Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Recurrent browser hijack

Started by sermolupi , Nov 14 2014 02:58 PM

Please log in to reply

#1
sermolupi

Posted 14 November 2014 - 02:58 PM

New Member

Member
4 posts

Dear all -

I've been trying to fix a browser hijack for a week now.

It clogs up google with its own results, and pop ups keep coming that say java update needed, and even if I keep closing them, redirect me to http://m3.ztvweu.com...ckid=1415998436

malwarebytes, adwcleaner, hitman pro and several other programmes can't find anything. Help!

PS I'm running google chrome, windows 8.1 and am not very tech savvy.

Thank you so much!

#2
zep516

Posted 14 November 2014 - 06:29 PM

Trusted Helper

Malware Removal
8,090 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

First

Please download OTL to your Desktop

Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox
and
Check the option for All under the Extra Registry section
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

OTL.txt <-- Will be opened, maximized
Extras.txt <-- Will be minimized on task bar.

Please post the contents of both OTL.txt and Extras.txt files in your next reply.

#3
sermolupi

Posted 15 November 2014 - 10:07 AM

New Member

Topic Starter
Member
4 posts

Many thanks.

OTL report

OTL logfile created on: 15/11/2014 15:08:43 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JDH\Downloads

64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17416)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.90 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 31.71% Memory free

5.27 Gb Paging File | 2.21 Gb Available in Paging File | 41.98% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 103.25 Gb Total Space | 71.03 Gb Free Space | 68.79% Space Free | Partition Type: NTFS

Computer Name: JAMES | User Name: JDH | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/11/15 15:06:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JDH\Downloads\OTL.exe

PRC - [2014/10/22 04:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2014/09/09 13:12:44 | 001,923,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\winword.exe

PRC - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

PRC - [2013/04/15 14:39:30 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Web Connection\L800_EE\BackgroundService\ModemListener.exe

PRC - [2013/01/14 13:06:52 | 000,058,192 | ---- | M] () -- C:\Program Files (x86)\Web Connection\L800_EE\BackgroundService\ServiceManager.exe

PRC - [2012/12/18 21:13:46 | 000,156,000 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe

PRC - [2012/08/04 14:02:22 | 001,548,952 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe

PRC - [2012/07/20 01:09:00 | 000,193,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe

PRC - [2012/07/17 13:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2012/07/17 13:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2012/06/27 11:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

PRC - [2012/06/25 09:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

========== Modules (No Company Name) ==========

MOD - [2014/10/22 04:05:00 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

MOD - [2014/10/22 04:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll

MOD - [2014/10/22 04:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll

MOD - [2014/10/22 04:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll

MOD - [2014/10/22 04:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

MOD - [2014/09/25 21:37:05 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll

MOD - [2014/07/07 05:44:32 | 000,196,264 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\IEAWSDC.DLL

MOD - [2014/04/23 15:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2014/04/23 15:04:54 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2013/04/15 14:39:30 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Web Connection\L800_EE\BackgroundService\ModemListener.exe

MOD - [2012/12/18 21:13:47 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll

MOD - [2012/12/18 21:13:47 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll

MOD - [2012/12/18 21:13:46 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll

MOD - [2012/12/18 21:13:46 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll

MOD - [2012/12/18 21:13:46 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll

MOD - [2012/12/18 21:13:46 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll

MOD - [2012/12/18 21:13:46 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll

MOD - [2012/12/18 21:13:45 | 000,064,512 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll

MOD - [2012/12/18 21:13:44 | 000,446,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/11/14 19:29:25 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)

SRV:64bit: - [2014/11/11 20:58:00 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)

SRV:64bit: - [2014/11/11 20:57:08 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)

SRV:64bit: - [2014/11/11 20:57:08 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)

SRV:64bit: - [2014/11/11 20:56:32 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/09/25 02:10:24 | 002,436,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)

SRV:64bit: - [2014/09/24 17:22:09 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)

SRV:64bit: - [2014/09/24 16:56:08 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)

SRV:64bit: - [2014/09/24 16:56:07 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)

SRV:64bit: - [2014/09/24 16:39:09 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)

SRV:64bit: - [2014/09/24 16:38:56 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)

SRV:64bit: - [2014/09/24 16:30:04 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)

SRV:64bit: - [2014/09/24 16:30:03 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)

SRV:64bit: - [2014/09/24 16:29:57 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)

SRV:64bit: - [2014/09/24 16:29:55 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)

SRV:64bit: - [2014/09/24 16:29:54 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)

SRV:64bit: - [2014/09/24 16:29:51 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)

SRV:64bit: - [2014/09/24 16:29:51 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)

SRV:64bit: - [2014/09/24 16:29:49 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)

SRV:64bit: - [2014/09/04 01:56:22 | 000,562,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)

SRV:64bit: - [2014/08/01 13:05:22 | 000,601,864 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\virusscan\mcods.exe -- (McODS)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McSchedulerSvc)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McOobeSv2)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2014/07/30 03:59:04 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)

SRV:64bit: - [2014/07/24 14:09:54 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)

SRV:64bit: - [2014/07/22 23:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV:64bit: - [2014/07/18 08:01:10 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)

SRV:64bit: - [2014/07/18 07:52:02 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV:64bit: - [2013/08/28 15:24:04 | 003,378,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)

SRV:64bit: - [2013/08/28 15:23:48 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV:64bit: - [2013/08/28 15:23:40 | 000,626,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV:64bit: - [2013/08/28 15:23:20 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV:64bit: - [2013/08/22 11:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)

SRV:64bit: - [2013/08/22 11:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)

SRV:64bit: - [2013/08/22 11:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)

SRV:64bit: - [2013/08/22 11:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)

SRV:64bit: - [2013/08/22 11:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)

SRV:64bit: - [2013/08/22 10:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)

SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)

SRV:64bit: - [2013/08/22 10:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)

SRV:64bit: - [2013/08/22 09:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)

SRV:64bit: - [2013/08/22 09:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)

SRV:64bit: - [2013/08/22 09:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)

SRV:64bit: - [2013/08/22 09:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)

SRV:64bit: - [2013/08/22 09:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)

SRV:64bit: - [2013/08/22 09:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)

SRV:64bit: - [2013/08/22 09:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)

SRV:64bit: - [2013/08/22 09:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)

SRV:64bit: - [2012/12/05 15:48:00 | 000,201,872 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)

SRV:64bit: - [2012/08/24 16:33:20 | 000,291,240 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)

SRV:64bit: - [2012/07/28 08:20:44 | 000,458,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)

SRV:64bit: - [2012/07/27 13:35:00 | 000,053,384 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV:64bit: - [2012/05/11 05:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McOobeSv)

SRV:64bit: - [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

SRV:64bit: - [2012/01/26 13:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\MSC\McAWFwk.exe -- (McAWFwk)

SRV:64bit: - [2009/07/28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)

SRV - [2014/10/21 19:22:40 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2014/09/24 17:22:08 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)

SRV - [2014/09/24 16:38:56 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)

SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)

SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)

SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/11/04 19:22:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)

SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)

SRV - [2013/01/14 13:06:52 | 000,058,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Web Connection\L800_EE\BackgroundService\ServiceManager.exe -- (EE Suzuka Modem Device Helper)

SRV - [2013/01/04 11:41:40 | 000,116,240 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)

SRV - [2012/07/20 01:09:00 | 000,193,576 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)

SRV - [2012/07/17 13:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2012/07/17 13:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2012/06/27 11:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®

SRV - [2012/06/25 09:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

SRV - [2010/10/12 17:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/11/14 20:16:07 | 000,034,808 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)

DRV:64bit: - [2014/11/14 19:41:16 | 000,108,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SMR430.SYS -- (SMR430)

DRV:64bit: - [2014/11/11 20:57:32 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2014/11/11 20:57:32 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)

DRV:64bit: - [2014/11/11 20:57:32 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)

DRV:64bit: - [2014/11/11 20:57:08 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)

DRV:64bit: - [2014/11/11 20:57:08 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)

DRV:64bit: - [2014/11/11 20:57:08 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)

DRV:64bit: - [2014/11/11 20:56:56 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2014/09/24 17:52:43 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)

DRV:64bit: - [2014/09/24 16:56:15 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)

DRV:64bit: - [2014/09/24 16:56:09 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)

DRV:64bit: - [2014/09/24 16:56:08 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)

DRV:64bit: - [2014/09/24 16:38:59 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)

DRV:64bit: - [2014/09/24 16:38:58 | 000,149,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)

DRV:64bit: - [2014/09/24 16:38:56 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)

DRV:64bit: - [2014/09/24 16:38:56 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)

DRV:64bit: - [2014/09/24 16:29:56 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)

DRV:64bit: - [2014/09/24 16:29:52 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)

DRV:64bit: - [2014/09/24 16:29:38 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)

DRV:64bit: - [2014/09/24 16:29:37 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)

DRV:64bit: - [2014/09/24 16:29:37 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)

DRV:64bit: - [2014/09/24 16:29:37 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)

DRV:64bit: - [2014/09/24 16:29:37 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)

DRV:64bit: - [2014/09/24 16:29:37 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)

DRV:64bit: - [2014/09/24 15:57:21 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)

DRV:64bit: - [2014/07/24 13:32:30 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)

DRV:64bit: - [2014/07/24 13:31:56 | 000,444,720 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)

DRV:64bit: - [2014/07/18 08:10:54 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2014/07/18 08:01:44 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2014/07/18 07:55:28 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2014/07/18 07:52:36 | 000,526,352 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2014/07/18 07:50:18 | 000,313,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2014/07/18 07:49:08 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2014/07/18 07:34:28 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)

DRV:64bit: - [2013/11/04 19:22:32 | 004,195,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2013/11/01 02:22:28 | 000,027,032 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)

DRV:64bit: - [2013/10/17 22:41:31 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)

DRV:64bit: - [2013/10/17 22:41:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)

DRV:64bit: - [2013/10/08 21:12:46 | 003,345,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)

DRV:64bit: - [2013/09/23 12:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)

DRV:64bit: - [2013/08/22 13:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)

DRV:64bit: - [2013/08/22 13:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2013/08/22 12:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)

DRV:64bit: - [2013/08/22 12:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)

DRV:64bit: - [2013/08/22 12:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)

DRV:64bit: - [2013/08/22 12:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)

DRV:64bit: - [2013/08/22 12:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)

DRV:64bit: - [2013/08/22 12:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2013/08/22 12:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2013/08/22 12:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)

DRV:64bit: - [2013/08/22 12:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2013/08/22 12:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)

DRV:64bit: - [2013/08/22 12:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)

DRV:64bit: - [2013/08/22 12:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2013/08/22 12:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2013/08/22 12:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)

DRV:64bit: - [2013/08/22 12:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2013/08/22 12:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)

DRV:64bit: - [2013/08/22 12:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)

DRV:64bit: - [2013/08/22 12:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2013/08/22 12:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)

DRV:64bit: - [2013/08/22 12:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)

DRV:64bit: - [2013/08/22 12:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2013/08/22 12:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)

DRV:64bit: - [2013/08/22 12:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)

DRV:64bit: - [2013/08/22 12:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)

DRV:64bit: - [2013/08/22 12:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)

DRV:64bit: - [2013/08/22 12:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)

DRV:64bit: - [2013/08/22 12:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)

DRV:64bit: - [2013/08/22 11:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)

DRV:64bit: - [2013/08/22 11:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)

DRV:64bit: - [2013/08/22 11:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)

DRV:64bit: - [2013/08/22 11:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)

DRV:64bit: - [2013/08/22 11:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)

DRV:64bit: - [2013/08/22 11:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)

DRV:64bit: - [2013/08/22 11:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)

DRV:64bit: - [2013/08/22 11:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)

DRV:64bit: - [2013/08/22 11:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)

DRV:64bit: - [2013/08/22 11:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)

DRV:64bit: - [2013/08/22 11:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)

DRV:64bit: - [2013/08/22 11:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)

DRV:64bit: - [2013/08/22 11:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)

DRV:64bit: - [2013/08/22 11:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2013/08/22 11:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)

DRV:64bit: - [2013/08/22 11:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/08/22 11:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)

DRV:64bit: - [2013/08/22 11:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2013/08/22 11:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)

DRV:64bit: - [2013/08/22 11:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)

DRV:64bit: - [2013/08/22 11:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)

DRV:64bit: - [2013/08/22 11:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)

DRV:64bit: - [2013/08/22 08:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)

DRV:64bit: - [2013/08/12 23:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)

DRV:64bit: - [2013/08/10 00:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)

DRV:64bit: - [2013/07/30 18:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)

DRV:64bit: - [2013/07/25 19:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)

DRV:64bit: - [2012/11/29 14:27:34 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xHCIPort.sys -- (XHCIPort)

DRV:64bit: - [2012/11/29 14:27:34 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub)

DRV:64bit: - [2012/10/17 22:19:24 | 000,460,600 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/08/01 17:25:02 | 000,072,704 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)

DRV:64bit: - [2012/07/31 11:28:54 | 000,028,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)

DRV:64bit: - [2012/07/31 10:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)

DRV:64bit: - [2012/07/25 15:34:24 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ.SYS -- (TVALZ)

DRV:64bit: - [2012/07/25 00:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (TDCMDPST)

DRV:64bit: - [2012/07/23 20:06:00 | 000,019,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtcrfilt64.sys -- (rtcrfilt64)

DRV:64bit: - [2012/07/21 14:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)

DRV:64bit: - [2012/07/20 16:09:00 | 000,043,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)

DRV:64bit: - [2012/07/02 14:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2012/06/19 14:40:51 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2012/06/18 09:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)

DRV:64bit: - [2012/04/12 16:15:48 | 000,027,336 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)

DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8D93BF93-99DB-4B52-8D9D-56B949A582C2}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{8D93BF93-99DB-4B52-8D9D-56B949A582C2}: "URL" = http://www.bing.com/...E10TR&pc=MATMJS

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B7 C7 84 34 4E 00 D0 01 [binary data]

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02

IE - HKU\S-1-5-21-259797103-883955825-681912466-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/10/24 16:10:13 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - plugin: Error reading preferences file

O1 HOSTS File: ([2014/11/14 20:23:28 | 000,000,768 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)

O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)

O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)

O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)

O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)

O3 - HKU\S-1-5-21-259797103-883955825-681912466-1001\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)

O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe ()

O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()

O4:64bit: - HKLM..\Run: [TOSDCR] C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe ()

O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [ATLauncher] "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1 File not found

O4 - HKLM..\Run: [EE Suzuka ModemListener] C:\Program Files (x86)\Web Connection\L800_EE\BackgroundService\ModemListener.exe ()

O4 - HKLM..\Run: [Intel AppUp® center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)

O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe File not found

O4 - HKU\S-1-5-21-259797103-883955825-681912466-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)

O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)

O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.22.22 192.168.22.23

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C2AC9E7-D96D-4B02-97A6-71572325F3E5}: DhcpNameServer = 192.168.22.22 192.168.22.23

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3741A2C3-CBD3-42AF-BBF4-EF28885F3021}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\osf - No CLSID value found

O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)

O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) - File not found

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{08a11dfa-2130-11e4-be90-606c66ab3ec9}\Shell - "" = AutoRun

O33 - MountPoints2\{08a11dfa-2130-11e4-be90-606c66ab3ec9}\Shell\AutoRun\command - "" = "D:\autorun.exe"

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/11/14 21:01:47 | 000,000,000 | -HSD | C] -- C:\Users\JDH\AppData\Local\EmieUserList

[2014/11/14 21:01:47 | 000,000,000 | -HSD | C] -- C:\Users\JDH\AppData\Local\EmieSiteList

[2014/11/14 21:01:47 | 000,000,000 | -HSD | C] -- C:\Users\JDH\AppData\Local\EmieBrowserModeList

[2014/11/14 20:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit

[2014/11/14 20:16:05 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller

[2014/11/14 19:35:48 | 000,108,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SMR430.SYS

[2014/11/14 19:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

[2014/11/14 19:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2014/11/14 09:31:59 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe

[2014/11/14 09:31:59 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe

[2014/11/11 22:11:52 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Roaming\Identities

[2014/11/11 21:02:54 | 000,000,000 | --SD | C] -- C:\Users\JDH\AppData\Roaming\Microsoft

[2014/11/11 21:02:54 | 000,000,000 | R--D | C] -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

[2014/11/11 21:02:54 | 000,000,000 | R--D | C] -- C:\Users\JDH\Favorites

[2014/11/11 21:02:54 | 000,000,000 | R--D | C] -- C:\Users\JDH\Desktop

[2014/11/11 21:02:54 | 000,000,000 | R--D | C] -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2014/11/11 21:02:54 | 000,000,000 | R--D | C] -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

[2014/11/11 21:02:54 | 000,000,000 | -H-D | C] -- C:\Users\JDH\AppData

[2014/11/11 21:02:54 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Local\Temp

[2014/11/11 21:02:54 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Local\Microsoft

[2014/11/11 21:02:54 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2014/11/11 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics

[2014/11/11 20:59:41 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL

[2014/11/11 20:59:41 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL

[2014/11/11 20:59:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel

[2014/11/11 20:59:41 | 000,000,000 | ---D | C] -- C:\Intel

[2014/11/11 20:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel

[2014/11/11 20:59:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs

[2014/11/11 20:59:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM

[2014/11/11 20:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2014/11/11 20:59:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2014/11/11 20:58:47 | 000,000,000 | -HSD | C] -- C:\Recovery

[2014/11/11 20:58:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther

[2014/11/11 20:58:18 | 000,000,000 | ---D | C] -- C:\Windows.old

[2014/11/11 20:58:07 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll

[2014/11/11 20:58:00 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll

[2014/11/11 20:58:00 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll

[2014/11/11 20:58:00 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll

[2014/11/11 20:58:00 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll

[2014/11/11 20:58:00 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe

[2014/11/11 20:58:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll

[2014/11/11 20:58:00 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll

[2014/11/11 20:57:57 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll

[2014/11/11 20:57:57 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll

[2014/11/11 20:57:36 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll

[2014/11/11 20:57:36 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll

[2014/11/11 20:57:36 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll

[2014/11/11 20:57:36 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll

[2014/11/11 20:57:36 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll

[2014/11/11 20:57:36 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe

[2014/11/11 20:57:32 | 000,238,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys

[2014/11/11 20:57:32 | 000,153,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys

[2014/11/11 20:57:32 | 000,086,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys

[2014/11/11 20:57:32 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys

[2014/11/11 20:57:29 | 000,054,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdusb.dll

[2014/11/11 20:57:22 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll

[2014/11/11 20:57:22 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll

[2014/11/11 20:57:22 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll

[2014/11/11 20:57:08 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll

[2014/11/11 20:57:08 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys

[2014/11/11 20:57:08 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys

[2014/11/11 20:57:08 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys

[2014/11/11 20:57:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll

[2014/11/11 20:57:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll

[2014/11/11 20:56:56 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll

[2014/11/11 20:56:56 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll

[2014/11/11 20:56:56 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll

[2014/11/11 20:56:56 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll

[2014/11/11 20:56:56 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll

[2014/11/11 20:56:56 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll

[2014/11/11 20:56:56 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll

[2014/11/11 20:56:56 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll

[2014/11/11 20:56:56 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll

[2014/11/11 20:56:56 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll

[2014/11/11 20:56:56 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys

[2014/11/11 20:56:32 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll

[2014/11/11 20:56:32 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll

[2014/11/11 20:56:32 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl

[2014/11/11 20:56:32 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl

[2014/11/11 20:56:32 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll

[2014/11/11 20:56:32 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll

[2014/11/11 20:56:32 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll

[2014/11/11 20:56:32 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll

[2014/11/11 20:56:32 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe

[2014/11/11 20:56:32 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll

[2014/11/11 20:56:32 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll

[2014/11/11 20:56:32 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll

[2014/11/11 20:56:32 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll

[2014/11/11 20:56:32 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll

[2014/11/11 20:56:32 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll

[2014/11/11 20:56:32 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll

[2014/11/11 20:56:32 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec

[2014/11/11 20:56:32 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec

[2014/11/11 20:56:32 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll

[2014/11/11 20:56:32 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll

[2014/11/11 20:56:32 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll

[2014/11/11 20:56:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll

[2014/11/11 20:56:32 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll

[2014/11/11 20:56:32 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe

[2014/11/11 20:56:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll

[2014/11/11 20:56:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe

[2014/11/11 20:56:32 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll

[2014/11/11 20:56:32 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe

[2014/11/11 20:56:32 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe

[2014/11/11 20:56:32 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe

[2014/11/11 20:56:32 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll

[2014/11/11 20:56:32 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll

[2014/11/11 20:56:32 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll

[2014/11/11 20:56:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe

[2014/11/11 20:56:32 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe

[2014/11/11 20:56:32 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll

[2014/11/11 20:56:32 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll

[2014/11/11 20:56:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll

[2014/11/11 20:56:32 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll

[2014/11/11 20:56:32 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll

[2014/11/11 20:56:32 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll

[2014/11/11 20:56:32 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll

[2014/11/11 20:56:32 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll

[2014/11/11 20:56:32 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx

[2014/11/11 20:56:32 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll

[2014/11/11 20:56:32 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll

[2014/11/11 20:56:32 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx

[2014/11/11 20:56:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll

[2014/11/11 20:56:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll

[2014/11/11 20:56:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll

[2014/11/11 20:56:32 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll

[2014/11/11 20:56:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll

[2014/11/11 20:56:32 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll

[2014/11/11 20:56:32 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll

[2014/11/11 20:56:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll

[2014/11/11 20:56:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll

[2014/11/11 20:56:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll

[2014/11/11 20:56:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll

[2014/11/11 20:56:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll

[2014/11/11 20:56:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll

[2014/11/11 20:56:32 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe

[2014/11/11 20:56:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe

[2014/11/11 20:56:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe

[2014/11/11 20:55:00 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll

[2014/11/11 20:55:00 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll

[2014/11/11 20:55:00 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe

[2014/11/11 20:55:00 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll

[2014/11/11 20:55:00 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll

[2014/11/11 20:55:00 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll

[2014/11/11 20:55:00 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll

[2014/11/11 20:55:00 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll

[2014/11/11 20:55:00 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll

[2014/11/11 20:55:00 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll

[2014/11/11 20:55:00 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll

[2014/11/11 20:55:00 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll

[2014/11/11 20:55:00 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll

[2014/11/11 20:55:00 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll

[2014/11/11 20:55:00 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll

[2014/11/11 20:55:00 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys

[2014/11/11 20:55:00 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll

[2014/11/11 20:55:00 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS

[2014/11/11 20:55:00 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll

[2014/11/11 20:55:00 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll

[2014/11/11 20:55:00 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll

[2014/11/11 20:55:00 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll

[2014/11/11 20:55:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe

[2014/11/11 20:54:26 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll

[2014/11/11 20:54:26 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll

[2014/11/11 20:54:20 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll

[2014/11/11 20:54:20 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll

[2014/11/11 20:54:20 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll

[2014/11/11 20:54:20 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll

[2014/11/11 20:54:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll

[2014/11/11 20:54:20 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll

[2014/11/11 20:54:20 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll

[2014/11/11 20:54:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll

[2014/11/11 20:54:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll

[2014/11/11 20:54:20 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe

[2014/11/11 20:54:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll

[2014/11/11 20:54:20 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe

[2014/11/11 20:54:20 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe

[2014/11/11 20:54:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll

[2014/11/11 20:54:20 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll

[2014/11/11 20:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies

[2014/11/11 20:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild

[2014/11/11 20:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2014/11/11 20:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild

[2014/11/11 20:52:52 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll

[2014/11/11 20:52:52 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll

[2014/11/11 20:52:51 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll

[2014/11/11 20:52:51 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll

[2014/11/09 00:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro

[2014/11/09 00:26:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2014/11/08 22:05:24 | 000,000,000 | ---D | C] -- C:\NPE

[2014/11/08 22:03:52 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Local\NPE

[2014/11/08 22:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2014/11/08 21:39:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014/11/08 19:31:07 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Roaming\Millisecond Software

[2014/11/07 20:24:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\AutoUpdateLicense

[2014/10/31 15:25:32 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Roaming\WinRAR

[2014/10/31 15:24:11 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014/10/31 15:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014/10/31 15:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2014/10/27 21:45:38 | 000,000,000 | ---D | C] -- C:\Users\JDH\AppData\Local\Diagnostics

[2014/10/25 22:06:55 | 000,000,000 | ---D | C] -- C:\Users\JDH\Documents\eBook Converter

[2014/10/25 22:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\eBook Converter

[2014/10/25 22:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eBookConverter

[2014/10/24 16:09:52 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\SysNative\drivers\HipShieldK.sys

[2014/10/24 16:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2014/10/23 19:59:38 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll

[2 C:\Users\JDH\Desktop\*.tmp files -> C:\Users\JDH\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/11/15 15:41:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2014/11/15 14:43:26 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2014/11/14 21:16:39 | 000,000,004 | ---- | M] () -- C:\Users\JDH\AppData\Roaming\appdataFr2.bin

[2014/11/14 20:45:23 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys

[2014/11/14 20:16:07 | 000,034,808 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys

[2014/11/14 19:44:13 | 000,000,020 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SMR430.dat

[2014/11/14 19:43:53 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI

[2014/11/14 19:43:53 | 000,735,932 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat

[2014/11/14 19:43:53 | 000,139,816 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat

[2014/11/14 19:41:16 | 000,108,216 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SMR430.SYS

[2014/11/14 19:38:04 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/11/14 19:37:51 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2014/11/14 19:36:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2014/11/14 19:36:41 | 3347,177,472 | -HS- | M] () -- C:\hiberfil.sys

[2014/11/14 19:29:25 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk

[2014/11/11 21:15:04 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagwrn.xml

[2014/11/11 21:15:04 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagerr.xml

[2014/11/11 21:14:39 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat

[2014/11/11 21:06:06 | 000,371,720 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2014/11/11 20:59:51 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsServiceDriver_01_11_00.Wdf

[2014/11/11 20:59:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsHIDClassDriver_01_11_00.Wdf

[2014/11/11 20:59:47 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job

[2014/11/11 20:59:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf

[2014/11/11 20:59:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_silabser_01009.Wdf

[2014/11/11 20:58:07 | 000,789,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll

[2014/11/11 20:58:00 | 000,500,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll

[2014/11/11 20:58:00 | 000,482,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll

[2014/11/11 20:58:00 | 000,394,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll

[2014/11/11 20:58:00 | 000,344,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll

[2014/11/11 20:58:00 | 000,272,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe

[2014/11/11 20:58:00 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll

[2014/11/11 20:58:00 | 000,108,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll

[2014/11/11 20:57:57 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll

[2014/11/11 20:57:57 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll

[2014/11/11 20:57:36 | 003,320,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll

[2014/11/11 20:57:36 | 002,773,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll

[2014/11/11 20:57:36 | 002,459,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll

[2014/11/11 20:57:36 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll

[2014/11/11 20:57:36 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll

[2014/11/11 20:57:36 | 000,116,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe

[2014/11/11 20:57:32 | 000,238,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys

[2014/11/11 20:57:32 | 000,153,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys

[2014/11/11 20:57:32 | 000,086,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys

[2014/11/11 20:57:32 | 000,039,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys

[2014/11/11 20:57:29 | 000,054,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdusb.dll

[2014/11/11 20:57:22 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll

[2014/11/11 20:57:22 | 000,104,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll

[2014/11/11 20:57:22 | 000,088,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll

[2014/11/11 20:57:08 | 001,519,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll

[2014/11/11 20:57:08 | 000,258,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys

[2014/11/11 20:57:08 | 000,114,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys

[2014/11/11 20:57:08 | 000,035,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys

[2014/11/11 20:57:08 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll

[2014/11/11 20:57:08 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll

[2014/11/11 20:56:56 | 003,547,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll

[2014/11/11 20:56:56 | 001,441,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll

[2014/11/11 20:56:56 | 000,736,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll

[2014/11/11 20:56:56 | 000,736,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll

[2014/11/11 20:56:56 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll

[2014/11/11 20:56:56 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll

[2014/11/11 20:56:56 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll

[2014/11/11 20:56:56 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll

[2014/11/11 20:56:56 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll

[2014/11/11 20:56:56 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll

[2014/11/11 20:56:56 | 000,027,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys

[2014/11/11 20:56:32 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll

[2014/11/11 20:56:32 | 002,865,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll

[2014/11/11 20:56:32 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl

[2014/11/11 20:56:32 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl

[2014/11/11 20:56:32 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll

[2014/11/11 20:56:32 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll

[2014/11/11 20:56:32 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll

[2014/11/11 20:56:32 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll

[2014/11/11 20:56:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe

[2014/11/11 20:56:32 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll

[2014/11/11 20:56:32 | 000,661,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll

[2014/11/11 20:56:32 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll

[2014/11/11 20:56:32 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll

[2014/11/11 20:56:32 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll

[2014/11/11 20:56:32 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll

[2014/11/11 20:56:32 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll

[2014/11/11 20:56:32 | 000,417,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec

[2014/11/11 20:56:32 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec

[2014/11/11 20:56:32 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll

[2014/11/11 20:56:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll

[2014/11/11 20:56:32 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll

[2014/11/11 20:56:32 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll

[2014/11/11 20:56:32 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll

[2014/11/11 20:56:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe

[2014/11/11 20:56:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll

[2014/11/11 20:56:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe

[2014/11/11 20:56:32 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll

[2014/11/11 20:56:32 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe

[2014/11/11 20:56:32 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe

[2014/11/11 20:56:32 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe

[2014/11/11 20:56:32 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll

[2014/11/11 20:56:32 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll

[2014/11/11 20:56:32 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll

[2014/11/11 20:56:32 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe

[2014/11/11 20:56:32 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe

[2014/11/11 20:56:32 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll

[2014/11/11 20:56:32 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll

[2014/11/11 20:56:32 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll

[2014/11/11 20:56:32 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll

[2014/11/11 20:56:32 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll

[2014/11/11 20:56:32 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll

[2014/11/11 20:56:32 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll

[2014/11/11 20:56:32 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll

[2014/11/11 20:56:32 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx

[2014/11/11 20:56:32 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll

[2014/11/11 20:56:32 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll

[2014/11/11 20:56:32 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx

[2014/11/11 20:56:32 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll

[2014/11/11 20:56:32 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll

[2014/11/11 20:56:32 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll

[2014/11/11 20:56:32 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll

[2014/11/11 20:56:32 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll

[2014/11/11 20:56:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll

[2014/11/11 20:56:32 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll

[2014/11/11 20:56:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll

[2014/11/11 20:56:32 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll

[2014/11/11 20:56:32 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll

[2014/11/11 20:56:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll

[2014/11/11 20:56:32 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll

[2014/11/11 20:56:32 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll

[2014/11/11 20:56:32 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe

[2014/11/11 20:56:32 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe

[2014/11/11 20:56:32 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe

[2014/11/11 20:55:00 | 013,424,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll

[2014/11/11 20:55:00 | 011,820,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll

[2014/11/11 20:55:00 | 007,484,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe

[2014/11/11 20:55:00 | 002,714,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll

[2014/11/11 20:55:00 | 001,053,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll

[2014/11/11 20:55:00 | 000,941,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll

[2014/11/11 20:55:00 | 000,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll

[2014/11/11 20:55:00 | 000,836,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll

[2014/11/11 20:55:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll

[2014/11/11 20:55:00 | 000,799,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll

[2014/11/11 20:55:00 | 000,670,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll

[2014/11/11 20:55:00 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll

[2014/11/11 20:55:00 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll

[2014/11/11 20:55:00 | 000,545,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll

[2014/11/11 20:55:00 | 000,485,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll

[2014/11/11 20:55:00 | 000,474,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys

[2014/11/11 20:55:00 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll

[2014/11/11 20:55:00 | 000,428,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS

[2014/11/11 20:55:00 | 000,389,176 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[2014/11/11 20:55:00 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll

[2014/11/11 20:55:00 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll

[2014/11/11 20:55:00 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll

[2014/11/11 20:55:00 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll

[2014/11/11 20:55:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe

[2014/11/11 20:54:26 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll

[2014/11/11 20:54:26 | 000,514,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll

[2014/11/11 20:54:20 | 001,714,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll

[2014/11/11 20:54:20 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll

[2014/11/11 20:54:20 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll

[2014/11/11 20:54:20 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll

[2014/11/11 20:54:20 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll

[2014/11/11 20:54:20 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll

[2014/11/11 20:54:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll

[2014/11/11 20:54:20 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll

[2014/11/11 20:54:20 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll

[2014/11/11 20:54:20 | 000,055,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe

[2014/11/11 20:54:20 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll

[2014/11/11 20:54:20 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe

[2014/11/11 20:54:20 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe

[2014/11/11 20:54:20 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll

[2014/11/11 20:54:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll

[2014/11/10 18:27:42 | 000,001,049 | -HS- | M] () -- C:\WINDOWS\SysWow64\mmf.sys

[2014/11/09 00:31:20 | 000,000,684 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader

[2014/11/08 22:16:09 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014/10/31 15:28:48 | 000,794,873 | ---- | M] () -- C:\Users\JDH\Desktop\Edex spec AS.pdf

[2014/10/31 15:28:24 | 001,457,494 | ---- | M] () -- C:\Users\JDH\Desktop\Edex spec AL.pdf

[2014/10/31 15:27:56 | 002,232,412 | ---- | M] () -- C:\Users\JDH\Desktop\Edex sample assess AS.pdf

[2014/10/31 15:27:27 | 004,661,690 | ---- | M] () -- C:\Users\JDH\Desktop\Edex sample assess.pdf

[2014/10/30 00:55:02 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

[2014/10/30 00:55:02 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

[2014/10/27 23:31:41 | 000,199,538 | ---- | M] () -- C:\Users\JDH\Desktop\Hill article - TP (final version).pdf

[2014/10/25 16:36:13 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cff071ca9e1b7a.job

[2014/10/24 17:54:31 | 000,431,766 | ---- | M] () -- C:\Users\JDH\Desktop\Bartch_Michael_Thesis.pdf

[2014/10/24 16:02:25 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk

[2014/10/23 22:09:14 | 001,645,632 | ---- | M] () -- C:\Users\JDH\Desktop\bloom on hill.pdf

[2014/10/23 22:07:35 | 002,470,150 | ---- | M] () -- C:\Users\JDH\Desktop\silkin on hill.pdf

[2014/10/22 15:56:09 | 000,132,375 | ---- | M] () -- C:\Users\JDH\Desktop\158111-november-2012-question-paper-31.pdf

[2014/10/22 15:44:42 | 000,179,279 | ---- | M] () -- C:\Users\JDH\Desktop\158247-november-2012-question-paper-3.pdf

[2014/10/22 03:34:05 | 000,010,777 | ---- | M] () -- C:\WINDOWS\SysNative\AutoconfigV2.cab

[2014/10/22 03:33:33 | 000,581,016 | ---- | M] () -- C:\WINDOWS\SysNative\AutoUpdate.exe

[2 C:\Users\JDH\Desktop\*.tmp files -> C:\Users\JDH\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/11/14 20:16:07 | 000,034,808 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys

[2014/11/14 19:41:16 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SMR430.dat

[2014/11/14 19:29:25 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk

[2014/11/11 22:11:53 | 000,001,449 | ---- | C] () -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2014/11/11 21:14:39 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat

[2014/11/11 21:05:31 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

[2014/11/11 21:02:54 | 000,000,369 | ---- | C] () -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

[2014/11/11 21:02:54 | 000,000,369 | ---- | C] () -- C:\Users\JDH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

[2014/11/11 21:02:48 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagwrn.xml

[2014/11/11 21:02:48 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagerr.xml

[2014/11/11 20:59:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsServiceDriver_01_11_00.Wdf

[2014/11/11 20:59:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsHIDClassDriver_01_11_00.Wdf

[2014/11/11 20:59:47 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job

[2014/11/11 20:59:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf

[2014/11/11 20:59:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_silabser_01009.Wdf

[2014/11/11 20:55:00 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[2014/11/09 00:31:20 | 000,000,684 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader

[2014/11/09 00:02:47 | 000,000,004 | ---- | C] () -- C:\Users\JDH\AppData\Roaming\appdataFr2.bin

[2014/10/31 15:28:47 | 000,794,873 | ---- | C] () -- C:\Users\JDH\Desktop\Edex spec AS.pdf

[2014/10/31 15:28:23 | 001,457,494 | ---- | C] () -- C:\Users\JDH\Desktop\Edex spec AL.pdf

[2014/10/31 15:27:55 | 002,232,412 | ---- | C] () -- C:\Users\JDH\Desktop\Edex sample assess AS.pdf

[2014/10/31 15:27:26 | 004,661,690 | ---- | C] () -- C:\Users\JDH\Desktop\Edex sample assess.pdf

[2014/10/28 21:29:50 | 000,581,016 | ---- | C] () -- C:\WINDOWS\SysNative\AutoUpdate.exe

[2014/10/28 21:29:50 | 000,010,777 | ---- | C] () -- C:\WINDOWS\SysNative\AutoconfigV2.cab

[2014/10/27 23:31:40 | 000,199,538 | ---- | C] () -- C:\Users\JDH\Desktop\Hill article - TP (final version).pdf

[2014/10/25 16:36:13 | 000,000,918 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cff071ca9e1b7a.job

[2014/10/24 17:54:30 | 000,431,766 | ---- | C] () -- C:\Users\JDH\Desktop\Bartch_Michael_Thesis.pdf

[2014/10/23 22:09:14 | 001,645,632 | ---- | C] () -- C:\Users\JDH\Desktop\bloom on hill.pdf

[2014/10/23 22:07:34 | 002,470,150 | ---- | C] () -- C:\Users\JDH\Desktop\silkin on hill.pdf

[2014/10/22 15:56:09 | 000,132,375 | ---- | C] () -- C:\Users\JDH\Desktop\158111-november-2012-question-paper-31.pdf

[2014/10/22 15:44:41 | 000,179,279 | ---- | C] () -- C:\Users\JDH\Desktop\158247-november-2012-question-paper-3.pdf

[2014/09/24 16:30:09 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini

[2014/09/24 16:29:39 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll

[2014/07/04 16:45:02 | 000,001,049 | -HS- | C] () -- C:\WINDOWS\SysWow64\mmf.sys

[2014/07/04 16:45:01 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll

[2014/07/04 16:45:01 | 000,002,560 | ---- | C] () -- C:\WINDOWS\Runservice.exe

[2013/11/04 19:22:32 | 000,317,440 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll

[2013/11/04 19:22:28 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll

[2013/11/04 19:22:28 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll

[2013/08/22 15:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat

[2013/08/22 15:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT

[2013/08/22 14:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2013/08/22 07:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll

[2013/08/21 23:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll

[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2014/11/11 20:55:00 | 021,197,152 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/11/11 20:55:00 | 018,723,112 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 09:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 09:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 1536 bytes -> C:\Users\JDH\Documents\desktop.ini:gs5sys

< End of report >

Extra: