Users\Sather\Desktop\nevergon_rickashley.mid
[2012/08/26 19:52:47 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2012/08/26 19:52:22 | 000,002,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2012/08/25 20:55:20 | 000,892,991 | ---- | C] () -- C:\Users\Sather\Desktop\614851_514975008528823_906330673_o.jpg
[2012/08/25 20:20:56 | 017,548,635 | ---- | C] () -- C:\Users\Sather\Desktop\transition.psd
[2012/08/25 19:48:18 | 022,949,940 | ---- | C] () -- C:\Users\Sather\Desktop\car.psd
[2012/08/25 19:14:08 | 000,268,459 | ---- | C] () -- C:\Users\Sather\Desktop\car.jpg
[2012/08/25 19:06:57 | 000,001,302 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VZAccess Manager.lnk
[2012/08/25 19:06:57 | 000,001,290 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2012/08/23 21:25:22 | 000,178,311 | ---- | C] () -- C:\Users\Sather\Desktop\ModLoader (2).zip
[2012/08/23 20:40:51 | 000,000,223 | ---- | C] () -- C:\Users\Sather\Desktop\APB Reloaded.url
[2012/08/04 15:23:04 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/08/04 15:23:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2012/08/04 15:23:04 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2012/07/27 10:53:13 | 000,000,513 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\com.plutinosoft.idemo.plist
[2012/07/06 12:53:12 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/07/02 17:59:55 | 000,000,000 | ---- | C] () -- C:\Users\Sather\wusa.exe
[2012/06/26 14:31:28 | 000,001,456 | ---- | C] () -- C:\Users\Sather\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/26 14:19:11 | 000,000,132 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/25 21:43:40 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2012/06/25 02:11:43 | 000,000,057 | ---- | C] () -- C:\Windows\hegames.ini
[2012/06/22 03:30:42 | 000,000,132 | ---- | C] () -- C:\Users\Sather\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/06/21 03:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/06/20 20:10:47 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012/06/08 20:32:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/06/08 17:19:35 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/06/08 17:19:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/06/08 17:19:33 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc (1).exe
[2012/05/16 19:26:53 | 000,015,872 | ---- | C] () -- C:\Users\Sather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/12 02:51:17 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/05/12 02:51:17 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/05/12 02:51:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/12 02:51:15 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/03/04 14:51:56 | 000,417,600 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/09 11:19:02 | 000,021,320 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/01/07 09:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/01/07 09:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-53.dll
[2012/01/07 09:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-53.dll
[2012/01/07 09:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/01/07 09:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/01/07 09:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2011/12/19 01:29:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/12/19 01:27:16 | 000,236,544 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/06/27 08:07:14 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2011/02/10 11:10:51 | 000,775,304 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/09/21 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\.minecraft
[2012/09/08 13:46:59 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\.Nitrous
[2012/06/20 18:44:54 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\1.2.5 mo creeps
[2012/06/10 22:41:05 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\2K Sports
[2012/06/09 21:46:17 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Acoustica
[2012/08/16 01:51:18 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Atari
[2012/09/20 19:57:16 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Audacity
[2012/07/05 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Babylon
[2012/09/20 19:09:36 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\CrashPlan
[2012/08/14 01:37:54 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Cyberduck
[2012/08/14 00:58:30 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\cYo
[2012/08/21 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\DarknessII
[2012/07/30 12:49:08 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Digidesign
[2012/07/18 18:59:41 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Evaer
[2012/06/07 15:40:25 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\fltk.org
[2012/07/10 14:41:16 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\GameRanger
[2012/09/12 14:46:12 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\GarenaPlus
[2012/07/02 18:01:59 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\GOL_byHasbro
[2012/09/20 20:52:15 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Guitar Pro 6
[2012/09/19 17:05:45 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Language
[2012/06/25 22:22:44 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Leadertech
[2012/05/16 22:39:13 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\LolClient
[2012/09/15 19:49:51 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\MAXON
[2012/05/22 19:37:21 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\MotioninJoy
[2012/07/31 20:41:41 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\ooVoo Details
[2012/05/16 16:32:30 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Origin
[2012/06/25 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PACE Anti-Piracy
[2012/05/17 15:45:22 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PCDr
[2012/05/28 19:42:26 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PDAppFlex
[2012/08/04 21:10:30 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\PowerUp Software
[2012/05/24 16:29:13 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Publish Providers
[2012/09/20 16:57:45 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\redsn0w
[2012/09/09 22:38:26 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\RotMG.Production
[2012/08/23 21:42:20 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\skyz
[2012/08/25 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Smith Micro
[2012/05/24 16:29:12 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Sony
[2012/05/24 17:34:34 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Sony Creative Software Inc
[2012/08/20 15:37:23 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Sony Online Entertainment
[2012/07/31 18:40:32 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\SplitMediaLabs
[2012/06/09 21:46:20 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\SynthMaker
[2012/08/14 20:45:58 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\TeamViewer
[2012/09/14 23:34:33 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\TS3Client
[2012/09/20 00:44:54 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Tunngle
[2012/09/20 21:56:16 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\uTorrent
[2012/09/19 17:06:06 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Wippien
[2012/07/26 15:45:35 | 000,000,000 | ---D | M] -- C:\Users\Sather\AppData\Roaming\Wondershare Video Converter Ultimate
[2012/08/14 01:28:49 | 000,000,000 | --SD | M] -- C:\Users\Sather\AppData\Roaming\wyUpdate AU
[2012/09/16 17:58:45 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002Core.job
[2012/09/21 05:17:03 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2259069413-2578279797-1013439322-1002UA.job
[2012/07/08 16:51:00 | 000,000,536 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/08/22 20:42:13 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 22:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\alg.exe -- (ALG)
No service found with a name of BITS
SRV:64bit: - [2010/11/20 22:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2012/05/12 02:55:49 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/04/24 00:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/04/23 23:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 22:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 22:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2012/05/12 02:55:49 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
No service found with a name of SharedAccess
SRV:64bit: - [2010/11/20 22:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2010/11/20 22:23:54 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2012/05/12 02:55:52 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2012/05/12 02:55:49 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 22:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 22:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2012/05/12 02:55:49 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV:64bit: - [2010/11/20 22:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 22:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 22:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 22:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 22:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 22:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2012/08/28 21:36:14 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 22:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 22:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV:64bit: - [2010/11/20 22:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 22:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 22:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 22:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 22:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
No service found with a name of wuauserv
SRV:64bit: - [2010/11/20 22:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 22:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012/05/12 02:55:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012/05/12 02:55:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:35:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=E1C4BA29B3A2502D20B64C230CF7295C -- C:\Users\Sather\Desktop\callofdutyblackopsw7theme\Start Orb\explorer.exe
[2009/10/31 08:35:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=E1C4BA29B3A2502D20B64C230CF7295C -- C:\Windows\Resources\Themes\callofdutyblackopsw7theme\Start Orb\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2010/11/15 21:02:36 | 000,000,264 | ---- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,225 | ---- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,245 | ---- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,225 | ---- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,228 | ---- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2010/11/15 21:02:24 | 000,000,230 | ---- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,233 | ---- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,231 | ---- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,230 | ---- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,226 | ---- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
[2010/11/15 21:02:36 | 000,000,232 | ---- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,233 | ---- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2010/11/15 21:02:36 | 000,000,231 | ---- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,231 | ---- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,225 | ---- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,228 | ---- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2010/11/15 21:02:24 | 000,000,231 | ---- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,228 | ---- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,232 | ---- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2010/11/15 21:02:38 | 000,000,231 | ---- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,231 | ---- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,228 | ---- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2010/11/15 21:02:32 | 000,000,229 | ---- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2010/11/15 21:02:30 | 000,000,234 | ---- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2010/11/15 21:02:26 | 000,000,227 | ---- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2010/11/15 21:02:34 | 000,000,229 | ---- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2010/11/15 21:02:22 | 000,032,633 | ---- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2012/08/17 16:32:54 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\AlienAutopsy\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1321 bytes -> C:\ProgramData\Microsoft:WpJUVR2x6o0pE7yDjm4l
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 1265 bytes -> C:\Program Files (x86)\Common Files\System:8wCKIXkqIGbCex4DyZODWiKFuFC4
@Alternate Data Stream - 1196 bytes -> C:\ProgramData\Microsoft:u4leMMvvLEMoGFnpDcXSA

< End of report >
  • 0

#15
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,149 posts
Hello,
I see some of your problems, lets get busy fixing them.

Step 1

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2

Lets fix your broken services,
Please download the following files to your desktop:
Bits
Wscsvc
WinDefend
Wuauserv
Once downloaded, please right click on each one and select Merge
Restart your computer after merging the 4 files. Check to see if the firewall is running now.

Step 3
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 4
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Download OTL to your Desktop
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

:commands
[createrestorepoint]
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\RunOnce\Setup: [Registering MS MPEG4 ActiveX filter...] C:\Windows\SysWOW64\MPG4ds32.ax (Microcrap Corporation)
:files
ipconfig /flushdns /c
:commands
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[/list]
Step 5
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

In your next reply I would like to see:
  • checkup.txt
  • firewall running now?
  • ADWCleaner log
  • OTL fix log
  • FSS.txt log

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP