Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Really slow computer... [Solved]

Started by Bassman02 , Nov 14 2012 06:33 PM

  • This topic is locked This topic is locked

#1
Bassman02
Posted 14 November 2012 - 06:33 PM

Bassman02

    Member

  • Member
  • PipPip
  • 24 posts
My computer crashed last week and I re installed windows it has since gotten real slow or sometimes freezes, also the start menu will change out of no where. When I run in safe mode there is no problems.



OTL logfile created on: 11/14/2012 6:20:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Computer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 63.24% Memory free
5.49 Gb Paging File | 4.49 Gb Available in Paging File | 81.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254.14 Gb Total Space | 222.07 Gb Free Space | 87.38% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 28.07 Gb Free Space | 96.80% Space Free | Partition Type: NTFS

Computer Name: COMPUTER-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/14 18:19:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer\Downloads\OTL.exe
PRC - [2012/10/31 14:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/31 14:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
MOD - [2012/10/31 14:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012/10/31 14:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012/10/31 14:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012/10/31 14:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012/10/31 14:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/07/19 10:19:32 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/09/22 10:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV:64bit: - [2009/08/14 06:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/11/12 14:22:38 | 002,452,912 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/06/15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/15 19:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009/07/14 06:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009/07/14 06:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/07 00:07:16 | 001,326,928 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2010/07/19 10:45:56 | 007,448,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/19 09:39:40 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/15 04:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/06/17 01:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/11 19:23:16 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/22 02:03:44 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/02 07:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/01/15 10:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2010/01/07 04:46:20 | 000,302,128 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/10/18 16:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009/07/21 06:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/16 03:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)
DRV:64bit: - [2009/07/15 19:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/08/06 04:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/11/08 08:28:34 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adblock Plus = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: Google Search = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Bloxorz = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfkaiemjhgblkkcanmhciiopcehlhnhi\2.0.0_0\
CHR - Extension: SiteAdvisor = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: Site destroyer = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jboojccdkandbhenafkeflkggnokiang\1.0.1_0\
CHR - Extension: Gmail = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{726E5C64-492F-4F2F-A957-45FC4631D3B2}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/13 14:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/11/13 14:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/11/12 12:59:58 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2012/11/12 12:58:55 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2012/11/11 21:59:20 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012/11/11 21:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/11/11 21:19:58 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Windows Live
[2012/11/11 21:01:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\Desktop\Adobe After Effects CS6
[2012/11/11 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/11/11 20:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012/11/11 20:58:48 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Adobe
[2012/11/11 16:19:31 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\Electronic Arts
[2012/11/11 16:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Teaser
[2012/11/11 12:44:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/11/11 12:43:56 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\SystemRequirementsLab
[2012/11/10 21:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/11/10 21:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/11/10 15:28:58 | 000,000,000 | ---D | C] -- C:\Users\Computer\Desktop\conorstuff
[2012/11/10 12:50:27 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/11/10 12:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1942
[2012/11/10 12:50:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/11/10 12:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/11/10 12:29:30 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Origin
[2012/11/10 12:27:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/11/10 12:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/11/09 21:51:53 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Diagnostics
[2012/11/09 21:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/11/09 21:27:22 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\Youcam
[2012/11/09 21:27:19 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\CyberLink
[2012/11/09 21:27:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\CyberLink
[2012/11/09 20:27:50 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Unity
[2012/11/09 20:14:32 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Unity
[2012/11/08 18:57:14 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Microsoft Games
[2012/11/08 13:05:20 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2012/11/08 13:04:20 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2012/11/07 18:23:09 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012/11/07 18:23:09 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012/11/07 18:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/11/06 17:19:00 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys
[2012/11/06 11:42:22 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\LogMeIn Hamachi
[2012/11/06 10:51:50 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\.minecraft
[2012/11/06 10:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/06 10:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/06 10:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/05 23:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/11/05 23:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/11/05 23:34:36 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Best Buy pc app
[2012/11/05 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/11/05 23:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/05 23:28:20 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Google
[2012/11/05 23:26:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Macromedia
[2012/11/05 23:26:54 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Adobe
[2012/11/05 22:58:36 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy
[2012/11/05 22:58:21 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\ATI
[2012/11/05 22:58:21 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\ATI
[2012/11/05 22:58:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Apps
[2012/11/05 22:58:16 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Deployment
[2012/11/05 22:57:39 | 000,000,000 | R--D | C] -- C:\Users\Computer\Searches
[2012/11/05 22:57:39 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/05 22:57:38 | 000,000,000 | -H-D | C] -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/05 22:57:15 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Identities
[2012/11/05 22:57:10 | 000,000,000 | R--D | C] -- C:\Users\Computer\Contacts
[2012/11/05 22:57:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/05 22:56:57 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\VirtualStore
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\AppData\Local\Temporary Internet Files
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Templates
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Start Menu
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\SendTo
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Recent
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\PrintHood
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\NetHood
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Documents\My Videos
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Documents\My Pictures
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Documents\My Music
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\My Documents
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Local Settings
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\AppData\Local\History
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Cookies
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Application Data
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\AppData\Local\Application Data
[2012/11/05 22:56:55 | 000,000,000 | --SD | C] -- C:\Users\Computer\AppData\Roaming\Microsoft
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Videos
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Saved Games
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Pictures
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Music
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Links
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Favorites
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Downloads
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Documents
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Desktop
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/05 22:56:55 | 000,000,000 | -H-D | C] -- C:\Users\Computer\AppData
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Temp
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Microsoft
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Media Center Programs
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2012/11/05 22:56:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/11/05 14:50:51 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/11/14 18:18:25 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/14 18:18:19 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/14 18:17:10 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/14 18:15:41 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/14 18:15:41 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/14 18:14:16 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/14 18:14:16 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/14 18:14:16 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/14 17:51:56 | 000,000,902 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/14 07:19:15 | 000,282,960 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/11/13 14:09:24 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/11/11 21:59:12 | 354,567,166 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/11/11 20:59:42 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2012/11/10 12:50:16 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk
[2012/11/07 19:01:17 | 000,001,437 | ---- | M] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/07 08:18:11 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2012/11/07 08:18:06 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2012/11/05 23:43:59 | 000,263,186 | ---- | M] () -- C:\Users\Computer\Desktop\Minecraft.exe
[2012/11/05 23:37:53 | 000,002,154 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/11/05 23:29:10 | 000,002,255 | ---- | M] () -- C:\Users\Computer\Desktop\Google Chrome.lnk
[2012/11/05 22:58:19 | 000,001,122 | ---- | M] () -- C:\Users\Computer\Desktop\Cyberlink Power2Go.lnk
[2012/11/05 22:58:16 | 000,002,429 | ---- | M] () -- C:\Users\Computer\Desktop\CyberLink YouCam.lnk
[2012/11/05 14:53:31 | 000,039,252 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012/11/05 14:53:31 | 000,039,252 | ---- | M] () -- C:\windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012/11/14 07:11:47 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/13 22:47:04 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/13 14:09:24 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/11/11 21:59:12 | 354,567,166 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/11/11 20:59:42 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/11/11 20:59:42 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2012/11/10 12:50:16 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk
[2012/11/08 13:07:29 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2012/11/08 13:03:15 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2012/11/08 13:02:37 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2012/11/08 13:02:37 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2012/11/08 13:02:05 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2012/11/07 08:18:11 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2012/11/07 08:18:06 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2012/11/05 23:43:57 | 000,263,186 | ---- | C] () -- C:\Users\Computer\Desktop\Minecraft.exe
[2012/11/05 23:37:53 | 000,002,154 | ---- | C] () -- C:\windows\epplauncher.mif
[2012/11/05 23:37:41 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/11/05 23:29:10 | 000,002,255 | ---- | C] () -- C:\Users\Computer\Desktop\Google Chrome.lnk
[2012/11/05 23:28:30 | 000,000,902 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/05 23:28:29 | 000,000,898 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/05 23:26:44 | 000,001,437 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/05 22:58:01 | 000,001,409 | ---- | C] () -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/05 22:57:54 | 000,001,443 | ---- | C] () -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/05 22:56:55 | 000,002,429 | ---- | C] () -- C:\Users\Computer\Desktop\CyberLink YouCam.lnk
[2012/11/05 22:56:55 | 000,002,104 | ---- | C] () -- C:\Users\Computer\Desktop\OneKey Recovery.lnk
[2012/11/05 22:56:55 | 000,001,122 | ---- | C] () -- C:\Users\Computer\Desktop\Cyberlink Power2Go.lnk
[2012/11/05 22:56:55 | 000,000,290 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/05 22:56:55 | 000,000,272 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/11/05 14:50:44 | 2210,578,432 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/17 22:56:06 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2011/03/17 22:56:06 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2011/03/17 22:47:40 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll
[2011/03/17 22:37:12 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011/03/17 22:37:12 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011/03/17 22:37:06 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011/03/17 22:22:42 | 000,015,190 | ---- | C] () -- C:\windows\M3000Twn.ini
[2011/03/17 22:08:19 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/03/17 22:04:08 | 000,002,857 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/12 19:20:10 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\.minecraft
[2012/11/11 20:59:44 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/11/10 12:30:33 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Origin
[2012/11/11 12:43:56 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\SystemRequirementsLab
[2012/11/09 20:27:50 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Unity

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 15 November 2012 - 01:29 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Bassman02,

Welcome to the Malware Forum.

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

#3
Bassman02
Posted 15 November 2012 - 06:34 PM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Java 7 Update 9
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 22.0.1229.96
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
  • 0

#4
emeraldnzl
Posted 15 November 2012 - 06:53 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Bassman02,

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next

  • Close all windows and open OTL again.
  • Double click on the OTL icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Click the None button at the top.
  • Under the Custom Scan box paste this in:
    drivers32
baseservices
drives
%SYSTEMDRIVE%\*.exe
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open a notepad window. OTL.Txt. This is saved in the same location as OTL.

Note: If the log doesn't appear where you saved OTL then a copy of the OTL log is saved in a text file at

:\_OTL\MovedFiles
in most cases this will be C:\_OTL\MovedFiles

Please copy (Edit->Select All, Edit->Copy) the contents post back here.

When you return please post
  • MBAM log
  • OTL fix txt
  • 0

#5
Bassman02
Posted 15 November 2012 - 10:00 PM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I have tried to run Malware 3 times and each times it reaches a certain file and freezes.
  • 0

#6
emeraldnzl
Posted 15 November 2012 - 10:16 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Bassman02,

Try disabling MSE and then running Malwarebytes.

How to turn off Microsoft Security Essentials

  • right click the green castle icon in your task bar
  • click open
  • click Settings
  • on the left hand side click Real-time protection
  • Uncheck "Turn on real-time protection"
  • click Save Changes
  • reverse the process and click Save Changes to re-enable
If you still don't have any luck move on to the OTL one.
  • 0

#7
Bassman02
Posted 16 November 2012 - 12:03 AM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Even after disabling MSE it still freezes.


OTL logfile created on: 11/15/2012 11:52:50 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Computer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 81.79% Memory free
5.49 Gb Paging File | 5.02 Gb Available in Paging File | 91.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254.14 Gb Total Space | 222.09 Gb Free Space | 87.39% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 28.07 Gb Free Space | 96.80% Space Free | Partition Type: NTFS

Computer Name: COMPUTER-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/15 23:51:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer\Desktop\OTL.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/07/19 10:19:32 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/09/22 10:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV:64bit: - [2009/08/14 06:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/11/12 14:22:38 | 002,452,912 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/06/15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/15 19:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009/07/14 06:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009/07/14 06:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/07 00:07:16 | 001,326,928 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2010/07/19 10:45:56 | 007,448,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/19 09:39:40 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/15 04:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/06/17 01:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/11 19:23:16 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/22 02:03:44 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/02 07:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/01/15 10:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2010/01/07 04:46:20 | 000,302,128 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/10/18 16:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009/07/21 06:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/16 03:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)
DRV:64bit: - [2009/07/15 19:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/08/06 04:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/11/08 08:28:34 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adblock Plus = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: Google Search = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Bloxorz = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfkaiemjhgblkkcanmhciiopcehlhnhi\2.0.0_0\
CHR - Extension: SiteAdvisor = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: Site destroyer = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jboojccdkandbhenafkeflkggnokiang\1.0.1_0\
CHR - Extension: Gmail = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{726E5C64-492F-4F2F-A957-45FC4631D3B2}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2012/11/15 23:51:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Computer\Desktop\OTL.exe
[2012/11/15 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Malwarebytes
[2012/11/15 18:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/15 18:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/15 18:55:58 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/11/15 18:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/14 07:11:45 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2012/11/14 07:11:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
[2012/11/14 07:05:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/11/14 07:05:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/11/14 07:05:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/11/14 07:05:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/11/14 07:05:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/11/14 07:05:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/11/14 07:05:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/11/14 07:05:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/11/14 07:05:12 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/11/14 07:05:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/11/14 07:05:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/11/14 07:05:12 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/11/14 07:05:10 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/11/14 07:05:10 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/11/14 07:05:10 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/11/13 22:47:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/11/13 22:47:04 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/11/13 22:47:04 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/11/13 22:47:04 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/11/13 22:02:36 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2012/11/13 22:02:36 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2012/11/13 22:02:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2012/11/13 22:02:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys
[2012/11/13 22:02:27 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/11/13 22:02:27 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/11/13 22:02:27 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/11/13 22:02:26 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2012/11/13 22:02:26 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2012/11/13 22:02:26 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2012/11/13 22:02:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2012/11/13 22:02:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2012/11/13 22:02:19 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2012/11/13 22:02:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2012/11/13 22:02:10 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OxpsConverter.exe
[2012/11/13 14:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/11/13 14:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/11/12 12:59:58 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2012/11/12 12:58:55 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2012/11/11 21:59:20 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012/11/11 21:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/11/11 21:19:58 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Windows Live
[2012/11/11 21:01:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\Desktop\Adobe After Effects CS6
[2012/11/11 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/11/11 20:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012/11/11 20:58:48 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Adobe
[2012/11/11 16:19:31 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\Electronic Arts
[2012/11/11 16:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Teaser
[2012/11/11 12:44:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/11/11 12:43:56 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\SystemRequirementsLab
[2012/11/10 21:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/11/10 21:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/11/10 15:28:58 | 000,000,000 | ---D | C] -- C:\Users\Computer\Desktop\conorstuff
[2012/11/10 12:50:27 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/11/10 12:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1942
[2012/11/10 12:50:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/11/10 12:50:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_7.dll
[2012/11/10 12:50:09 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_7.dll
[2012/11/10 12:50:09 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_7.dll
[2012/11/10 12:50:09 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_7.dll
[2012/11/10 12:50:09 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_5.dll
[2012/11/10 12:50:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_5.dll
[2012/11/10 12:50:08 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_43.dll
[2012/11/10 12:50:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2012/11/10 12:50:08 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_43.dll
[2012/11/10 12:50:08 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_43.dll
[2012/11/10 12:50:07 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_43.dll
[2012/11/10 12:50:07 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_43.dll
[2012/11/10 12:50:06 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_43.dll
[2012/11/10 12:50:06 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_43.dll
[2012/11/10 12:50:05 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_43.dll
[2012/11/10 12:50:05 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_43.dll
[2012/11/10 12:50:03 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
[2012/11/10 12:50:03 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
[2012/11/10 12:50:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
[2012/11/10 12:50:03 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
[2012/11/10 12:50:03 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
[2012/11/10 12:50:03 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
[2012/11/10 12:50:03 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
[2012/11/10 12:50:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
[2012/11/10 12:50:02 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
[2012/11/10 12:50:02 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_5.dll
[2012/11/10 12:50:00 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
[2012/11/10 12:50:00 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
[2012/11/10 12:50:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
[2012/11/10 12:50:00 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
[2012/11/10 12:49:59 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
[2012/11/10 12:49:59 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
[2012/11/10 12:49:59 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
[2012/11/10 12:49:59 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2012/11/10 12:49:58 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
[2012/11/10 12:49:58 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2012/11/10 12:49:58 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_42.dll
[2012/11/10 12:49:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_42.dll
[2012/11/10 12:49:57 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2012/11/10 12:49:57 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2012/11/10 12:49:56 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2012/11/10 12:49:56 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2012/11/10 12:49:56 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2012/11/10 12:49:56 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2012/11/10 12:49:56 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2012/11/10 12:49:56 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll
[2012/11/10 12:49:55 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2012/11/10 12:49:55 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2012/11/10 12:49:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2012/11/10 12:49:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2012/11/10 12:49:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2012/11/10 12:49:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2012/11/10 12:49:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2012/11/10 12:49:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2012/11/10 12:49:54 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2012/11/10 12:49:54 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2012/11/10 12:49:53 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2012/11/10 12:49:53 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2012/11/10 12:49:53 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2012/11/10 12:49:53 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2012/11/10 12:49:53 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2012/11/10 12:49:53 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2012/11/10 12:49:52 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2012/11/10 12:49:52 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2012/11/10 12:49:52 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2012/11/10 12:49:52 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2012/11/10 12:49:52 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2012/11/10 12:49:52 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2012/11/10 12:49:51 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2012/11/10 12:49:51 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2012/11/10 12:49:51 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2012/11/10 12:49:51 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2012/11/10 12:49:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2012/11/10 12:49:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2012/11/10 12:49:50 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2012/11/10 12:49:50 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2012/11/10 12:49:50 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2012/11/10 12:49:50 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2012/11/10 12:49:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2012/11/10 12:49:50 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2012/11/10 12:49:50 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2012/11/10 12:49:50 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2012/11/10 12:49:49 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2012/11/10 12:49:49 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2012/11/10 12:49:49 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2012/11/10 12:49:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2012/11/10 12:49:49 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2012/11/10 12:49:49 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2012/11/10 12:49:48 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2012/11/10 12:49:48 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2012/11/10 12:49:48 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2012/11/10 12:49:48 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2012/11/10 12:49:47 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2012/11/10 12:49:47 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2012/11/10 12:49:47 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2012/11/10 12:49:47 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2012/11/10 12:49:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2012/11/10 12:49:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2012/11/10 12:49:47 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2012/11/10 12:49:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2012/11/10 12:49:46 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2012/11/10 12:49:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2012/11/10 12:49:46 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2012/11/10 12:49:46 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2012/11/10 12:49:45 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2012/11/10 12:49:45 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2012/11/10 12:49:45 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2012/11/10 12:49:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2012/11/10 12:49:45 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2012/11/10 12:49:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2012/11/10 12:49:44 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2012/11/10 12:49:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2012/11/10 12:49:43 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2012/11/10 12:49:43 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2012/11/10 12:49:43 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2012/11/10 12:49:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2012/11/10 12:49:42 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2012/11/10 12:49:42 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2012/11/10 12:49:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2012/11/10 12:49:42 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2012/11/10 12:49:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2012/11/10 12:49:41 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2012/11/10 12:49:41 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2012/11/10 12:49:41 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2012/11/10 12:49:41 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2012/11/10 12:49:41 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2012/11/10 12:49:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2012/11/10 12:49:41 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2012/11/10 12:49:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2012/11/10 12:49:40 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2012/11/10 12:49:40 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2012/11/10 12:49:40 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2012/11/10 12:49:40 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2012/11/10 12:49:40 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2012/11/10 12:49:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2012/11/10 12:49:39 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2012/11/10 12:49:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2012/11/10 12:49:39 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2012/11/10 12:49:39 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2012/11/10 12:49:38 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2012/11/10 12:49:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2012/11/10 12:49:38 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2012/11/10 12:49:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2012/11/10 12:49:36 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2012/11/10 12:49:36 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2012/11/10 12:49:36 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2012/11/10 12:49:36 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2012/11/10 12:49:36 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2012/11/10 12:49:36 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2012/11/10 12:49:35 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2012/11/10 12:49:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2012/11/10 12:49:35 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2012/11/10 12:49:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2012/11/10 12:49:35 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2012/11/10 12:49:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2012/11/10 12:49:34 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2012/11/10 12:49:34 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2012/11/10 12:49:34 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2012/11/10 12:49:34 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2012/11/10 12:49:33 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2012/11/10 12:49:33 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2012/11/10 12:49:29 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2012/11/10 12:49:29 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2012/11/10 12:49:29 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2012/11/10 12:49:29 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2012/11/10 12:49:29 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2012/11/10 12:49:29 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2012/11/10 12:49:28 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2012/11/10 12:49:28 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2012/11/10 12:49:27 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2012/11/10 12:49:27 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2012/11/10 12:49:27 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2012/11/10 12:49:27 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2012/11/10 12:49:27 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2012/11/10 12:49:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2012/11/10 12:49:26 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2012/11/10 12:49:26 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2012/11/10 12:49:26 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2012/11/10 12:49:26 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2012/11/10 12:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/11/10 12:29:30 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Origin
[2012/11/10 12:27:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/11/10 12:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/11/09 21:51:53 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Diagnostics
[2012/11/09 21:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/11/09 21:27:22 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\Youcam
[2012/11/09 21:27:19 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\CyberLink
[2012/11/09 21:27:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\CyberLink
[2012/11/09 20:27:50 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Unity
[2012/11/09 20:14:32 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Unity
[2012/11/08 18:57:14 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Microsoft Games
[2012/11/08 13:08:23 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2012/11/08 13:08:23 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2012/11/08 13:08:15 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2012/11/08 13:08:09 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2012/11/08 13:08:09 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2012/11/08 13:08:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2012/11/08 13:08:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/11/08 13:08:03 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2012/11/08 13:07:58 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2012/11/08 13:07:58 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2012/11/08 13:07:53 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2012/11/08 13:07:51 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2012/11/08 13:07:50 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2012/11/08 13:07:50 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2012/11/08 13:07:49 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2012/11/08 13:07:48 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2012/11/08 13:07:48 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2012/11/08 13:07:48 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2012/11/08 13:07:48 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2012/11/08 13:07:47 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2012/11/08 13:07:46 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2012/11/08 13:07:45 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2012/11/08 13:07:45 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2012/11/08 13:07:44 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2012/11/08 13:07:42 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2012/11/08 13:07:40 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2012/11/08 13:07:38 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2012/11/08 13:07:38 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2012/11/08 13:07:38 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2012/11/08 13:07:37 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2012/11/08 13:07:36 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2012/11/08 13:07:36 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2012/11/08 13:07:34 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2012/11/08 13:07:34 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2012/11/08 13:07:33 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2012/11/08 13:07:33 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2012/11/08 13:07:31 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2012/11/08 13:07:28 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2012/11/08 13:07:28 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2012/11/08 13:07:28 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2012/11/08 13:07:27 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2012/11/08 13:07:27 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2012/11/08 13:07:27 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2012/11/08 13:07:26 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2012/11/08 13:07:26 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2012/11/08 13:07:26 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2012/11/08 13:07:25 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2012/11/08 13:07:24 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2012/11/08 13:07:22 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2012/11/08 13:07:21 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2012/11/08 13:07:21 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2012/11/08 13:07:20 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2012/11/08 13:07:20 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2012/11/08 13:07:18 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2012/11/08 13:07:18 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2012/11/08 13:07:15 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2012/11/08 13:07:14 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2012/11/08 13:07:13 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2012/11/08 13:07:11 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2012/11/08 13:07:09 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2012/11/08 13:07:09 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2012/11/08 13:07:09 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2012/11/08 13:07:07 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2012/11/08 13:07:07 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2012/11/08 13:07:06 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2012/11/08 13:07:05 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2012/11/08 13:07:05 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2012/11/08 13:07:05 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2012/11/08 13:07:05 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2012/11/08 13:07:03 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2012/11/08 13:07:03 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2012/11/08 13:07:02 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2012/11/08 13:07:01 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2012/11/08 13:07:00 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2012/11/08 13:07:00 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2012/11/08 13:06:59 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2012/11/08 13:06:59 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2012/11/08 13:06:58 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2012/11/08 13:06:58 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2012/11/08 13:06:57 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2012/11/08 13:06:57 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2012/11/08 13:06:57 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2012/11/08 13:06:57 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2012/11/08 13:06:56 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2012/11/08 13:06:55 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2012/11/08 13:06:55 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2012/11/08 13:06:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2012/11/08 13:06:54 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2012/11/08 13:06:54 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2012/11/08 13:06:53 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2012/11/08 13:06:53 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2012/11/08 13:06:53 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2012/11/08 13:06:52 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2012/11/08 13:06:52 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2012/11/08 13:06:52 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2012/11/08 13:06:52 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2012/11/08 13:06:51 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2012/11/08 13:06:51 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2012/11/08 13:06:51 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2012/11/08 13:06:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2012/11/08 13:06:50 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2012/11/08 13:06:49 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2012/11/08 13:06:49 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2012/11/08 13:06:48 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2012/11/08 13:06:48 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2012/11/08 13:06:48 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2012/11/08 13:06:47 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2012/11/08 13:06:45 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2012/11/08 13:06:44 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2012/11/08 13:06:43 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2012/11/08 13:06:43 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2012/11/08 13:06:43 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2012/11/08 13:06:42 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2012/11/08 13:06:42 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2012/11/08 13:06:42 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2012/11/08 13:06:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2012/11/08 13:06:41 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2012/11/08 13:06:40 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2012/11/08 13:06:40 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2012/11/08 13:06:40 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2012/11/08 13:06:39 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2012/11/08 13:06:39 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2012/11/08 13:06:38 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2012/11/08 13:06:38 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2012/11/08 13:06:37 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2012/11/08 13:06:37 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2012/11/08 13:06:37 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2012/11/08 13:06:36 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2012/11/08 13:06:36 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2012/11/08 13:06:36 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2012/11/08 13:06:34 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2012/11/08 13:06:34 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2012/11/08 13:06:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2012/11/08 13:06:34 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2012/11/08 13:06:33 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2012/11/08 13:06:32 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2012/11/08 13:06:32 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2012/11/08 13:06:32 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2012/11/08 13:06:31 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2012/11/08 13:06:30 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2012/11/08 13:06:30 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2012/11/08 13:06:29 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2012/11/08 13:06:29 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2012/11/08 13:06:28 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2012/11/08 13:06:28 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2012/11/08 13:06:27 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2012/11/08 13:06:27 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2012/11/08 13:06:27 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2012/11/08 13:06:26 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2012/11/08 13:06:26 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2012/11/08 13:06:26 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2012/11/08 13:06:26 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2012/11/08 13:06:26 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2012/11/08 13:06:25 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2012/11/08 13:06:24 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll
[2012/11/08 13:06:24 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll
[2012/11/08 13:06:22 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll
[2012/11/08 13:06:22 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll
[2012/11/08 13:06:22 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2012/11/08 13:06:22 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
[2012/11/08 13:06:22 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2012/11/08 13:06:21 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll
[2012/11/08 13:06:21 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2012/11/08 13:06:21 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2012/11/08 13:06:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2012/11/08 13:06:20 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2012/11/08 13:06:19 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll
[2012/11/08 13:06:18 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll
[2012/11/08 13:06:18 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll
[2012/11/08 13:06:18 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll
[2012/11/08 13:06:18 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll
[2012/11/08 13:06:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL
[2012/11/08 13:06:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2012/11/08 13:06:16 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2012/11/08 13:06:16 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll
[2012/11/08 13:06:16 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe
[2012/11/08 13:06:15 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll
[2012/11/08 13:06:15 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll
[2012/11/08 13:06:15 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll
[2012/11/08 13:06:14 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr
[2012/11/08 13:06:13 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2012/11/08 13:06:13 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2012/11/08 13:06:12 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL
[2012/11/08 13:06:12 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe
[2012/11/08 13:06:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2012/11/08 13:06:11 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2012/11/08 13:06:11 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2012/11/08 13:06:10 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll
[2012/11/08 13:06:10 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2012/11/08 13:06:10 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv
[2012/11/08 13:06:09 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll
[2012/11/08 13:06:09 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2012/11/08 13:06:08 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe
[2012/11/08 13:06:07 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2012/11/08 13:06:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe
[2012/11/08 13:06:06 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2012/11/08 13:06:06 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2012/11/08 13:06:05 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe
[2012/11/08 13:06:05 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll
[2012/11/08 13:06:05 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll
[2012/11/08 13:06:05 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll
[2012/11/08 13:06:03 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2012/11/08 13:06:03 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll
[2012/11/08 13:06:03 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll
[2012/11/08 13:06:01 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll
[2012/11/08 13:06:01 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl
[2012/11/08 13:06:01 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll
[2012/11/08 13:06:01 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2012/11/08 13:06:01 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll
[2012/11/08 13:06:01 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe
[2012/11/08 13:06:00 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2012/11/08 13:06:00 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll
[2012/11/08 13:06:00 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys
[2012/11/08 13:05:59 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll
[2012/11/08 13:05:59 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2012/11/08 13:05:58 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll
[2012/11/08 13:05:58 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll
[2012/11/08 13:05:58 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll
[2012/11/08 13:05:57 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL
[2012/11/08 13:05:57 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2012/11/08 13:05:56 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2012/11/08 13:05:56 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2012/11/08 13:05:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2012/11/08 13:05:55 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2012/11/08 13:05:55 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll
[2012/11/08 13:05:54 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll
[2012/11/08 13:05:54 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll
[2012/11/08 13:05:54 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll
[2012/11/08 13:05:53 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll
[2012/11/08 13:05:53 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2012/11/08 13:05:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe
[2012/11/08 13:05:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2012/11/08 13:05:50 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll
[2012/11/08 13:05:49 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2012/11/08 13:05:49 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll
[2012/11/08 13:05:48 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2012/11/08 13:05:48 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll
[2012/11/08 13:05:47 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll
[2012/11/08 13:05:47 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll
[2012/11/08 13:05:47 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll
[2012/11/08 13:05:47 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2012/11/08 13:05:47 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll
[2012/11/08 13:05:47 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll
[2012/11/08 13:05:46 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe
[2012/11/08 13:05:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll
[2012/11/08 13:05:45 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll
[2012/11/08 13:05:45 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll
[2012/11/08 13:05:45 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2012/11/08 13:05:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll
[2012/11/08 13:05:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL
[2012/11/08 13:05:44 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2012/11/08 13:05:44 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2012/11/08 13:05:44 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL
[2012/11/08 13:05:43 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll
[2012/11/08 13:05:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2012/11/08 13:05:42 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll
[2012/11/08 13:05:41 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2012/11/08 13:05:41 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll
[2012/11/08 13:05:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe
[2012/11/08 13:05:40 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll
[2012/11/08 13:05:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2012/11/08 13:05:40 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll
[2012/11/08 13:05:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2012/11/08 13:05:39 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl
[2012/11/08 13:05:38 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl
[2012/11/08 13:05:38 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2012/11/08 13:05:38 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2012/11/08 13:05:37 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll
[2012/11/08 13:05:36 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll
[2012/11/08 13:05:36 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe
[2012/11/08 13:05:36 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll
[2012/11/08 13:05:35 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2012/11/08 13:05:35 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2012/11/08 13:05:35 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll
[2012/11/08 13:05:35 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll
[2012/11/08 13:05:34 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL
[2012/11/08 13:05:34 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll
[2012/11/08 13:05:33 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll
[2012/11/08 13:05:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2012/11/08 13:05:32 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll
[2012/11/08 13:05:32 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll
[2012/11/08 13:05:31 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll
[2012/11/08 13:05:30 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2012/11/08 13:05:30 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll
[2012/11/08 13:05:28 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll
[2012/11/08 13:05:28 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll
[2012/11/08 13:05:28 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll
[2012/11/08 13:05:28 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll
[2012/11/08 13:05:28 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll
[2012/11/08 13:05:28 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll
[2012/11/08 13:05:26 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll
[2012/11/08 13:05:26 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll
[2012/11/08 13:05:26 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe
[2012/11/08 13:05:26 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe
[2012/11/08 13:05:26 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2012/11/08 13:05:26 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll
[2012/11/08 13:05:26 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll
[2012/11/08 13:05:26 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll
[2012/11/08 13:05:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe
[2012/11/08 13:05:25 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2012/11/08 13:05:25 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll
[2012/11/08 13:05:24 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2012/11/08 13:05:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll
[2012/11/08 13:05:23 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2012/11/08 13:05:23 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll
[2012/11/08 13:05:23 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2012/11/08 13:05:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe
[2012/11/08 13:05:22 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe
[2012/11/08 13:05:22 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe
[2012/11/08 13:05:22 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe
[2012/11/08 13:05:22 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll
[2012/11/08 13:05:22 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll
[2012/11/08 13:05:22 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll
[2012/11/08 13:05:21 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe
[2012/11/08 13:05:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll
[2012/11/08 13:05:21 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll
[2012/11/08 13:05:20 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2012/11/08 13:05:20 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll
[2012/11/08 13:05:20 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll
[2012/11/08 13:05:20 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll
[2012/11/08 13:05:20 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll
[2012/11/08 13:05:20 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2012/11/08 13:05:20 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll
[2012/11/08 13:05:20 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll
[2012/11/08 13:05:20 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2012/11/08 13:05:20 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2012/11/08 13:05:19 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe
[2012/11/08 13:05:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2012/11/08 13:05:19 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll
[2012/11/08 13:05:18 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll
[2012/11/08 13:05:18 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2012/11/08 13:05:18 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys
[2012/11/08 13:05:18 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll
[2012/11/08 13:05:18 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2012/11/08 13:05:18 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2012/11/08 13:05:17 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl
[2012/11/08 13:05:17 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll
[2012/11/08 13:05:16 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2012/11/08 13:05:16 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll
[2012/11/08 13:05:16 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2012/11/08 13:05:16 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll
[2012/11/08 13:05:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL
[2012/11/08 13:05:16 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll
[2012/11/08 13:05:15 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll
[2012/11/08 13:05:15 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll
[2012/11/08 13:05:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2012/11/08 13:05:14 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe
[2012/11/08 13:05:14 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2012/11/08 13:05:14 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll
[2012/11/08 13:05:13 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll
[2012/11/08 13:05:13 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2012/11/08 13:05:13 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2012/11/08 13:05:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll
[2012/11/08 13:05:12 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll
[2012/11/08 13:05:12 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll
[2012/11/08 13:05:12 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll
[2012/11/08 13:05:11 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2012/11/08 13:05:11 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe
[2012/11/08 13:05:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2012/11/08 13:05:10 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll
[2012/11/08 13:05:10 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll
[2012/11/08 13:05:10 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2012/11/08 13:05:10 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax
[2012/11/08 13:05:09 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll
[2012/11/08 13:05:08 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll
[2012/11/08 13:05:08 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe
[2012/11/08 13:05:08 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll
[2012/11/08 13:05:08 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll
[2012/11/08 13:05:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll
[2012/11/08 13:05:07 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2012/11/08 13:05:07 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll
[2012/11/08 13:05:06 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll
[2012/11/08 13:05:06 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll
[2012/11/08 13:05:05 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2012/11/08 13:05:05 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe
[2012/11/08 13:05:05 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2012/11/08 13:05:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2012/11/08 13:05:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userinit.exe
[2012/11/08 13:05:04 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll
[2012/11/08 13:05:04 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll
[2012/11/08 13:05:04 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll
[2012/11/08 13:05:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe
[2012/11/08 13:05:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe
[2012/11/08 13:05:03 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2012/11/08 13:05:03 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll
[2012/11/08 13:05:02 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2012/11/08 13:05:02 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL
[2012/11/08 13:05:02 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll
[2012/11/08 13:05:01 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll
[2012/11/08 13:05:01 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll
[2012/11/08 13:05:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll
[2012/11/08 13:05:01 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll
[2012/11/08 13:05:00 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll
[2012/11/08 13:05:00 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll
[2012/11/08 13:05:00 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl
[2012/11/08 13:05:00 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2012/11/08 13:05:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userinit.exe
[2012/11/08 13:04:58 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll
[2012/11/08 13:04:58 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll
[2012/11/08 13:04:57 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe
[2012/11/08 13:04:57 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2012/11/08 13:04:56 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll
[2012/11/08 13:04:56 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll
[2012/11/08 13:04:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll
[2012/11/08 13:04:55 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr
[2012/11/08 13:04:55 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2012/11/08 13:04:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll
[2012/11/08 13:04:54 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll
[2012/11/08 13:04:53 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll
[2012/11/08 13:04:53 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll
[2012/11/08 13:04:53 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll
[2012/11/08 13:04:53 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll
[2012/11/08 13:04:53 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2012/11/08 13:04:52 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll
[2012/11/08 13:04:51 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll
[2012/11/08 13:04:51 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2012/11/08 13:04:51 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll
[2012/11/08 13:04:51 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll
[2012/11/08 13:04:51 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll
[2012/11/08 13:04:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll
[2012/11/08 13:04:50 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll
[2012/11/08 13:04:50 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2012/11/08 13:04:50 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll
[2012/11/08 13:04:49 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll
[2012/11/08 13:04:49 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll
[2012/11/08 13:04:49 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2012/11/08 13:04:49 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll
[2012/11/08 13:04:49 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2012/11/08 13:04:49 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll
[2012/11/08 13:04:48 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll
[2012/11/08 13:04:48 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll
[2012/11/08 13:04:48 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe
[2012/11/08 13:04:48 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe
[2012/11/08 13:04:48 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll
[2012/11/08 13:04:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll
[2012/11/08 13:04:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe
[2012/11/08 13:04:47 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll
[2012/11/08 13:04:47 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll
[2012/11/08 13:04:47 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll
[2012/11/08 13:04:47 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe
[2012/11/08 13:04:46 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll
[2012/11/08 13:04:46 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll
[2012/11/08 13:04:46 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll
[2012/11/08 13:04:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll
[2012/11/08 13:04:46 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2012/11/08 13:04:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe
[2012/11/08 13:04:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll
[2012/11/08 13:04:45 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll
[2012/11/08 13:04:45 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2012/11/08 13:04:45 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syncui.dll
[2012/11/08 13:04:45 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax
[2012/11/08 13:04:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fdeploy.dll
[2012/11/08 13:04:44 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\systemcpl.dll
[2012/11/08 13:04:44 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recdisc.exe
[2012/11/08 13:04:44 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAC3ENC.DLL
[2012/11/08 13:04:44 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2012/11/08 13:04:44 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpapi.dll
[2012/11/08 13:04:43 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2012/11/08 13:04:43 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl
[2012/11/08 13:04:43 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shwebsvc.dll
[2012/11/08 13:04:43 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netjoin.dll
[2012/11/08 13:04:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoplay.dll
[2012/11/08 13:04:42 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll
[2012/11/08 13:04:42 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2012/11/08 13:04:42 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysclass.dll
[2012/11/08 13:04:42 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adsldp.dll
[2012/11/08 13:04:42 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptui.dll
[2012/11/08 13:04:41 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2012/11/08 13:04:40 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenterCPL.dll
[2012/11/08 13:04:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2012/11/08 13:04:40 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2012/11/08 13:04:39 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2012/11/08 13:04:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayServices.dll
[2012/11/08 13:04:38 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizeng.dll
[2012/11/08 13:04:38 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnfldr.dll
[2012/11/08 13:04:38 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnLineIDCpl.dll
[2012/11/08 13:04:38 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksxbar.ax
[2012/11/08 13:04:37 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sud.dll
[2012/11/08 13:04:37 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll
[2012/11/08 13:04:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2012/11/08 13:04:37 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll
[2012/11/08 13:04:36 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll
[2012/11/08 13:04:36 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MediaMetadataHandler.dll
[2012/11/08 13:04:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2012/11/08 13:04:35 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2012/11/08 13:04:35 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmon.ocx
[2012/11/08 13:04:35 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termmgr.dll
[2012/11/08 13:04:35 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysmon.ocx
[2012/11/08 13:04:34 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sethc.exe
[2012/11/08 13:04:34 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2012/11/08 13:04:33 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2012/11/08 13:04:33 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\defaultlocationcpl.dll
[2012/11/08 13:04:33 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2012/11/08 13:04:33 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntlanman.dll
[2012/11/08 13:04:33 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3cfg.dll
[2012/11/08 13:04:33 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ftp.exe
[2012/11/08 13:04:32 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2012/11/08 13:04:32 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlcese30.dll
[2012/11/08 13:04:32 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2012/11/08 13:04:32 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ifsutil.dll
[2012/11/08 13:04:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2012/11/08 13:04:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sisbkup.dll
[2012/11/08 13:04:31 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shwebsvc.dll
[2012/11/08 13:04:31 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2012/11/08 13:04:31 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efscore.dll
[2012/11/08 13:04:31 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpd3d.dll
[2012/11/08 13:04:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2012/11/08 13:04:30 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdm.tsp
[2012/11/08 13:04:30 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserAccountControlSettings.dll
[2012/11/08 13:04:29 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenterCPL.dll
[2012/11/08 13:04:29 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ssText3d.scr
[2012/11/08 13:04:29 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iTVData.dll
[2012/11/08 13:04:28 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2012/11/08 13:04:28 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2012/11/08 13:04:28 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syncui.dll
[2012/11/08 13:04:28 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoplay.dll
[2012/11/08 13:04:28 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvcli.dll
[2012/11/08 13:04:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2012/11/08 13:04:27 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DeviceCenter.dll
[2012/11/08 13:04:26 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2012/11/08 13:04:26 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquoui.dll
[2012/11/08 13:04:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSTPager.ax
[2012/11/08 13:04:25 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OobeFldr.dll
[2012/11/08 13:04:25 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wavemsp.dll
[2012/11/08 13:04:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nslookup.exe
[2012/11/08 13:04:24 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\systemcpl.dll
[2012/11/08 13:04:24 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntprint.dll
[2012/11/08 13:04:24 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntprint.dll
[2012/11/08 13:04:24 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairingFolder.dll
[2012/11/08 13:04:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPHLPR.DLL
[2012/11/08 13:04:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acppage.dll
[2012/11/08 13:04:23 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2012/11/08 13:04:23 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2012/11/08 13:04:23 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2012/11/08 13:04:22 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srrstr.dll
[2012/11/08 13:04:22 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sethc.exe
[2012/11/08 13:04:22 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdboot.exe
[2012/11/08 13:04:21 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2012/11/08 13:04:21 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2012/11/08 13:04:21 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppnp.dll
[2012/11/08 13:04:20 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\activeds.dll
[2012/11/08 13:04:20 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2012/11/08 13:04:20 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPHLPR.DLL
[2012/11/08 13:04:20 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\migisol.dll
[2012/11/08 13:04:20 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2012/11/08 13:04:19 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkexplorer.dll
[2012/11/08 13:04:19 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpsrcwp.dll
[2012/11/08 13:04:18 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\remotepg.dll
[2012/11/08 13:04:18 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabinet.dll
[2012/11/08 13:04:18 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\httpapi.dll
[2012/11/08 13:04:17 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshipsec.dll
[2012/11/08 13:04:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkscli.dll
[2012/11/08 13:04:16 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfrgui.exe
[2012/11/08 13:04:16 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2012/11/08 13:04:16 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kstvtune.ax
[2012/11/08 13:04:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\isoburn.exe
[2012/11/08 13:04:15 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2012/11/08 13:04:15 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpdxm.dll
[2012/11/08 13:04:15 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2012/11/08 13:04:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wavemsp.dll
[2012/11/08 13:04:15 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2012/11/08 13:04:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2012/11/08 13:04:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ftp.exe
[2012/11/08 13:04:14 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3ui.dll
[2012/11/08 13:04:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\net1.exe
[2012/11/08 13:04:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsnmp32.dll
[2012/11/08 13:04:13 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsuiext.dll
[2012/11/08 13:04:13 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wvc.dll
[2012/11/08 13:04:13 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfrgui.exe
[2012/11/08 13:04:13 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzutil.exe
[2012/11/08 13:04:12 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2012/11/08 13:04:12 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmdev.dll
[2012/11/08 13:04:12 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2012/11/08 13:04:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetup.exe
[2012/11/08 13:04:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2012/11/08 13:04:11 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wvc.dll
[2012/11/08 13:04:11 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimgapi.dll
[2012/11/08 13:04:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2012/11/08 13:04:10 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdm.tsp
[2012/11/08 13:04:10 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2012/11/08 13:04:10 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstask.dll
[2012/11/08 13:04:10 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twext.dll
[2012/11/08 13:04:09 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OpcServices.dll
[2012/11/08 13:04:09 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Bubbles.scr
[2012/11/08 13:04:09 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapistub.dll
[2012/11/08 13:04:09 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapi32.dll
[2012/11/08 13:04:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/11/08 13:04:08 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qcap.dll
[2012/11/08 13:04:08 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupugc.exe
[2012/11/08 13:04:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdmat.dll
[2012/11/08 13:04:08 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll
[2012/11/08 13:04:07 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qasf.dll
[2012/11/08 13:04:07 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsium.dll
[2012/11/08 13:04:06 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\main.cpl
[2012/11/08 13:04:06 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskraid.exe
[2012/11/08 13:04:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\uxlib.dll
[2012/11/08 13:04:05 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ssText3d.scr
[2012/11/08 13:04:05 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mystify.scr
[2012/11/08 13:04:05 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Ribbons.scr
[2012/11/08 13:04:05 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ifsutil.dll
[2012/11/08 13:04:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2012/11/08 13:04:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvfw32.dll
[2012/11/08 13:04:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2012/11/08 13:04:02 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2012/11/08 13:04:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2012/11/08 13:04:02 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2012/11/08 13:04:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nslookup.exe
[2012/11/08 13:04:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2012/11/08 13:04:01 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpencom.dll
[2012/11/08 13:04:01 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairingFolder.dll
[2012/11/08 13:04:01 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfmon.exe
[2012/11/08 13:04:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpshell.dll
[2012/11/08 13:04:00 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2012/11/08 13:04:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzSqlExt.dll
[2012/11/08 13:03:59 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimserv.exe
[2012/11/08 13:03:59 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskraid.exe
[2012/11/08 13:03:59 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qasf.dll
[2012/11/08 13:03:59 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tlscsp.dll
[2012/11/08 13:03:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umb.dll
[2012/11/08 13:03:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPCRYPT.DLL
[2012/11/08 13:03:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\acppage.dll
[2012/11/08 13:03:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netutils.dll
[2012/11/08 13:03:58 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbghelp.dll
[2012/11/08 13:03:58 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSAPI.dll
[2012/11/08 13:03:58 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionQueue.dll
[2012/11/08 13:03:58 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpencom.dll
[2012/11/08 13:03:58 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfmon.exe
[2012/11/08 13:03:57 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\raschap.dll
[2012/11/08 13:03:57 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\remotepg.dll
[2012/11/08 13:03:57 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2012/11/08 13:03:57 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\runonce.exe
[2012/11/08 13:03:56 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2012/11/08 13:03:56 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\raschap.dll
[2012/11/08 13:03:56 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiavideo.dll
[2012/11/08 13:03:56 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QUTIL.DLL
[2012/11/08 13:03:55 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2012/11/08 13:03:55 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdwcn.dll
[2012/11/08 13:03:55 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2012/11/08 13:03:55 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPCRYPT.DLL
[2012/11/08 13:03:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syssetup.dll
[2012/11/08 13:03:54 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetapi.dll
[2012/11/08 13:03:54 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MdSched.exe
[2012/11/08 13:03:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserAccountControlSettings.dll
[2012/11/08 13:03:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vpnikeapi.dll
[2012/11/08 13:03:52 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onexui.dll
[2012/11/08 13:03:52 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2012/11/08 13:03:52 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpdxm.dll
[2012/11/08 13:03:52 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsbas.dll
[2012/11/08 13:03:52 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Kswdmcap.ax
[2012/11/08 13:03:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintIsolationProxy.dll
[2012/11/08 13:03:51 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iTVData.dll
[2012/11/08 13:03:51 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdwcn.dll
[2012/11/08 13:03:51 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vdsbas.dll
[2012/11/08 13:03:50 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstask.dll
[2012/11/08 13:03:50 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxdiagn.dll
[2012/11/08 13:03:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys
[2012/11/08 13:03:50 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\runonce.exe
[2012/11/08 13:03:49 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nltest.exe
[2012/11/08 13:03:49 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsadmin.exe
[2012/11/08 13:03:49 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logagent.exe
[2012/11/08 13:03:48 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll
[2012/11/08 13:03:48 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll
[2012/11/08 13:03:48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shacct.dll
[2012/11/08 13:03:48 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscapi.dll
[2012/11/08 13:03:47 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmdev.dll
[2012/11/08 13:03:47 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSVRMGMT.DLL
[2012/11/08 13:03:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tabcal.exe
[2012/11/08 13:03:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2012/11/08 13:03:46 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmnet.dll
[2012/11/08 13:03:46 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shacct.dll
[2012/11/08 13:03:46 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpshell.dll
[2012/11/08 13:03:46 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2012/11/08 13:03:45 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDSp.dll
[2012/11/08 13:03:45 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsadmin.exe
[2012/11/08 13:03:45 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qcap.dll
[2012/11/08 13:03:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2012/11/08 13:03:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lsmproxy.dll
[2012/11/08 13:03:44 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2012/11/08 13:03:44 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2012/11/08 13:03:44 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2012/11/08 13:03:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdmat.dll
[2012/11/08 13:03:43 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Bubbles.scr
[2012/11/08 13:03:43 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlcese30.dll
[2012/11/08 13:03:43 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceSyncProvider.dll
[2012/11/08 13:03:43 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2012/11/08 13:03:43 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpd3d.dll
[2012/11/08 13:03:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsium.dll
[2012/11/08 13:03:42 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdv.dll
[2012/11/08 13:03:42 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprapi.dll
[2012/11/08 13:03:41 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OpcServices.dll
[2012/11/08 13:03:41 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdh.dll
[2012/11/08 13:03:41 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceSyncProvider.dll
[2012/11/08 13:03:41 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kstvtune.ax
[2012/11/08 13:03:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spbcd.dll
[2012/11/08 13:03:40 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceStatus.dll
[2012/11/08 13:03:40 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WPDSp.dll
[2012/11/08 13:03:40 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fphc.dll
[2012/11/08 13:03:40 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2012/11/08 13:03:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\olethk32.dll
[2012/11/08 13:03:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptui.dll
[2012/11/08 13:03:39 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceStatus.dll
[2012/11/08 13:03:39 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3ui.dll
[2012/11/08 13:03:39 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Ribbons.scr
[2012/11/08 13:03:39 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\desk.cpl
[2012/11/08 13:03:39 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSVRMGMT.DLL
[2012/11/08 13:03:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2012/11/08 13:03:38 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mystify.scr
[2012/11/08 13:03:38 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2012/11/08 13:03:38 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\takeown.exe
[2012/11/08 13:03:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PnPUnattend.exe
[2012/11/08 13:03:37 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2012/11/08 13:03:37 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2012/11/08 13:03:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapistub.dll
[2012/11/08 13:03:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utildll.dll
[2012/11/08 13:03:36 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2012/11/08 13:03:36 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2012/11/08 13:03:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fphc.dll
[2012/11/08 13:03:36 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2012/11/08 13:03:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\amstream.dll
[2012/11/08 13:03:35 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EhStorAPI.dll
[2012/11/08 13:03:35 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiavideo.dll
[2012/11/08 13:03:35 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Kswdmcap.ax
[2012/11/08 13:03:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\takeown.exe
[2012/11/08 13:03:34 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10.IME
[2012/11/08 13:03:34 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2012/11/08 13:03:34 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBICodec.ax
[2012/11/08 13:03:33 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmnet.dll
[2012/11/08 13:03:33 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\HotStartUserAgent.dll
[2012/11/08 13:03:32 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdv.dll
[2012/11/08 13:03:32 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmstp.exe
[2012/11/08 13:03:32 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QCLIPROV.DLL
[2012/11/08 13:03:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPolEng.dll
[2012/11/08 13:03:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\djoin.exe
[2012/11/08 13:03:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimgvw.dll
[2012/11/08 13:03:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nrpsrv.dll
[2012/11/08 13:03:31 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2012/11/08 13:03:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppinst.dll
[2012/11/08 13:03:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WavDest.dll
[2012/11/08 13:03:29 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmstp.exe
[2012/11/08 13:03:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QCLIPROV.DLL
[2012/11/08 13:03:29 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cca.dll
[2012/11/08 13:03:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdProxy.dll
[2012/11/08 13:03:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MuiUnattend.exe
[2012/11/08 13:03:28 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vfwwdm32.dll
[2012/11/08 13:03:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MultiDigiMon.exe
[2012/11/08 13:03:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdhui.dll
[2012/11/08 13:03:27 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2012/11/08 13:03:27 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2012/11/08 13:03:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsnmp32.dll
[2012/11/08 13:03:26 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsicli.exe
[2012/11/08 13:03:26 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mydocs.dll
[2012/11/08 13:03:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\g711codc.ax
[2012/11/08 13:03:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2012/11/08 13:03:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzSqlExt.dll
[2012/11/08 13:03:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sscore.dll
[2012/11/08 13:03:25 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2012/11/08 13:03:25 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskpart.exe
[2012/11/08 13:03:25 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mobsync.exe
[2012/11/08 13:03:24 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\desk.cpl
[2012/11/08 13:03:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbisurf.ax
[2012/11/08 13:03:24 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2012/11/08 13:03:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiougc.exe
[2012/11/08 13:03:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BWUnpairElevated.dll
[2012/11/08 13:03:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itircl.dll
[2012/11/08 13:03:23 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsicli.exe
[2012/11/08 13:03:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mydocs.dll
[2012/11/08 13:03:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2012/11/08 13:03:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\amstream.dll
[2012/11/08 13:03:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spbcd.dll
[2012/11/08 13:03:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wkscli.dll
[2012/11/08 13:03:23 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdmo.dll
[2012/11/08 13:03:22 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2012/11/08 13:03:22 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2012/11/08 13:03:22 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskpart.exe
[2012/11/08 13:03:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\itircl.dll
[2012/11/08 13:03:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2012/11/08 13:03:21 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2012/11/08 13:03:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastapi.dll
[2012/11/08 13:03:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netbtugc.exe
[2012/11/08 13:03:20 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10.IME
[2012/11/08 13:03:20 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2012/11/08 13:03:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPolEng.dll
[2012/11/08 13:03:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksxbar.ax
[2012/11/08 13:03:20 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syssetup.dll
[2012/11/08 13:03:19 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSTIFF.dll
[2012/11/08 13:03:19 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpps.dll
[2012/11/08 13:03:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll
[2012/11/08 13:03:18 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findstr.exe
[2012/11/08 13:03:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mciqtz32.dll
[2012/11/08 13:03:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\choice.exe
[2012/11/08 13:03:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2012/11/08 13:03:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2012/11/08 13:03:17 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2012/11/08 13:03:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll
[2012/11/08 13:03:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2012/11/08 13:03:16 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onexui.dll
[2012/11/08 13:03:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2012/11/08 13:03:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2012/11/08 13:03:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tlscsp.dll
[2012/11/08 13:03:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findstr.exe
[2012/11/08 13:03:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\luainstall.dll
[2012/11/08 13:03:15 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mobsync.exe
[2012/11/08 13:03:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciqtz32.dll
[2012/11/08 13:03:14 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2012/11/08 13:03:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedcli.dll
[2012/11/08 13:03:13 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetmib1.dll
[2012/11/08 13:03:13 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\repair-bde.exe
[2012/11/08 13:03:13 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdiasqmmodule.dll
[2012/11/08 13:03:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2012/11/08 13:03:12 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2012/11/08 13:03:12 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2012/11/08 13:03:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spopk.dll
[2012/11/08 13:03:11 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDPENCDD.dll
[2012/11/08 13:03:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\luainstall.dll
[2012/11/08 13:03:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shimgvw.dll
[2012/11/08 13:03:11 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spopk.dll
[2012/11/08 13:03:10 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unlodctr.exe
[2012/11/08 13:03:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbisurf.ax
[2012/11/08 13:03:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdmo.dll
[2012/11/08 13:03:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2012/11/08 13:03:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdprefdrvapi.dll
[2012/11/08 13:03:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fixmapi.exe
[2012/11/08 13:03:08 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetmib1.dll
[2012/11/08 13:03:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\g711codc.ax
[2012/11/08 13:03:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSMON.dll
[2012/11/08 13:03:06 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2012/11/08 13:03:06 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2012/11/08 13:03:06 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2012/11/08 13:03:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elsTrans.dll
[2012/11/08 13:03:05 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2012/11/08 13:03:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys
[2012/11/08 13:03:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TRAPI.dll
[2012/11/08 13:03:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LogonUI.exe
[2012/11/08 13:03:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfts.dll
[2012/11/08 13:03:03 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\napdsnap.dll
[2012/11/08 13:03:03 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsauth.dll
[2012/11/08 13:03:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdprefdrvapi.dll
[2012/11/08 13:03:01 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elsTrans.dll
[2012/11/08 13:03:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TRAPI.dll
[2012/11/08 13:03:01 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSUNATD.exe
[2012/11/08 13:03:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys
[2012/11/08 13:03:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscdll.dll
[2012/11/08 13:03:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsperf.dll
[2012/11/08 13:03:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsperf.dll
[2012/11/08 13:03:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schedcli.dll
[2012/11/08 13:02:59 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\napdsnap.dll
[2012/11/08 13:02:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsauth.dll
[2012/11/08 13:02:58 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imkr80.ime
[2012/11/08 13:02:57 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsdchngr.dll
[2012/11/08 13:02:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2012/11/08 13:02:56 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imkr80.ime
[2012/11/08 13:02:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shgina.dll
[2012/11/08 13:02:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsdchngr.dll
[2012/11/08 13:02:55 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys
[2012/11/08 13:02:55 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shgina.dll
[2012/11/08 13:02:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched32.dll
[2012/11/08 13:02:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshirda.dll
[2012/11/08 13:02:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshirda.dll
[2012/11/08 13:02:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcfgex.dll
[2012/11/08 13:02:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched32.dll
[2012/11/08 13:02:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2012/11/08 13:02:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\C_ISCII.DLL
[2012/11/08 13:02:48 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2012/11/08 13:02:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shunimpl.dll
[2012/11/08 13:02:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\C_ISCII.DLL
[2012/11/08 13:02:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2012/11/08 13:02:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2012/11/08 13:02:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2012/11/08 13:02:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2012/11/08 13:02:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2012/11/08 13:02:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUQ.DLL
[2012/11/08 13:02:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUF.DLL
[2012/11/08 13:02:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSG.DLL
[2012/11/08 13:02:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdlk41a.dll
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUQ.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUF.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSG.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSF.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDPO.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDNEPR.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdlk41a.dll
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTAM.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINBEN.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGR1.DLL
[2012/11/08 13:02:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGKL.DLL
[2012/11/08 13:02:43 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2012/11/08 13:02:43 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2012/11/08 13:02:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGKL.DLL
[2012/11/08 13:02:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGR1.DLL
[2012/11/08 13:02:42 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDCZ1.DLL
[2012/11/08 13:02:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDCZ1.DLL
[2012/11/08 13:02:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUS.DLL
[2012/11/08 13:02:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUGHR1.DLL
[2012/11/08 13:02:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAJIK.DLL
[2012/11/08 13:02:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINHIN.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUS.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUGHR1.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTURME.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAJIK.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMON.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTEL.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGEO.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGEO.DLL
[2012/11/08 13:02:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBLR.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTURME.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSF.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDPO.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDNEPR.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMON.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDLT1.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTAM.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINORI.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINMAR.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINKAN.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINBEN.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBULG.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBLR.DLL
[2012/11/08 13:02:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2012/11/08 13:02:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMAORI.DLL
[2012/11/08 13:02:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDLT1.DLL
[2012/11/08 13:02:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBULG.DLL
[2012/11/08 13:02:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2012/11/08 13:02:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlsbres.dll
[2012/11/08 13:02:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlsbres.dll
[2012/11/08 13:02:40 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BlbEvents.dll
[2012/11/08 13:02:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pifmgr.dll
[2012/11/08 13:02:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pifmgr.dll
[2012/11/08 13:02:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizres.dll
[2012/11/08 13:02:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizres.dll
[2012/11/08 13:02:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMAORI.DLL
[2012/11/08 13:02:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTEL.DLL
[2012/11/08 13:02:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINORI.DLL
[2012/11/08 13:02:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINMAR.DLL
[2012/11/08 13:02:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINKAN.DLL
[2012/11/08 13:02:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINHIN.DLL
[2012/11/08 13:02:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2012/11/08 13:02:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2012/11/08 13:02:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqmapi.dll
[2012/11/08 13:02:06 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PkgMgr.exe
[2012/11/08 13:02:06 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdscore.dll
[2012/11/08 13:01:42 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2012/11/08 13:01:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpx.dll
[2012/11/08 12:56:42 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbemcomn.dll
[2012/11/08 12:56:42 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2012/11/08 12:56:17 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmiEngine.dll
[2012/11/08 12:56:17 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2012/11/08 12:56:01 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PkgMgr.exe
[2012/11/08 12:54:27 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2012/11/08 09:01:08 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpx.dll
[2012/11/07 21:28:22 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsquirt.exe
[2012/11/07 21:28:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2012/11/07 21:28:21 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2012/11/07 21:28:15 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2012/11/07 21:28:15 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2012/11/07 21:28:14 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2012/11/07 21:28:14 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2012/11/07 21:28:14 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2012/11/07 21:28:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe
[2012/11/07 21:28:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe
[2012/11/07 18:23:09 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012/11/07 18:23:09 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012/11/07 18:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/11/07 08:18:13 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/11/07 08:18:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/11/07 08:18:12 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/11/07 08:18:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012/11/07 08:18:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/11/07 08:18:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012/11/07 08:18:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/11/07 08:18:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012/11/07 08:18:12 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012/11/07 08:18:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012/11/07 08:18:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/11/07 08:18:11 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012/11/07 08:18:11 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012/11/07 08:18:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012/11/07 08:18:11 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012/11/07 08:18:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/11/07 08:18:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012/11/07 08:18:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/11/07 08:18:11 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012/11/07 08:18:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012/11/07 08:18:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/11/07 08:18:10 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012/11/07 08:18:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012/11/07 08:18:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/11/07 08:18:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012/11/07 08:18:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012/11/07 08:18:09 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012/11/07 08:18:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/11/07 08:18:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012/11/07 08:18:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012/11/07 08:18:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012/11/07 08:18:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012/11/07 08:18:08 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012/11/07 08:18:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012/11/07 08:18:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012/11/07 08:18:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012/11/07 08:18:07 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012/11/07 08:18:07 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/11/07 08:18:07 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012/11/07 08:18:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012/11/07 08:18:07 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012/11/07 08:18:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012/11/07 08:18:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012/11/07 08:18:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/11/07 08:18:06 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012/11/07 08:18:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012/11/07 08:18:06 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012/11/07 08:18:06 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/11/07 08:18:06 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012/11/07 08:18:06 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/11/07 08:18:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012/11/07 08:18:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012/11/07 08:18:06 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012/11/07 08:18:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012/11/07 08:18:06 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/11/07 08:18:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012/11/07 08:18:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012/11/07 07:54:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/11/07 07:54:31 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012/11/06 21:57:17 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll
[2012/11/06 21:57:16 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2012/11/06 21:57:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2012/11/06 21:57:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll
[2012/11/06 21:57:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll
[2012/11/06 21:57:15 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2012/11/06 21:57:15 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2012/11/06 21:57:15 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2012/11/06 21:57:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2012/11/06 21:57:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2012/11/06 21:57:12 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/11/06 21:56:54 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2012/11/06 21:56:54 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2012/11/06 21:56:53 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2012/11/06 21:56:52 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2012/11/06 21:56:50 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2012/11/06 21:56:50 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2012/11/06 21:56:49 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll
[2012/11/06 21:56:49 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll
[2012/11/06 21:56:49 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2012/11/06 21:56:49 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2012/11/06 21:56:26 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/11/06 21:56:25 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/11/06 21:56:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/11/06 21:56:24 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/11/06 21:56:18 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/11/06 21:56:17 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2012/11/06 21:56:16 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2012/11/06 21:56:16 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2012/11/06 21:56:16 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2012/11/06 21:56:15 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2012/11/06 21:56:15 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2012/11/06 21:56:14 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2012/11/06 21:56:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2012/11/06 21:56:13 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2012/11/06 21:56:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2012/11/06 21:56:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2012/11/06 21:56:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2012/11/06 21:56:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2012/11/06 21:56:07 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/11/06 21:56:07 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/11/06 21:56:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2012/11/06 21:56:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2012/11/06 21:55:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2012/11/06 21:55:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/11/06 21:55:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/11/06 21:55:53 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2012/11/06 21:55:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2012/11/06 21:55:41 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/11/06 21:55:40 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/11/06 21:55:39 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/11/06 21:55:30 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/11/06 21:55:30 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/11/06 21:55:29 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll
[2012/11/06 21:55:29 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll
[2012/11/06 21:55:28 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll
[2012/11/06 21:55:27 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2012/11/06 21:55:17 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2012/11/06 21:55:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2012/11/06 21:55:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2012/11/06 21:55:16 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2012/11/06 21:55:16 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2012/11/06 21:55:16 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2012/11/06 21:55:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2012/11/06 21:55:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2012/11/06 21:55:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2012/11/06 21:55:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2012/11/06 21:55:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2012/11/06 21:55:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2012/11/06 21:55:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/06 21:55:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/06 21:55:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/11/06 21:55:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/06 21:55:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/06 21:55:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/06 21:55:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/11/06 21:55:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/11/06 21:55:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/11/06 21:55:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/11/06 21:55:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/06 21:55:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/11/06 21:55:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/11/06 21:55:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/11/06 21:55:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/11/06 21:55:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/11/06 21:55:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2012/11/06 21:54:57 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2012/11/06 21:54:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/11/06 21:54:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/11/06 21:54:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/11/06 21:54:45 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/11/06 21:54:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2012/11/06 21:54:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/11/06 21:54:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/11/06 21:54:44 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/11/06 21:54:34 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012/11/06 21:54:34 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012/11/06 21:54:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012/11/06 21:54:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012/11/06 21:54:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2012/11/06 21:54:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2012/11/06 21:54:30 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2012/11/06 21:54:29 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2012/11/06 21:54:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscacheugc.exe
[2012/11/06 21:54:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2012/11/06 21:54:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2012/11/06 21:54:02 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/11/06 21:53:35 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2012/11/06 21:53:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2012/11/06 21:53:28 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2012/11/06 21:53:28 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2012/11/06 21:53:28 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2012/11/06 21:53:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2012/11/06 21:53:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2012/11/06 21:53:27 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2012/11/06 21:53:27 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2012/11/06 21:53:26 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2012/11/06 21:53:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2012/11/06 21:53:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2012/11/06 21:53:21 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2012/11/06 21:53:11 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2012/11/06 21:53:11 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2012/11/06 21:53:10 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2012/11/06 21:53:10 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2012/11/06 21:53:10 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdusb.dll
[2012/11/06 21:53:10 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd1394.dll
[2012/11/06 21:53:10 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdcom.dll
[2012/11/06 21:53:09 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2012/11/06 21:52:47 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2012/11/06 21:52:47 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cfgmgr32.dll
[2012/11/06 21:52:46 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2012/11/06 21:52:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/11/06 21:52:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/11/06 21:52:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/11/06 21:52:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2012/11/06 21:52:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2012/11/06 21:52:41 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/11/06 21:52:41 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2012/11/06 21:52:40 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WFS.exe
[2012/11/06 21:52:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2012/11/06 21:52:38 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012/11/06 21:52:35 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/11/06 21:52:32 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2012/11/06 21:52:32 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2012/11/06 21:52:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/11/06 21:52:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/11/06 21:52:22 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2012/11/06 21:52:21 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2012/11/06 21:52:16 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/11/06 21:52:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/11/06 21:52:13 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/11/06 21:52:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/11/06 21:27:21 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2012/11/06 21:27:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2012/11/06 21:26:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/11/06 21:26:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012/11/06 17:19:00 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys
[2012/11/06 11:42:22 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\LogMeIn Hamachi
[2012/11/06 10:51:50 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\.minecraft
[2012/11/06 10:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/06 10:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/06 10:48:40 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/11/06 10:48:40 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2012/11/06 10:48:40 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/11/06 10:48:35 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/11/06 10:48:35 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/11/06 10:48:35 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/06 10:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/05 23:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/11/05 23:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/11/05 23:34:36 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Best Buy pc app
[2012/11/05 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/11/05 23:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/05 23:28:20 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Google
[2012/11/05 23:28:08 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/11/05 23:28:08 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/11/05 23:26:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Macromedia
[2012/11/05 23:26:54 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Adobe
[2012/11/05 22:58:36 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy
[2012/11/05 22:58:21 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\ATI
[2012/11/05 22:58:21 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\ATI
[2012/11/05 22:58:17 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Apps
[2012/11/05 22:58:16 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Deployment
[2012/11/05 22:57:39 | 000,000,000 | R--D | C] -- C:\Users\Computer\Searches
[2012/11/05 22:57:39 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/05 22:57:38 | 000,000,000 | -H-D | C] -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/05 22:57:15 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Identities
[2012/11/05 22:57:10 | 000,000,000 | R--D | C] -- C:\Users\Computer\Contacts
[2012/11/05 22:57:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/05 22:57:03 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2012/11/05 22:57:03 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2012/11/05 22:57:03 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2012/11/05 22:56:57 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\VirtualStore
[2012/11/05 22:56:56 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2012/11/05 22:56:56 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2012/11/05 22:56:56 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\AppData\Local\Temporary Internet Files
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Templates
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Start Menu
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\SendTo
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Recent
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\PrintHood
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\NetHood
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Documents\My Videos
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Documents\My Pictures
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Documents\My Music
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\My Documents
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Local Settings
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\AppData\Local\History
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Cookies
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\Application Data
[2012/11/05 22:56:56 | 000,000,000 | -HSD | C] -- C:\Users\Computer\AppData\Local\Application Data
[2012/11/05 22:56:55 | 000,000,000 | --SD | C] -- C:\Users\Computer\AppData\Roaming\Microsoft
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Videos
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Saved Games
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Pictures
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Music
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Links
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Favorites
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Downloads
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Documents
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\Desktop
[2012/11/05 22:56:55 | 000,000,000 | R--D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/05 22:56:55 | 000,000,000 | -H-D | C] -- C:\Users\Computer\AppData
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Temp
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Microsoft
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Media Center Programs
[2012/11/05 22:56:55 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2012/11/05 22:56:48 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2012/11/05 22:56:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2012/11/05 22:56:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/11/05 14:50:51 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/11/15 23:51:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer\Desktop\OTL.exe
[2012/11/15 23:50:30 | 000,743,352 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/15 23:50:30 | 000,636,392 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/15 23:50:30 | 000,110,540 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/15 23:49:35 | 000,881,833 | ---- | M] () -- C:\Users\Computer\Desktop\SecurityCheck (1).exe
[2012/11/15 23:46:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/15 23:45:53 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/15 23:13:30 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/15 18:55:59 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/15 18:26:45 | 000,000,902 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/15 11:02:28 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/15 11:02:28 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/14 07:19:15 | 000,282,960 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/11/13 14:09:24 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/11/12 13:12:17 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2012/11/12 13:12:16 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2012/11/11 21:59:12 | 354,567,166 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/11/11 20:59:42 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2012/11/10 12:50:16 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk
[2012/11/07 19:01:17 | 000,001,437 | ---- | M] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/07 08:18:13 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/11/07 08:18:13 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/11/07 08:18:12 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/11/07 08:18:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012/11/07 08:18:12 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/11/07 08:18:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012/11/07 08:18:12 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/11/07 08:18:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012/11/07 08:18:12 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012/11/07 08:18:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012/11/07 08:18:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/11/07 08:18:11 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012/11/07 08:18:11 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012/11/07 08:18:11 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012/11/07 08:18:11 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012/11/07 08:18:11 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/11/07 08:18:11 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012/11/07 08:18:11 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/11/07 08:18:11 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2012/11/07 08:18:11 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012/11/07 08:18:11 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012/11/07 08:18:11 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/11/07 08:18:10 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012/11/07 08:18:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012/11/07 08:18:10 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/11/07 08:18:10 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012/11/07 08:18:10 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012/11/07 08:18:09 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012/11/07 08:18:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/11/07 08:18:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012/11/07 08:18:08 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012/11/07 08:18:08 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012/11/07 08:18:08 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012/11/07 08:18:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/11/07 08:18:08 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012/11/07 08:18:08 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012/11/07 08:18:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012/11/07 08:18:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012/11/07 08:18:07 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012/11/07 08:18:07 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012/11/07 08:18:07 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012/11/07 08:18:07 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012/11/07 08:18:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012/11/07 08:18:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012/11/07 08:18:07 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/11/07 08:18:06 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012/11/07 08:18:06 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012/11/07 08:18:06 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012/11/07 08:18:06 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/11/07 08:18:06 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012/11/07 08:18:06 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/11/07 08:18:06 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012/11/07 08:18:06 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012/11/07 08:18:06 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012/11/07 08:18:06 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2012/11/07 08:18:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012/11/07 08:18:06 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/11/07 08:18:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012/11/07 08:18:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012/11/06 10:48:31 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/06 10:48:29 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/11/06 10:48:29 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2012/11/06 10:48:29 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/11/06 10:48:29 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/11/06 10:48:29 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/11/05 23:43:59 | 000,263,186 | ---- | M] () -- C:\Users\Computer\Desktop\Minecraft.exe
[2012/11/05 23:37:53 | 000,002,154 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/11/05 23:29:10 | 000,002,255 | ---- | M] () -- C:\Users\Computer\Desktop\Google Chrome.lnk
[2012/11/05 22:58:19 | 000,001,122 | ---- | M] () -- C:\Users\Computer\Desktop\Cyberlink Power2Go.lnk
[2012/11/05 22:58:16 | 000,002,429 | ---- | M] () -- C:\Users\Computer\Desktop\CyberLink YouCam.lnk
[2012/11/05 14:53:31 | 000,039,252 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012/11/05 14:53:31 | 000,039,252 | ---- | M] () -- C:\windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012/11/15 23:49:34 | 000,881,833 | ---- | C] () -- C:\Users\Computer\Desktop\SecurityCheck (1).exe
[2012/11/15 18:55:59 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/14 07:11:47 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/13 22:47:04 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/13 14:09:24 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012/11/11 21:59:12 | 354,567,166 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/11/11 20:59:42 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/11/11 20:59:42 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2012/11/10 12:50:16 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk
[2012/11/08 13:07:29 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2012/11/08 13:03:15 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2012/11/08 13:02:37 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2012/11/08 13:02:37 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2012/11/08 13:02:05 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2012/11/07 08:18:11 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2012/11/07 08:18:06 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2012/11/05 23:43:57 | 000,263,186 | ---- | C] () -- C:\Users\Computer\Desktop\Minecraft.exe
[2012/11/05 23:37:53 | 000,002,154 | ---- | C] () -- C:\windows\epplauncher.mif
[2012/11/05 23:37:41 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/11/05 23:29:10 | 000,002,255 | ---- | C] () -- C:\Users\Computer\Desktop\Google Chrome.lnk
[2012/11/05 23:28:30 | 000,000,902 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/05 23:28:29 | 000,000,898 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/05 23:26:44 | 000,001,437 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/05 22:58:01 | 000,001,409 | ---- | C] () -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/05 22:57:54 | 000,001,443 | ---- | C] () -- C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/05 22:56:55 | 000,002,429 | ---- | C] () -- C:\Users\Computer\Desktop\CyberLink YouCam.lnk
[2012/11/05 22:56:55 | 000,002,104 | ---- | C] () -- C:\Users\Computer\Desktop\OneKey Recovery.lnk
[2012/11/05 22:56:55 | 000,001,122 | ---- | C] () -- C:\Users\Computer\Desktop\Cyberlink Power2Go.lnk
[2012/11/05 22:56:55 | 000,000,290 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/05 22:56:55 | 000,000,272 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/11/05 14:50:44 | 2210,578,432 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/17 22:56:06 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2011/03/17 22:56:06 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2011/03/17 22:47:40 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll
[2011/03/17 22:37:12 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011/03/17 22:37:12 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011/03/17 22:37:06 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011/03/17 22:22:42 | 000,015,190 | ---- | C] () -- C:\windows\M3000Twn.ini
[2011/03/17 22:08:19 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/03/17 22:04:08 | 000,002,857 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 17:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 05:25:40 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 17:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 05:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 05:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/16 22:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 17:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 17:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 14:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/01 21:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/01 20:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 05:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 05:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 04:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 22:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 17:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 17:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 17:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 17:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 05:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2009/07/13 17:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 17:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 17:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 17:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 17:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 09:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 17:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 03:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/10 22:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 22:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 17:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 05:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 05:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 05:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 22:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 17:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 05:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 05:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 04:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 05:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 05:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 04:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 17:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 21:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 05:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 05:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 05:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 05:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 05:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 05:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 05:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 05:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 04:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 17:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 14:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 05:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 05:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9320325AS ATA Device
Partitions: 4
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 200.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 254.00GB
Starting Offset: 210763776
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 29.00GB
Starting Offset: 273095327744
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15.00GB
Starting Offset: 304229646336
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< MD5 for: EXPLORER.EXE >
[2011/02/25 22:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 21:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 17:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 21:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/03/17 13:29:41 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 21:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 22:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 22:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 22:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 04:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/03/17 13:30:30 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011/03/17 13:29:41 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011/03/17 13:30:30 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 05:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011/03/17 13:29:41 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011/03/17 13:30:30 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 17:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/03/17 13:29:41 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/25 22:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011/03/17 13:30:30 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 05:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\windows\SysNative\qmgr.dll
[2010/11/20 05:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 17:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 13:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.EXE >
[2009/07/13 17:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 17:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 18:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\windows\SysNative\en-US\services.exe.mui
[2009/07/13 18:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 20:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 12:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 12:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 18:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 12:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2009/07/13 18:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 13:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 18:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 12:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 18:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 13:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 12:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 12:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 17:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 17:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 17:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 17:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 04:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 04:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 17:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 17:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 05:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 05:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 05:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 05:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 17:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2011/03/17 13:41:01 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011/03/17 13:41:01 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"DisplayName" = @%SystemRoot%\system32\qmgr.dll,-1000
"ImagePath" = %SystemRoot%\System32\svchost.exe -k netsvcs -- [2009/07/13 17:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\qmgr.dll,-1001
"ObjectName" = LocalSystem
"ErrorControl" = 1
"Start" = 3
"DelayedAutoStart" = 1
"Type" = 32
"DependOnService" = RpcSsEventSystem [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeCreateGlobalPrivilegeSeImperson [Binary data over 200 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = %SystemRoot%\System32\qmgr.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Performance]
"Library" = bitsperf.dll -- [2010/11/20 04:18:07 | 000,019,456 | ---- | M] (Microsoft Corporation)
"Open" = PerfMon_Open
"Collect" = PerfMon_Collect
"Close" = PerfMon_Close
"InstallType" = 1
"PerfIniFile" = bitsctrs.ini
"First Counter" = 2156
"Last Counter" = 2172
"First Help" = 2157
"Last Help" = 2173
"Object List" = 2156
"PerfMMFileName" = Global\MMF_BITS_s
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = 01 00 14 80 90 00 00 00 A0 00 00 00 14 00 00 00 34 00 00 00 02 00 20 00 01 00 00 00 02 C0 18 00 00 00 0C 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 02 00 5C 00 04 00 00 00 00 02 14 00 FF 01 0F 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 [Binary data over 200 bytes]

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< >

< End of report >
  • 0

#8
emeraldnzl
Posted 16 November 2012 - 12:36 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Bassman02,

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/11/08 08:28:34 | 000,000,000 | ---D | M]
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

:Files
ipconfig /flushdns /c

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[resethosts]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
After that

Even after disabling MSE it still freezes.


Try running it in Safe Mode.

Boot into Safe Mode:

1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, tap F8 continually.
3) If you are asked what mode to bootup in press Esc to boot in the default settings
4) Instead of Windows loading as normal, a menu should appear
5) Select the option to run Windows in Safe Mode.

When you return please post
  • MBAM log if you have been able to run it
  • OTL fix log
  • 0

#9
Bassman02
Posted 16 November 2012 - 12:41 AM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Have been running in safe mode as that is the only way to get the computer to do anything. :killcomp:
  • 0

#10
Bassman02
Posted 16 November 2012 - 12:47 AM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/SAFFPlugin\ deleted successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\ not found.
C:\Program Files (x86)\McAfee\SiteAdvisor\x64 folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\Scripts folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\Download folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\Components folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Computer\Desktop\cmd.bat deleted successfully.
C:\Users\Computer\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Computer
->Temp folder emptied: 22093243 bytes
->Temporary Internet Files folder emptied: 177465584 bytes
->Java cache emptied: 295449 bytes
->Google Chrome cache emptied: 30800010 bytes
->Flash cache emptied: 61359 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 58264 bytes

User: Default User

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 174604171 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46410939 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 431.00 mb


[EMPTYFLASH]

User: All Users

User: Computer
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Computer
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 0.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 11162012_004422

Files\Folders moved on Reboot...
C:\Users\Computer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

Advertisements

#11
emeraldnzl
Posted 16 November 2012 - 01:18 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Bassman02,

Have been running in safe mode as that is the only way to get the computer to do anything.


Oh dear, I overlooked that... :rolleyes:

Moving on then


Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#12
Bassman02
Posted 16 November 2012 - 01:24 PM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ComboFix 12-11-16.02 - Computer 11/16/2012 13:15:31.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1842 [GMT -8:00]
Running from: c:\users\Computer\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Files Created from 2012-10-16 to 2012-11-16 )))))))))))))))))))))))))))))))
.
.
2012-11-16 21:19 . 2012-11-16 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-16 08:44 . 2012-11-16 08:44 -------- d-----w- C:\_OTL
2012-11-16 02:55 . 2012-11-16 02:55 -------- d-----w- c:\programdata\Malwarebytes
2012-11-16 02:55 . 2012-11-16 02:55 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-16 02:55 . 2012-09-30 03:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-15 22:29 . 2012-10-12 08:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D69A86BE-8594-4417-AF9F-FF0618FE8515}\mpengine.dll
2012-11-14 15:31 . 2012-10-12 08:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-14 15:11 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 15:11 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 15:11 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-14 15:11 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 06:47 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 06:47 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 06:47 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 06:47 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 06:47 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 06:47 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 06:47 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-13 22:09 . 2012-11-13 22:09 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-11-12 21:16 . 2012-11-14 06:47 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-12 20:59 . 2012-11-12 20:59 -------- d-----w- c:\windows\system32\SPReview
2012-11-12 20:58 . 2012-11-12 20:58 -------- d-----w- c:\windows\system32\EventProviders
2012-11-12 05:24 . 2012-11-12 05:24 -------- d-----w- c:\program files\Movie Maker
2012-11-12 04:59 . 2012-11-12 04:59 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-11-11 20:44 . 2012-11-11 20:44 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2012-11-11 05:04 . 2012-11-11 05:04 -------- d-----w- c:\program files\7-Zip
2012-11-10 20:49 . 2009-09-05 01:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2012-11-10 20:29 . 2012-11-11 21:38 -------- d-----w- c:\program files (x86)\Origin Games
2012-11-10 20:27 . 2012-11-14 05:17 -------- d-----w- c:\programdata\Origin
2012-11-10 20:27 . 2012-11-14 05:17 -------- d-----w- c:\programdata\Electronic Arts
2012-11-10 05:27 . 2012-11-10 05:27 -------- d-----w- c:\programdata\CyberLink
2012-11-08 21:08 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2012-11-08 21:08 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-11-08 21:08 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-11-08 21:08 . 2010-11-20 13:27 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-08 21:08 . 2010-11-20 13:27 3715584 ----a-w- c:\windows\system32\mstscax.dll
2012-11-08 21:08 . 2010-11-20 13:26 1838080 ----a-w- c:\windows\system32\d3d10warp.dll
2012-11-08 21:08 . 2010-11-20 11:07 59392 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-08 21:08 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll
2012-11-08 21:08 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-08 21:06 . 2010-11-20 13:27 299520 ----a-w- c:\windows\system32\tsmf.dll
2012-11-08 21:05 . 2010-11-20 13:33 263040 ----a-w- c:\windows\system32\hal.dll
2012-11-08 21:04 . 2010-11-20 12:17 2012672 ----a-w- c:\program files (x86)\Windows Media Player\setup_wm.exe
2012-11-08 21:03 . 2010-11-20 13:44 50176 ----a-w- c:\windows\system32\NAPCRYPT.DLL
2012-11-08 21:02 . 2010-11-20 12:21 36352 ----a-w- c:\windows\SysWow64\wshbth.dll
2012-11-08 21:01 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2012-11-08 21:01 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2012-11-08 21:01 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-11-08 21:01 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-11-08 21:01 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-11-08 20:56 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-11-08 20:56 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2012-11-08 20:56 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-11-08 20:56 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2012-11-08 20:56 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-11-08 20:56 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2012-11-08 20:56 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2012-11-08 20:54 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2012-11-08 17:01 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-11-08 02:23 . 2012-11-08 02:23 -------- d-----w- c:\windows\SysWow64\Wat
2012-11-08 02:23 . 2012-11-08 02:23 -------- d-----w- c:\windows\system32\Wat
2012-11-08 02:17 . 2012-11-08 02:17 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-11-07 15:54 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-07 15:54 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-07 15:54 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-11-07 15:54 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-07 15:54 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-11-07 05:56 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-11-07 05:55 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-07 05:54 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-11-07 05:53 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-07 05:52 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-11-07 05:27 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-11-07 05:27 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-07 05:27 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-07 05:27 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-11-07 05:27 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-11-07 05:27 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-11-07 05:26 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-11-07 05:26 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-11-07 01:19 . 2009-03-19 00:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-11-06 18:49 . 2012-11-06 18:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-11-06 18:48 . 2012-11-06 18:48 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-06 18:48 . 2012-11-06 18:48 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-06 18:48 . 2012-11-06 18:48 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-06 18:48 . 2012-11-06 18:48 -------- d-----w- c:\program files (x86)\Java
2012-11-06 07:40 . 2012-11-06 07:40 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE277F5B-5556-453C-A495-01C08A93717E}\gapaengine.dll
2012-11-06 07:40 . 2012-01-31 12:44 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-11-06 07:37 . 2012-11-06 07:37 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-06 07:37 . 2012-11-06 07:37 -------- d-----w- c:\program files\Microsoft Security Client
2012-11-06 07:28 . 2012-11-06 07:29 -------- d-----w- c:\program files (x86)\Google
2012-11-06 07:28 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-11-06 07:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-11-06 07:28 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-11-06 06:57 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-11-06 06:57 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-11-06 06:57 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-11-06 06:57 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-11-06 06:56 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-11-06 06:56 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-11-06 06:56 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-11-06 06:56 . 2012-11-06 06:57 -------- d-----w- c:\users\Computer
2012-11-06 06:56 . 2012-06-02 23:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-06 06:56 . 2012-06-02 23:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-11-06 06:56 . 2012-11-06 06:56 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-12 21:12 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-11-12 21:12 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-11-06 06:57 . 2010-06-24 11:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-31 06:03 . 2012-08-31 06:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-31 06:03 . 2012-08-31 06:03 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-20 17:38 . 2012-11-07 05:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-19 98304]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-03-18 3122528]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-12 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-19 203264]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-07 1255736]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-12 2452912]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 07:28]
.
2012-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 07:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-03-18 06:37 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-08-20 11448424]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-08-20 2120808]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A} - c:\program files (x86)\McAfee\SiteAdvisor\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-16 13:22:25
ComboFix-quarantined-files.txt 2012-11-16 21:22
.
Pre-Run: 238,719,827,968 bytes free
Post-Run: 238,480,916,480 bytes free
.
- - End Of File - - 6C2E2A5DF00504C3D8C332266F17C73B
  • 0

#13
emeraldnzl
Posted 16 November 2012 - 01:52 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
There are remnants of an earlier installation of Malwarebytes on your machine.

There will most likely be conflict with Microsoft Security Essentials.

Download and run Malwarebytes Removal Tool.

When finished it will ask you to restart your machine. Restart and see if there has been a change in your computer.

Come back and tell me how you got on.
  • 0

#14
Bassman02
Posted 16 November 2012 - 05:33 PM

Bassman02

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
It is still real slow, both internet and trying to to run any programs.
  • 0

#15
emeraldnzl
Posted 16 November 2012 - 05:58 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Let's check to see if those Malwarebytes Services have gone.

  • Close all windows and open OTL again.
  • under "Files Created Within" check None do the same for "Files Modified Within"
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
Note: If the log doesn't appear where you saved OTL when you downloaded it then a copy of the OTL log is saved in a text file at

:\_OTL\MovedFiles
in most cases this will be C:\_OTL\MovedFiles
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP