Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware on Google Chrome [Closed]

Started by Nexus273 , Sep 14 2014 05:22 PM
Malware URL:Mal Avast Alert URL:Mal Avast Chrome

  • This topic is locked This topic is locked

#1
Nexus273
Posted 14 September 2014 - 05:22 PM

Nexus273

    New Member

  • Member
  • Pip
  • 1 posts

Hi, i have been having some problems with a malware extension on Google Chrome that i can't delete called GooSaveNoww i try to uninstall it but every time i do it i appears again. My OS is Windows 7 Ultimate 32 bits and my processor is Intel Atom 1,66 GHz. I also send the notification that Avast gives every time i open Google Chrome.

                                                                          Please help.

 

 
 
 
 
 
 
OTL logfile created on: 15-09-2014 18:44:46 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Blanca\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000340a | Country: Chile | Language: ESL | Date Format: dd-MM-yyyy
 
1,99 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 45,62% Memory free
3,98 Gb Paging File | 2,89 Gb Available in Paging File | 72,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 421,69 Gb Free Space | 90,54% Space Free | Partition Type: NTFS
 
Computer Name: BLANCA-PC | User Name: Blanca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-09-15 18:41:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Blanca\Downloads\OTL.exe
PRC - [2014-08-29 22:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe
PRC - [2014-08-01 14:28:44 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe
PRC - [2014-08-01 14:17:29 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
PRC - [2010-11-20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-08-29 22:49:41 | 000,331,592 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014-08-29 22:49:38 | 008,577,864 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014-08-29 22:49:32 | 000,310,088 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\37.0.2062.103\libexif.dll
MOD - [2014-08-29 22:49:30 | 001,660,232 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014-08-01 14:17:35 | 019,329,904 | ---- | M] () -- C:\Archivos de programa\AVAST Software\Avast\libcef.dll
MOD - [2014-08-01 14:17:33 | 000,301,152 | ---- | M] () -- C:\Archivos de programa\AVAST Software\Avast\aswProperty.dll
MOD - [2014-07-31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014-07-31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2014-08-01 14:17:29 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-08-15 17:59:23 | 000,916,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009-07-13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2014-09-11 00:14:58 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014-09-11 00:10:56 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-09-11 00:10:56 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-09-11 00:10:56 | 000,071,944 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014-09-11 00:10:56 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014-09-11 00:10:56 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-09-11 00:10:56 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014-09-11 00:10:55 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013-08-25 21:17:26 | 003,234,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010-11-20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-13 18:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://cl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-cl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CF C0 F8 0D A4 CC CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-01 14:27:28 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.826.0.5_0\
CHR - Extension: Videostream for Google Chromecastâ„¢ = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl\1.3.1.5_0\
CHR - Extension: Búsqueda de Google = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiailanmmlbpjcakmbjnjnmaabkabhjb\1.8\
CHR - Extension: avast! Online Security = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: Extension Defender = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkakdehcmmnojcdalpkfgmhphnicaonm\1.0.2_0\
CHR - Extension: Google Wallet = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Blanca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {e5473ac9-d20b-465d-aab8-3784199d2ff5} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4989E347-7DB3-4C70-94A1-1AA20CDF496C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98D5E4C0-ED37-46FA-AAC1-1EBA70C1B5C9}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-09-15 18:42:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-09-15 18:35:18 | 004,181,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Blanca\Desktop\TDSSKiller.exe
[2014-09-15 16:29:43 | 000,045,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014-09-15 16:29:42 | 002,425,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014-09-15 16:28:21 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014-09-15 16:28:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014-09-15 15:40:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014-09-15 15:38:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014-09-14 23:52:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2014-09-14 23:52:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014-09-14 23:52:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014-09-14 23:52:51 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-09-14 23:52:50 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2014-09-14 23:52:49 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2014-09-14 23:52:48 | 000,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014-09-14 23:52:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2014-09-14 23:52:45 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014-09-14 23:52:44 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-09-14 23:52:44 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014-09-14 23:52:42 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014-09-14 23:52:41 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014-09-14 23:52:39 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014-09-14 23:52:36 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2014-09-14 23:52:33 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014-09-14 23:52:31 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2014-09-14 23:52:30 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014-09-14 23:52:29 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2014-09-14 23:52:26 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2014-09-14 23:52:25 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2014-09-14 23:52:22 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2014-09-14 23:52:20 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014-09-14 23:52:19 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2014-09-14 23:52:17 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2014-09-14 23:52:16 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014-09-14 23:52:14 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014-09-14 23:52:11 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2014-09-14 23:52:10 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014-09-14 23:52:09 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014-09-14 23:52:09 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2014-09-14 23:52:08 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2014-09-14 23:52:05 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2014-09-14 23:52:05 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2014-09-14 23:52:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2014-09-14 23:52:04 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014-09-14 23:52:01 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014-09-14 23:52:00 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2014-09-14 23:51:58 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2014-09-14 23:51:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014-09-14 23:51:57 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014-09-14 23:51:57 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014-09-14 23:51:56 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014-09-14 23:51:56 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014-09-14 23:51:56 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2014-09-14 23:51:55 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-09-14 23:51:54 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-09-14 23:51:52 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2014-09-14 23:51:51 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014-09-14 23:51:50 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2014-09-14 23:51:49 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014-09-14 23:51:49 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014-09-14 23:51:48 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2014-09-14 23:51:46 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2014-09-14 23:51:46 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2014-09-14 23:51:46 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014-09-14 23:51:44 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014-09-14 23:51:44 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2014-09-14 23:51:44 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014-09-14 23:51:43 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2014-09-14 23:51:42 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014-09-14 23:51:40 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2014-09-14 23:51:39 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2014-09-14 23:51:38 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014-09-14 23:51:38 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2014-09-14 23:51:38 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014-09-14 23:51:37 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2014-09-14 23:51:36 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2014-09-14 23:51:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2014-09-14 23:51:33 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2014-09-14 23:51:32 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2014-09-14 23:51:31 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2014-09-14 23:51:28 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2014-09-14 23:51:28 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014-09-14 23:51:27 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014-09-14 23:51:26 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2014-09-14 23:51:26 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2014-09-14 23:51:26 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2014-09-14 23:51:26 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2014-09-14 23:51:25 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2014-09-14 23:51:22 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014-09-14 23:51:20 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014-09-14 23:51:20 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014-09-14 23:51:20 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2014-09-14 23:51:19 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2014-09-14 23:51:18 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2014-09-14 23:51:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2014-09-14 23:51:18 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2014-09-14 23:51:16 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2014-09-14 23:51:16 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2014-09-14 23:51:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2014-09-14 23:51:14 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2014-09-14 23:51:14 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2014-09-14 23:51:12 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2014-09-14 23:51:12 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014-09-14 23:51:11 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014-09-14 23:51:10 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-09-14 23:51:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2014-09-14 23:51:09 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2014-09-14 23:51:07 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2014-09-14 23:51:05 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014-09-14 23:51:05 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014-09-14 23:51:05 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014-09-14 23:51:05 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2014-09-14 23:51:05 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014-09-14 23:51:04 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014-09-14 23:51:04 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2014-09-14 23:51:04 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2014-09-14 23:51:03 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2014-09-14 23:51:02 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2014-09-14 23:51:02 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014-09-14 23:51:01 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014-09-14 23:50:59 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014-09-14 23:50:58 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014-09-14 23:50:58 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2014-09-14 23:50:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014-09-14 23:50:57 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014-09-14 23:50:57 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014-09-14 23:50:56 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014-09-14 23:50:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014-09-14 23:50:55 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2014-09-14 23:50:55 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2014-09-14 23:50:54 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014-09-14 23:50:54 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2014-09-14 23:50:54 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2014-09-14 23:50:54 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2014-09-14 23:50:53 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2014-09-14 23:50:53 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2014-09-14 23:50:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014-09-14 23:50:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014-09-14 23:50:51 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2014-09-14 23:50:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2014-09-14 23:50:50 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014-09-14 23:50:49 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2014-09-14 23:50:49 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014-09-14 23:50:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2014-09-14 23:50:48 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014-09-14 23:50:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-09-14 23:50:47 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2014-09-14 23:50:46 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2014-09-14 23:50:46 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2014-09-14 23:50:46 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014-09-14 23:50:45 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014-09-14 23:50:44 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014-09-14 23:50:42 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2014-09-14 23:50:42 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2014-09-14 23:50:41 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2014-09-14 23:50:40 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014-09-14 23:50:40 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2014-09-14 23:50:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2014-09-14 23:50:39 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2014-09-14 23:50:39 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2014-09-14 23:50:39 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014-09-14 23:50:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014-09-14 23:50:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2014-09-14 23:50:37 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014-09-14 23:50:37 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014-09-14 23:50:37 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014-09-14 23:50:37 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014-09-14 23:50:36 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2014-09-14 23:50:35 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2014-09-14 23:50:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2014-09-14 23:50:34 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2014-09-14 23:50:34 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2014-09-14 23:50:34 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014-09-14 23:50:34 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014-09-14 23:50:34 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2014-09-14 23:50:34 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2014-09-14 23:50:33 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2014-09-14 23:50:32 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014-09-14 23:50:32 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2014-09-14 23:50:32 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2014-09-14 23:50:31 | 001,466,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-09-14 23:50:31 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014-09-14 23:50:30 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2014-09-14 23:50:30 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014-09-14 23:50:30 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2014-09-14 23:50:29 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2014-09-14 23:50:29 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2014-09-14 23:50:28 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2014-09-14 23:50:27 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014-09-14 23:50:26 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2014-09-14 23:50:26 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014-09-14 23:50:26 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014-09-14 23:50:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2014-09-14 23:50:25 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2014-09-14 23:50:24 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2014-09-14 23:50:24 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014-09-14 23:50:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-09-14 23:50:23 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014-09-14 23:50:23 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2014-09-14 23:50:22 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2014-09-14 23:50:21 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014-09-14 23:50:20 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2014-09-14 23:50:20 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014-09-14 23:50:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2014-09-14 23:50:19 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2014-09-14 23:50:19 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2014-09-14 23:50:19 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014-09-14 23:50:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2014-09-14 23:50:18 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2014-09-14 23:50:18 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2014-09-14 23:50:17 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2014-09-14 23:50:17 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2014-09-14 23:50:17 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2014-09-14 23:50:16 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2014-09-14 23:50:16 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2014-09-14 23:50:15 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2014-09-14 23:50:15 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2014-09-14 23:50:15 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2014-09-14 23:50:15 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2014-09-14 23:50:14 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2014-09-14 23:50:14 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2014-09-14 23:50:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2014-09-14 23:50:13 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2014-09-14 23:50:12 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2014-09-14 23:50:12 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014-09-14 23:50:12 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014-09-14 23:50:12 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014-09-14 23:50:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2014-09-14 23:50:10 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2014-09-14 23:50:10 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2014-09-14 23:50:08 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014-09-14 23:50:08 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014-09-14 23:50:08 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014-09-14 23:50:07 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2014-09-14 23:50:07 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2014-09-14 23:50:07 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2014-09-14 23:50:06 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014-09-14 23:50:06 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014-09-14 23:50:06 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2014-09-14 23:50:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2014-09-14 23:50:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2014-09-14 23:50:05 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2014-09-14 23:50:04 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2014-09-14 23:50:04 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2014-09-14 23:50:04 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014-09-14 23:50:04 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014-09-14 23:50:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2014-09-14 23:50:03 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014-09-14 23:50:03 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014-09-14 23:50:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2014-09-14 23:50:02 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2014-09-14 23:50:02 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2014-09-14 23:50:02 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2014-09-14 23:50:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014-09-14 23:50:01 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014-09-14 23:50:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2014-09-14 23:50:00 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2014-09-14 23:50:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2014-09-14 23:50:00 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2014-09-14 23:49:59 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2014-09-14 23:49:59 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2014-09-14 23:49:59 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2014-09-14 23:49:58 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014-09-14 23:49:58 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014-09-14 23:49:58 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2014-09-14 23:49:57 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2014-09-14 23:49:57 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2014-09-14 23:49:56 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014-09-14 23:49:56 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2014-09-14 23:49:56 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2014-09-14 23:49:56 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2014-09-14 23:49:55 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014-09-14 23:49:55 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2014-09-14 23:49:55 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2014-09-14 23:49:55 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014-09-14 23:49:54 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2014-09-14 23:49:54 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2014-09-14 23:49:54 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2014-09-14 23:49:54 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014-09-14 23:49:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2014-09-14 23:49:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014-09-14 23:49:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014-09-14 23:49:53 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2014-09-14 23:49:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-09-14 23:49:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2014-09-14 23:49:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2014-09-14 23:49:52 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014-09-14 23:49:52 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2014-09-14 23:49:52 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2014-09-14 23:49:52 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2014-09-14 23:49:51 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2014-09-14 23:49:51 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2014-09-14 23:49:51 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-09-14 23:49:50 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2014-09-14 23:49:50 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2014-09-14 23:49:50 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2014-09-14 23:49:50 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2014-09-14 23:49:49 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2014-09-14 23:49:49 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2014-09-14 23:49:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014-09-14 23:49:48 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2014-09-14 23:49:47 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014-09-14 23:49:46 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2014-09-14 23:49:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2014-09-14 23:49:45 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2014-09-14 23:49:45 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2014-09-14 23:49:45 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014-09-14 23:49:44 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014-09-14 23:49:44 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2014-09-14 23:49:44 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2014-09-14 23:49:44 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014-09-14 23:49:44 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2014-09-14 23:49:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2014-09-14 23:49:43 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2014-09-14 23:49:42 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2014-09-14 23:49:42 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014-09-14 23:49:42 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2014-09-14 23:49:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2014-09-14 23:49:40 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014-09-14 23:49:40 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2014-09-14 23:49:40 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2014-09-14 23:49:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2014-09-14 23:49:40 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2014-09-14 23:49:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2014-09-14 23:49:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2014-09-14 23:49:38 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2014-09-14 23:49:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2014-09-14 23:49:37 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014-09-14 23:49:37 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2014-09-14 23:49:37 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2014-09-14 23:49:37 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2014-09-14 23:49:36 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014-09-14 23:49:36 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2014-09-14 23:49:36 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2014-09-14 23:49:35 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2014-09-14 23:49:35 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2014-09-14 23:49:35 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2014-09-14 23:49:35 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2014-09-14 23:49:34 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2014-09-14 23:49:34 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2014-09-14 23:49:34 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2014-09-14 23:49:33 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014-09-14 23:49:32 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2014-09-14 23:49:32 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014-09-14 23:49:31 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2014-09-14 23:49:30 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2014-09-14 23:49:30 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-09-14 23:49:29 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2014-09-14 23:49:29 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-09-14 23:49:29 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2014-09-14 23:49:29 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2014-09-14 23:49:28 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2014-09-14 23:49:28 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2014-09-14 23:49:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014-09-14 23:49:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014-09-14 23:49:27 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014-09-14 23:49:27 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-09-14 23:49:26 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2014-09-14 23:49:26 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2014-09-14 23:49:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2014-09-14 23:49:24 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2014-09-14 23:49:24 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2014-09-14 23:49:23 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2014-09-14 23:49:23 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2014-09-14 23:49:23 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2014-09-14 23:49:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2014-09-14 23:49:23 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2014-09-14 23:49:22 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2014-09-14 23:49:22 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014-09-14 23:49:21 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2014-09-14 23:49:21 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2014-09-14 23:49:21 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2014-09-14 23:49:21 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2014-09-14 23:49:20 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2014-09-14 23:49:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2014-09-14 23:49:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2014-09-14 23:49:19 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2014-09-14 23:49:18 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2014-09-14 23:49:18 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2014-09-14 23:49:18 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2014-09-14 23:49:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2014-09-14 23:49:18 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-09-14 23:49:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2014-09-14 23:49:18 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2014-09-14 23:49:17 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014-09-14 23:49:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-09-14 23:49:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014-09-14 23:49:15 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2014-09-14 23:49:15 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2014-09-14 23:49:14 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2014-09-14 23:49:14 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014-09-14 23:49:14 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014-09-14 23:49:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2014-09-14 23:49:13 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2014-09-14 23:49:13 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2014-09-14 23:49:12 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2014-09-14 23:49:12 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2014-09-14 23:49:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2014-09-14 23:49:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2014-09-14 23:49:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2014-09-14 23:49:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2014-09-14 23:49:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2014-09-14 23:49:11 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014-09-14 23:49:10 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2014-09-14 23:49:10 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2014-09-14 23:49:10 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2014-09-14 23:49:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014-09-14 23:49:10 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2014-09-14 23:49:10 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2014-09-14 23:49:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2014-09-14 23:49:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2014-09-14 23:49:09 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2014-09-14 23:49:09 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2014-09-14 23:49:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2014-09-14 23:49:09 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2014-09-14 23:49:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2014-09-14 23:49:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014-09-14 23:49:08 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2014-09-14 23:49:08 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2014-09-14 23:49:08 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2014-09-14 23:49:08 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2014-09-14 23:49:08 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2014-09-14 23:49:08 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2014-09-14 23:49:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014-09-14 23:49:07 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014-09-14 23:49:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2014-09-14 23:49:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2014-09-14 23:49:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2014-09-14 23:49:06 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2014-09-14 23:49:06 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2014-09-14 23:49:06 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2014-09-14 23:49:06 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2014-09-14 23:49:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2014-09-14 23:49:05 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2014-09-14 23:49:05 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2014-09-14 23:49:05 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2014-09-14 23:49:05 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2014-09-14 23:49:05 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2014-09-14 23:49:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2014-09-14 23:49:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014-09-14 23:49:04 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2014-09-14 23:49:04 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2014-09-14 23:49:04 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2014-09-14 23:49:04 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2014-09-14 23:49:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2014-09-14 23:49:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2014-09-14 23:49:02 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014-09-14 23:49:02 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2014-09-14 23:49:02 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2014-09-14 23:49:02 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2014-09-14 23:49:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2014-09-14 23:49:02 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2014-09-14 23:49:01 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014-09-14 23:49:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2014-09-14 23:49:01 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2014-09-14 23:49:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2014-09-14 23:49:01 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2014-09-14 23:49:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2014-09-14 23:49:00 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2014-09-14 23:49:00 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2014-09-14 23:49:00 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2014-09-14 23:49:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2014-09-14 23:49:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2014-09-14 23:49:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2014-09-14 23:48:59 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2014-09-14 23:48:59 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014-09-14 23:48:59 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2014-09-14 23:48:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2014-09-14 23:48:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2014-09-14 23:48:58 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2014-09-14 23:48:58 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2014-09-14 23:48:58 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2014-09-14 23:48:58 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2014-09-14 23:48:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014-09-14 23:48:57 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014-09-14 23:48:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2014-09-14 23:48:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2014-09-14 23:48:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2014-09-14 23:48:56 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2014-09-14 23:48:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014-09-14 23:48:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014-09-14 23:48:56 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2014-09-14 23:48:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2014-09-14 23:48:55 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2014-09-14 23:48:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2014-09-14 23:48:55 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014-09-14 23:48:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2014-09-14 23:48:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2014-09-14 23:48:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2014-09-14 23:48:54 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2014-09-14 23:48:54 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2014-09-14 23:48:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2014-09-14 23:48:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2014-09-14 23:48:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2014-09-14 23:48:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014-09-14 23:48:53 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2014-09-14 23:48:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2014-09-14 23:48:52 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014-09-14 23:48:52 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014-09-14 23:48:52 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2014-09-14 23:48:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2014-09-14 23:48:52 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2014-09-14 23:48:52 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2014-09-14 23:48:52 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2014-09-14 23:48:52 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2014-09-14 23:48:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2014-09-14 23:48:51 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2014-09-14 23:48:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2014-09-14 23:48:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2014-09-14 23:48:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2014-09-14 23:48:50 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2014-09-14 23:48:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2014-09-14 23:48:50 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2014-09-14 23:48:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2014-09-14 23:48:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2014-09-14 23:48:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2014-09-14 23:48:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2014-09-14 23:48:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2014-09-14 23:48:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2014-09-14 23:48:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2014-09-14 23:48:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014-09-14 23:48:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2014-09-14 23:48:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2014-09-14 23:48:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014-09-14 23:48:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2014-09-14 23:48:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2014-09-14 23:48:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2014-09-14 23:48:47 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2014-09-14 23:48:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2014-09-14 23:48:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2014-09-14 23:48:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2014-09-14 23:48:46 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2014-09-14 23:48:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2014-09-14 23:48:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2014-09-14 23:48:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2014-09-14 23:48:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2014-09-14 23:48:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2014-09-14 23:48:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014-09-14 23:48:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2014-09-14 23:48:44 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2014-09-14 23:48:44 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2014-09-14 23:48:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2014-09-14 23:48:42 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2014-09-14 23:48:41 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2014-09-14 23:48:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-09-14 23:48:40 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2014-09-14 23:48:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2014-09-14 23:48:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2014-09-14 23:48:39 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2014-09-14 23:48:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2014-09-14 23:48:38 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014-09-14 23:48:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2014-09-14 23:48:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2014-09-14 23:48:35 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2014-09-14 23:48:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2014-09-14 23:48:35 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2014-09-14 23:48:33 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2014-09-14 23:48:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2014-09-14 23:48:32 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-09-14 23:48:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2014-09-14 23:48:28 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2014-09-14 23:48:28 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2014-09-14 23:48:27 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2014-09-14 23:48:27 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2014-09-14 23:48:27 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2014-09-14 23:48:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2014-09-14 23:48:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2014-09-14 23:48:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014-09-14 23:48:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2014-09-14 23:48:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2014-09-14 23:48:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2014-09-14 23:48:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014-09-14 23:48:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2014-09-14 23:48:21 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014-09-14 23:48:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2014-09-14 23:48:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2014-09-14 23:48:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2014-09-14 23:48:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2014-09-14 23:48:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2014-09-14 23:48:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2014-09-14 23:48:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2014-09-14 23:48:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2014-09-14 23:48:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2014-09-14 23:48:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2014-09-14 23:48:18 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2014-09-14 23:48:18 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2014-09-14 23:48:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2014-09-14 23:48:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2014-09-14 23:48:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2014-09-14 23:48:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2014-09-14 23:48:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2014-09-14 23:48:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014-09-14 23:47:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2014-09-14 23:46:51 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2014-09-14 20:54:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-09-14 20:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-09-14 20:40:57 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2014-09-14 20:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2014-09-14 20:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2014-09-14 20:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-09-14 20:34:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-09-14 20:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014-09-14 20:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2014-09-14 20:27:37 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Microsoft Help
[2014-09-14 20:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014-09-14 20:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014-09-11 22:32:42 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
[2014-09-11 22:30:36 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-09-11 00:15:59 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\AVAST Software
[2014-09-11 00:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014-09-11 00:11:28 | 000,071,944 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014-09-11 00:11:26 | 000,779,536 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014-09-11 00:11:26 | 000,414,520 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014-09-11 00:11:24 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014-09-11 00:11:19 | 000,081,768 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014-09-11 00:11:08 | 000,276,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014-09-11 00:10:54 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-09-11 00:05:32 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\WinRAR
[2014-09-11 00:05:23 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-09-11 00:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-09-11 00:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014-09-11 00:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014-09-11 00:01:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014-09-11 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusted Publisher
[2014-09-11 00:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\GS_Booster
[2014-09-10 23:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\GaoSaavenow
[2014-09-10 23:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\GaoSaavenow
[2014-09-10 23:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\1857ab5812d62dcd
[2014-09-10 23:58:05 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Chromatic Browser
[2014-09-10 23:58:04 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Torch
[2014-09-10 23:58:04 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Comodo
[2014-09-10 15:14:28 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2014-09-10 14:58:31 | 003,234,304 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2014-09-10 14:58:31 | 000,397,312 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2014-09-10 14:58:31 | 000,061,440 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2014-09-10 14:58:31 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2014-09-10 14:58:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2014-09-10 14:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros
[2014-09-10 14:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2014-09-10 14:58:09 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014-09-10 14:57:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2014-09-10 14:56:57 | 000,000,000 | ---D | C] -- C:\SWSetup
[2014-09-10 09:56:27 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\IObit
[2014-09-10 09:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014-09-10 09:55:43 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Programs
[2014-09-10 09:42:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014-09-10 09:42:17 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014-09-10 09:42:16 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014-09-10 00:05:38 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Apple Computer
[2014-09-10 00:05:38 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Apple Computer
[2014-09-10 00:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014-09-10 00:05:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2014-09-10 00:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014-09-10 00:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014-09-10 00:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014-09-10 00:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014-09-10 00:02:33 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Apple
[2014-09-10 00:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2014-09-10 00:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014-09-10 00:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014-09-10 00:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014-09-09 23:35:29 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Diagnostics
[2014-09-09 23:30:57 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Intel
[2014-09-09 23:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014-09-09 23:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-09-09 23:14:24 | 000,231,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014-09-09 23:12:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014-09-09 23:07:01 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014-09-09 23:06:55 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Google
[2014-09-09 23:06:22 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Deployment
[2014-09-09 23:06:22 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Apps
[2014-09-09 23:06:18 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014-09-09 23:06:18 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014-09-09 23:06:18 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014-09-09 23:01:57 | 000,000,000 | R--D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014-09-09 23:01:57 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Searches
[2014-09-09 23:01:57 | 000,000,000 | R--D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014-09-09 23:01:45 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Identities
[2014-09-09 23:01:42 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Contacts
[2014-09-09 23:01:33 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\VirtualStore
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\SendTo
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Reciente
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Plantillas
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Documents\Mis vídeos
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Documents\Mis imágenes
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Mis documentos
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Documents\Mi música
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Menú Inicio
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Impresoras
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\AppData\Local\Historial
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Entorno de red
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Datos de programa
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\AppData\Local\Datos de programa
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Cookies
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\Configuración local
[2014-09-09 23:01:31 | 000,000,000 | -HSD | C] -- C:\Users\Blanca\AppData\Local\Archivos temporales de Internet
[2014-09-09 23:01:30 | 000,000,000 | --SD | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Videos
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Saved Games
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Pictures
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Music
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Links
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Favorites
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Downloads
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Documents
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\Desktop
[2014-09-09 23:01:30 | 000,000,000 | R--D | C] -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014-09-09 23:01:30 | 000,000,000 | -H-D | C] -- C:\Users\Blanca\AppData
[2014-09-09 23:01:30 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Temp
[2014-09-09 23:01:30 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Local\Microsoft
[2014-09-09 23:01:30 | 000,000,000 | ---D | C] -- C:\Users\Blanca\AppData\Roaming\Media Center Programs
[2014-09-09 23:01:14 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014-09-09 23:01:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Archivos comunes
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plantillas
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis vídeos
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis imágenes
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mi música
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menú Inicio
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Escritorio
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos
[2014-09-09 23:01:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Datos de programa
[2014-09-09 04:36:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014-09-09 04:31:30 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014-09-08 23:30:24 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014-09-08 23:17:43 | 000,000,000 | ---D | C] -- C:\Windows.old.000
[2014-09-08 23:06:12 | 000,000,000 | -HSD | C] -- C:\Boot
[2014-09-08 22:53:48 | 000,000,000 | ---D | C] -- C:\Windows.old
[2014-08-26 22:07:16 | 000,000,000 | ---D | C] -- C:\90438e0bea0d4cab51
 
========== Files - Modified Within 30 Days ==========
 
[2014-09-15 19:01:24 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-09-15 18:22:40 | 000,013,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-09-15 18:22:40 | 000,013,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-09-15 18:12:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-09-15 16:25:47 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-09-15 16:25:42 | 000,694,386 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2014-09-15 16:25:42 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-09-15 16:25:42 | 000,134,448 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2014-09-15 16:25:42 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-09-15 16:20:22 | 000,410,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-09-15 16:20:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-09-15 16:19:54 | 1602,195,456 | -HS- | M] () -- C:\hiberfil.sys
[2014-09-15 15:55:02 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2014-09-12 17:13:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014-09-11 13:10:39 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-09-11 01:16:32 | 000,000,478 | -H-- | M] () -- C:\Windows\tasks\GS_Booster-S-576482620.job
[2014-09-11 00:15:38 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014-09-11 00:14:58 | 000,414,520 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014-09-11 00:10:56 | 000,779,536 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014-09-11 00:10:56 | 000,192,352 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014-09-11 00:10:56 | 000,071,944 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014-09-11 00:10:56 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014-09-11 00:10:56 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014-09-11 00:10:56 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014-09-11 00:10:55 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014-09-11 00:10:54 | 000,276,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014-09-11 00:10:54 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-09-10 23:58:18 | 000,000,418 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-09-10 00:05:31 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014-09-09 23:49:57 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014-09-09 23:33:00 | 000,000,296 | ---- | M] () -- C:\WirelessDiagLog.csv
[2014-09-09 04:43:51 | 000,052,732 | ---- | M] () -- C:\Windows\System32\license.rtf
[2014-09-08 23:30:11 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014-09-08 23:30:08 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2014-09-08 23:06:14 | 000,000,355 | -H-- | M] () -- C:\Boot.BAK
[2014-08-25 06:53:44 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014-08-16 22:12:17 | 000,000,040 | -H-- | M] () -- C:\5A49D926941B
 
========== Files Created - No Company Name ==========
 
[2014-09-14 23:52:48 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014-09-14 23:52:16 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014-09-14 23:48:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014-09-14 23:48:42 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2014-09-14 23:48:15 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2014-09-12 17:13:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014-09-11 00:15:38 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014-09-11 00:11:27 | 000,192,352 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014-09-11 00:11:25 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014-09-11 00:11:20 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014-09-11 00:01:10 | 000,000,478 | -H-- | C] () -- C:\Windows\tasks\GS_Booster-S-576482620.job
[2014-09-10 23:58:18 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-09-10 00:05:31 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014-09-10 00:02:31 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014-09-09 23:49:57 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014-09-09 23:33:00 | 000,000,296 | ---- | C] () -- C:\WirelessDiagLog.csv
[2014-09-09 23:14:30 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-09-09 23:07:15 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-09-09 23:07:11 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-09-09 23:02:01 | 000,001,401 | ---- | C] () -- C:\Users\Blanca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014-09-09 04:43:08 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014-09-09 04:42:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014-09-09 04:31:03 | 1602,195,456 | -HS- | C] () -- C:\hiberfil.sys
[2014-09-08 23:06:17 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014-09-08 23:06:14 | 000,000,355 | -H-- | C] () -- C:\Boot.BAK
[2014-09-08 23:06:13 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2014-08-16 22:12:17 | 000,000,040 | -H-- | C] () -- C:\5A49D926941B
 
========== ZeroAccess Check ==========
 
[2009-07-14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 08:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
< End of report >
 

 

 

 

Attached Thumbnails

  • Avast.PNG

  • 0

Advertisements

#2
BrianDrab
Posted 16 September 2014 - 07:02 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I will be helping you with Malware Removal.

 

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.
 

- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

 

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

 


- Finally Before We Start-

 

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

OK, let's get started. When you ran OTL the first time there should have been an Extras.txt file that was created. This would be in the same directory as the OTL tool (so in your downloads folder). Can you please post the contents of this? Thank you.


  • 0

#3
Dakeyras
Posted 24 September 2014 - 05:04 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Malware URL:Mal, Avast Alert, URL:Mal, Avast, Chrome

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP