Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Nasty Stuff [Closed]


  • This topic is locked This topic is locked

#1
wraithdude

wraithdude

    New Member

  • Member
  • Pip
  • 1 posts
Howdy,
 
I'm new to the forum, following a link from Iamnotageek. I have used hijackthis for many years and now have a problem. I was dumb enough not to scan a downloaded file before double clicking. It installed the FRGSmartbar and all the ensuing nastiness that came along with it. I've run full scans using Malwarebytes, Spybot and Windows Defender all in safe mode. While they each caught items, the files came back upon restart. I'm hoping that y'all might be able to help me find where I'm missing.
 
OTL logfile created on: 11/23/2014 11:07:01 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\disno_000\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
31.95 Gb Total Physical Memory | 28.36 Gb Available Physical Memory | 88.74% Memory free
36.70 Gb Paging File | 32.59 Gb Available in Paging File | 88.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.56 Gb Total Space | 39.75 Gb Free Space | 26.58% Space Free | Partition Type: NTFS
Drive D: | 2626.36 Gb Total Space | 2245.82 Gb Free Space | 85.51% Space Free | Partition Type: NTFS
Drive F: | 17.00 Gb Total Space | 16.82 Gb Free Space | 98.96% Space Free | Partition Type: NTFS
Drive G: | 3725.99 Gb Total Space | 3467.21 Gb Free Space | 93.05% Space Free | Partition Type: NTFS
Drive H: | 1397.26 Gb Total Space | 1029.27 Gb Free Space | 73.66% Space Free | Partition Type: NTFS
Drive I: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 1862.36 Gb Total Space | 1797.06 Gb Free Space | 96.49% Space Free | Partition Type: NTFS
Drive K: | 3725.99 Gb Total Space | 2911.97 Gb Free Space | 78.15% Space Free | Partition Type: NTFS
 
Computer Name: NIGEL | User Name: disno_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/23 11:06:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\disno_000\Desktop\OTL.exe
PRC - [2014/11/23 00:10:46 | 000,045,625 | ---- | M] () -- C:\Users\disno_000\AppData\Local\yuntnani\vchk.exe
PRC - [2014/11/16 14:07:26 | 000,066,568 | ---- | M] () -- C:\a\wcheckf.exe
PRC - [2014/11/16 14:05:46 | 000,419,460 | ---- | M] () -- C:\a\getcap.exe
PRC - [2014/11/16 13:55:22 | 000,053,938 | ---- | M] () -- C:\a\winonit.exe
PRC - [2014/11/14 15:35:50 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2014/11/13 23:41:43 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
PRC - [2014/11/09 15:33:02 | 000,054,806 | ---- | M] () -- C:\a\wincheckfe.exe
PRC - [2014/10/29 20:02:02 | 000,056,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\39.0.2171.46\remoting_host.exe
PRC - [2014/10/21 20:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/10/16 08:54:03 | 002,462,536 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/10/16 08:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/10/16 04:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/10/10 16:58:00 | 000,319,488 | ---- | M] (PFU LIMITED) -- K:\Program Files (x86)\PFU\ScanSnap\Update\ScanSnapUpdater.exe
PRC - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/12 10:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/09/12 10:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/09/12 10:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014/09/04 04:50:26 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/09/01 15:52:24 | 004,161,536 | ---- | M] (PFU LIMITED) -- K:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
PRC - [2014/07/22 14:15:46 | 005,562,736 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2014/06/02 09:36:12 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2014/05/08 20:58:08 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2014/04/13 10:18:42 | 000,045,568 | ---- | M] (PFU LIMITED) -- K:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe
PRC - [2013/10/15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/09/20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/09/13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/07/10 14:23:10 | 001,694,080 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2012/11/19 16:28:48 | 000,196,992 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
PRC - [2012/08/13 09:33:46 | 000,547,984 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
PRC - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/07/12 21:12:14 | 000,634,880 | ---- | M] (PFU LIMITED) -- K:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/01 01:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 01:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/05 12:25:34 | 000,067,464 | ---- | M] (PFU LIMITED) -- K:\Program Files (x86)\PFU\Raku2Smart\RKiwrtKS.exe
PRC - [2012/03/28 11:11:36 | 000,653,952 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Smart Cooling\AsSmartCoolingService.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/16 22:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2011/05/24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010/10/01 08:59:28 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010/08/23 08:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/12 12:40:36 | 000,339,968 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
PRC - [2006/09/19 12:26:20 | 000,200,704 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\LANServer.exe
PRC - [2004/12/13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2002/01/14 19:16:36 | 000,368,640 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\MsgRpr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/23 11:02:46 | 000,011,264 | ---- | M] () -- C:\Users\DISNO_~1\AppData\Local\Temp\nszF3DA.tmp\System.dll
MOD - [2014/11/23 11:02:46 | 000,006,656 | ---- | M] () -- C:\Users\DISNO_~1\AppData\Local\Temp\nszF3DA.tmp\nsExec.dll
MOD - [2014/11/23 00:10:48 | 000,011,264 | ---- | M] () -- C:\Users\DISNO_~1\AppData\Local\Temp\nsnF2A.tmp\System.dll
MOD - [2014/11/23 00:10:46 | 000,045,625 | ---- | M] () -- C:\Users\disno_000\AppData\Local\yuntnani\vchk.exe
MOD - [2014/11/23 00:10:42 | 000,011,264 | ---- | M] () -- C:\Users\DISNO_~1\AppData\Local\Temp\nsdF7F8.tmp\System.dll
MOD - [2014/11/23 00:10:39 | 000,011,264 | ---- | M] () -- C:\Users\DISNO_~1\AppData\Local\Temp\nsjEBB4.tmp\System.dll
MOD - [2014/11/23 00:10:37 | 000,011,264 | ---- | M] () -- C:\Users\DISNO_~1\AppData\Local\Temp\nsaE3A5.tmp\System.dll
MOD - [2014/11/18 23:26:48 | 000,786,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll
MOD - [2014/11/18 23:26:48 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll
MOD - [2014/11/18 23:17:49 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2014/11/18 23:17:07 | 002,803,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll
MOD - [2014/11/18 23:16:50 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll
MOD - [2014/11/18 23:16:05 | 010,030,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2014/11/16 14:07:26 | 000,066,568 | ---- | M] () -- C:\a\wcheckf.exe
MOD - [2014/11/16 14:05:46 | 000,419,460 | ---- | M] () -- C:\a\getcap.exe
MOD - [2014/11/16 13:55:22 | 000,053,938 | ---- | M] () -- C:\a\winonit.exe
MOD - [2014/11/09 15:33:02 | 000,054,806 | ---- | M] () -- C:\a\wincheckfe.exe
MOD - [2014/10/21 20:05:00 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
MOD - [2014/10/21 20:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/21 20:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014/10/21 20:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014/10/21 20:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014/08/22 14:28:22 | 000,434,176 | ---- | M] () -- K:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
MOD - [2014/08/22 14:28:16 | 000,241,664 | ---- | M] () -- K:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
MOD - [2014/03/19 09:19:50 | 001,884,160 | ---- | M] () -- K:\Program Files (x86)\PFU\ScanSnap\Driver\bookbound.dll
MOD - [2014/03/18 02:13:46 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/03/12 09:43:02 | 000,888,832 | ---- | M] () -- K:\Program Files (x86)\PFU\ScanSnap\Driver\P2IDIGCROP.dll
MOD - [2012/02/23 10:56:12 | 000,663,552 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Smart Cooling\aaHMLib.dll
MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- K:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
MOD - [2007/01/12 12:40:36 | 000,339,968 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
MOD - [2006/09/19 12:26:20 | 000,200,704 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\LANServer.exe
MOD - [2003/04/17 16:22:34 | 000,049,152 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\Scanners\Mphase32.dll
MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- K:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll
MOD - [2002/01/14 19:16:36 | 000,368,640 | ---- | M] () -- D:\Program Files (x86)\Microtek\ScanWizard 5\MsgRpr.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service -- (SMUpd)
SRV:64bit: - [2014/10/30 20:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/16 08:54:03 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/10/16 08:54:03 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/10/06 17:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/21 19:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/21 19:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/15 19:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 16:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 16:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/23 23:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/05/13 22:17:49 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/05/13 22:17:49 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/05/13 22:15:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/18 02:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 02:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 02:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 02:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 02:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 02:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 03:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 03:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 03:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 03:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 03:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 02:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 02:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 01:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 01:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 01:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 01:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 01:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 01:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 01:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 01:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/06/13 11:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013/04/08 15:37:56 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/11/14 15:35:50 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2014/11/11 11:39:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/10 19:45:39 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/29 20:02:02 | 000,056,648 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\39.0.2171.46\remoting_host.exe -- (chromoting)
SRV - [2014/10/16 08:54:03 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/10/16 04:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/12 10:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/09/04 04:50:26 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/15 19:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/06/02 09:36:12 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2014/05/13 22:15:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/05/08 20:58:08 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/08/21 19:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 18:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/02/01 18:44:48 | 000,247,768 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/01 01:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 01:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/02/16 22:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/05/24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011/04/26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2004/12/13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/11/23 00:10:22 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/10/16 08:54:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/10/16 08:54:03 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/10/16 08:54:03 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/10/09 17:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/01 11:11:30 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/09/21 19:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/21 19:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/21 18:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/14 16:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 07:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 07:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 03:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/13 22:17:50 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/05/13 22:17:49 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/05/13 22:17:49 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/05/01 05:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/18 02:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 02:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 02:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 02:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 02:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 02:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 02:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 02:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 02:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 02:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 02:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 01:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/09/23 14:04:04 | 000,792,648 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\au630x64.sys -- (AU8168)
DRV:64bit: - [2013/08/22 05:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 05:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 04:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 04:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 04:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 04:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 04:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 04:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 04:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 04:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 04:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 04:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 04:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 04:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 04:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 04:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 04:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 04:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 04:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 04:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 04:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 04:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 04:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 04:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 04:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 04:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 04:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 04:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 04:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 03:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 03:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 03:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 03:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 03:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 03:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 03:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 03:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 03:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 03:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 03:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 03:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 03:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 03:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 03:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 03:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 03:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 03:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 03:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 03:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 03:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 03:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 03:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 00:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 15:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 16:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 10:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 11:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/05/22 22:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013/05/22 22:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/05/22 22:12:48 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/22 22:12:48 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2012/09/01 02:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/22 02:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012/06/20 00:00:00 | 000,028,304 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2012/06/20 00:00:00 | 000,027,792 | ---- | M] (Corel Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2012/06/20 00:00:00 | 000,020,112 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/01/11 12:04:04 | 000,021,792 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iviaspi.sys -- (Iviaspi)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2004/12/23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Module"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:6.7.1
FF - prefs.js..extensions.enabledAddons: %7B1e715f94-bfef-4a8f-9d4b-77c513b6031f%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: d:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/12/28 22:18:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/10/03 10:37:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014/01/06 18:16:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2013/12/27 19:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\disno_000\AppData\Roaming\mozilla\Extensions
[2014/11/22 11:36:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\disno_000\AppData\Roaming\mozilla\Firefox\Profiles\mehrolkw.default\extensions
[2014/11/22 11:36:05 | 000,000,000 | ---D | M] ("FRGSmartbar ") -- C:\Users\disno_000\AppData\Roaming\mozilla\Firefox\Profiles\mehrolkw.default\extensions\{1e715f94-bfef-4a8f-9d4b-77c513b6031f}
[2014/11/22 11:36:05 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Users\disno_000\AppData\Roaming\mozilla\Firefox\Profiles\mehrolkw.default\extensions\[email protected]
[2014/11/10 19:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/11/10 19:45:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = http://api.searchpre...={searchTerms},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.65.62_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\39.0.2171.46_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcemheplgccbimaplmppfdofjghnpmmn\1_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\disno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/11/22 00:11:00 | 000,450,895 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 www.twistingpixels.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15475 more lines...
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files (x86)\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files (x86)\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [autoauto] C:\WINDOWS\SysWow64\85091840.bat ()
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [cutoauto] C:\a\wincheckfe.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [interpee] C:\a\internetport3.exe ()
O4 - HKLM..\Run: [LANServer] d:\Program Files (x86)\Microtek\ScanWizard 5\LANServer.exe ()
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RkiwrtkS] K:\Program Files (x86)\PFU\Raku2Smart\RKiwrtKS.exe (PFU LIMITED)
O4 - HKLM..\Run: [ScanSnap OnlineUpdate Watcher] K:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe (PFU LIMITED)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [dutoauto] C:\a\wincheckfe.exe ()
O4 - HKCU..\Run: [interpee] C:\a\internetport3.exe ()
O4 - HKCU..\Run: [rutoauto] C:\WINDOWS\SysWow64\85091840.bat ()
O4 - HKCU..\RunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - Startup: C:\Users\disno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Win_update.lnk = C:\Users\disno_000\AppData\Local\Win_update\Win_update.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A874FF9-9211-4209-B4E7-B5546099EA2D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/14 10:04:40 | 000,000,067 | ---- | M] () - H:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 13:12:18 | 000,000,088 | ---- | M] () - I:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{43cb05e0-76b2-11e3-be75-60a44c2326f4}\Shell - "" = AutoRun
O33 - MountPoints2\{43cb05e0-76b2-11e3-be75-60a44c2326f4}\Shell\AutoRun\command - "" = "L:\LaunchU3.exe" 
O33 - MountPoints2\{58b39f33-6f9c-11e3-be71-60a44c2326f4}\Shell - "" = AutoRun
O33 - MountPoints2\{58b39f33-6f9c-11e3-be71-60a44c2326f4}\Shell\AutoRun\command - "" = "M:\VZW_Software_upgrade_assistant.exe" 
O33 - MountPoints2\{68d20f2f-866e-11e3-be79-60a44c2326f4}\Shell - "" = AutoRun
O33 - MountPoints2\{68d20f2f-866e-11e3-be79-60a44c2326f4}\Shell\AutoRun\command - "" = "L:\VZW_Software_upgrade_assistant_installer.exe" 
O33 - MountPoints2\{ae60ef65-652c-11e4-beb5-60a44c2326f4}\Shell - "" = AutoRun
O33 - MountPoints2\{ae60ef65-652c-11e4-beb5-60a44c2326f4}\Shell\AutoRun\command - "" = "M:\VZW_Software_upgrade_assistant.exe" 
O33 - MountPoints2\{c9dd6814-6f70-11e3-be6e-60a44c2326f4}\Shell - "" = AutoRun
O33 - MountPoints2\{c9dd6814-6f70-11e3-be6e-60a44c2326f4}\Shell\AutoRun\command - "" = I:\WD SmartWare.exe -- [2009/08/17 09:53:00 | 002,770,432 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/23 11:06:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\disno_000\Desktop\OTL.exe
[2014/11/22 23:55:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\disno_000\Desktop\HijackThis.exe
[2014/11/22 12:03:40 | 000,000,000 | ---D | C] -- C:\Users\disno_000\Desktop\Best of the 80's
[2014/11/22 00:09:08 | 000,000,000 | -HSD | C] -- C:\Users\disno_000\AppData\Local\EmieBrowserModeList
[2014/11/22 00:01:14 | 000,000,000 | ---D | C] -- C:\Users\disno_000\AppData\Local\Win_update
[2014/11/22 00:00:22 | 000,000,000 | ---D | C] -- C:\Users\disno_000\AppData\Local\yuntnani
[2014/11/22 00:00:04 | 000,000,000 | ---D | C] -- C:\a
[2014/11/21 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\disno_000\AppData\Roaming\OAS
[2014/11/19 11:09:12 | 000,167,936 | ---- | C] (Panopticum,LLC. Maxim Chernousov, [email protected], [email protected]) -- C:\WINDOWS\SysWow64\Engine3D.dll
[2014/11/19 11:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlphaPlugins
[2014/11/18 21:08:08 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/11/18 21:08:07 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/11/18 21:08:07 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/11/18 21:08:07 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/11/18 21:08:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2014/11/18 21:08:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2014/11/18 21:08:02 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/11/18 21:08:02 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/11/18 21:08:02 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/11/18 21:08:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/11/18 21:08:01 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/11/18 21:08:01 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/11/18 21:06:41 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/11/18 21:06:41 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/11/18 21:06:41 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/11/18 21:06:41 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/11/18 21:06:41 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014/11/18 21:06:41 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014/11/18 21:06:41 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2014/11/18 21:06:41 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2014/11/18 21:06:41 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2014/11/18 21:06:40 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2014/11/18 21:06:40 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/11/18 21:06:01 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/11/18 21:06:01 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/11/18 21:06:01 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/11/18 21:06:01 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/11/18 21:06:01 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/11/18 21:06:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/11/18 21:06:01 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/11/18 21:06:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/11/18 21:06:01 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/11/18 21:06:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/11/18 21:06:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/11/18 21:06:00 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/11/18 21:06:00 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/11/18 21:06:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/11/18 21:06:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2014/11/18 21:05:51 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/11/18 21:05:48 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/11/18 21:05:48 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/11/18 21:05:48 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/11/18 21:05:48 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/11/18 21:05:46 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/11/18 21:05:46 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/11/18 21:05:46 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/11/18 21:05:46 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/11/18 21:05:45 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/11/18 21:05:45 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/11/18 21:05:45 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2014/11/18 21:05:45 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/11/18 21:05:44 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/11/18 21:05:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/11/18 21:05:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/11/18 21:05:44 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2014/11/18 21:05:43 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/11/18 21:05:43 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2014/11/18 21:05:43 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/11/18 21:05:43 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2014/11/18 21:05:42 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014/11/18 21:05:42 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/11/18 21:05:42 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/11/18 21:05:33 | 000,000,000 | ---D | C] -- C:\Users\disno_000\AppData\Roaming\vlc
[2014/11/18 21:05:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014/11/18 21:05:08 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/11/18 21:05:08 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/11/18 21:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap Organizer
[2014/11/18 21:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/11/18 21:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/11/18 21:02:29 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/11/18 21:02:28 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/11/18 21:02:15 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/11/18 21:01:16 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/11/18 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2014/11/18 21:01:03 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/11/18 21:01:01 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/11/18 21:01:01 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/11/18 21:01:00 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/11/18 21:00:59 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014/11/18 21:00:56 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/11/18 21:00:56 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/11/18 21:00:55 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/11/18 21:00:55 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014/11/18 21:00:54 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/11/18 21:00:52 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/11/18 21:00:52 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/11/18 21:00:52 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/11/18 21:00:50 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/11/18 21:00:50 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/11/18 21:00:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/11/18 21:00:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/11/18 21:00:37 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014/11/18 21:00:37 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/11/18 21:00:37 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/11/18 21:00:37 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014/11/18 21:00:36 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/11/18 21:00:35 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014/11/18 21:00:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/11/18 21:00:35 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/11/18 21:00:35 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/11/18 21:00:34 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014/11/18 21:00:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/11/18 21:00:33 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014/11/18 21:00:32 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014/11/18 21:00:31 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014/11/18 21:00:30 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014/11/18 21:00:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014/11/18 21:00:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/11/18 21:00:27 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/11/18 21:00:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/11/18 21:00:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/11/18 21:00:25 | 000,000,000 | ---D | C] -- C:\Users\disno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2014/11/18 21:00:24 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014/11/18 21:00:23 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/11/18 21:00:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014/11/18 21:00:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/11/18 21:00:14 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/11/18 21:00:14 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/18 21:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2014/11/18 21:00:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014/11/18 21:00:13 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/11/18 21:00:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014/11/18 21:00:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014/11/18 21:00:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014/11/18 21:00:11 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014/11/18 21:00:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/11/18 21:00:11 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014/11/18 21:00:11 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/11/18 21:00:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/11/18 21:00:10 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014/11/18 21:00:10 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014/11/18 21:00:10 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014/11/18 21:00:09 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014/11/18 21:00:07 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/11/18 21:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2014/11/18 21:00:06 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014/11/18 21:00:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014/11/18 21:00:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014/11/18 21:00:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014/11/18 20:55:37 | 000,537,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/11/18 20:55:37 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/11/18 20:55:37 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/11/18 20:55:37 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/11/18 20:55:36 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/11/18 20:55:24 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/11/18 20:55:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/11/18 20:55:24 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/11/18 20:55:23 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/11/18 20:55:23 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/11/18 20:55:23 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/11/18 20:55:23 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/11/18 20:55:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/11/18 20:55:23 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2014/11/18 20:55:09 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/11/18 20:55:02 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/11/18 20:55:01 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/11/18 20:55:00 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/11/18 20:55:00 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/11/18 20:55:00 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/11/18 20:55:00 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/11/18 20:54:59 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/11/18 20:54:57 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/11/18 20:54:57 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/11/18 20:54:57 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/11/18 20:54:56 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/11/18 20:54:56 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014/11/18 20:54:55 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014/11/18 20:54:54 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/11/18 20:54:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014/11/18 20:54:53 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/11/18 20:54:53 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/11/18 20:54:52 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2014/11/18 20:54:52 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2014/11/18 20:54:52 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2014/11/18 20:54:52 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/11/17 22:26:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2014/11/17 07:38:14 | 000,000,000 | ---D | C] -- C:\Users\disno_000\AppData\Local\Apple Computer
[2014/11/10 19:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/06/20 12:40:10 | 021,270,168 | ---- | C] (Fengtao Software Inc.                                       ) -- C:\Users\disno_000\AppData\Roaming\DVDFab8229Qt.exe
[1 C:\Users\disno_000\Desktop\*.tmp files -> C:\Users\disno_000\Desktop\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/23 11:22:58 | 000,002,205 | ---- | M] () -- C:\Users\disno_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/11/23 11:22:56 | 000,002,181 | ---- | M] () -- C:\Users\disno_000\Desktop\Google Chrome.lnk
[2014/11/23 11:06:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\disno_000\Desktop\OTL.exe
[2014/11/23 10:46:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/23 10:39:02 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/11/23 00:11:09 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/11/23 00:10:48 | 000,008,192 | ---- | M] () -- C:\WINDOWS\SysWow64\WDPABKP.dat
[2014/11/23 00:10:22 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/23 00:10:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/23 00:09:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/11/23 00:08:43 | 1678,512,122 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/22 23:55:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\disno_000\Desktop\HijackThis.exe
[2014/11/22 00:11:00 | 000,450,895 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014/11/22 00:02:30 | 000,000,064 | ---- | M] () -- C:\WINDOWS\GPlrLanc.dat
[2014/11/22 00:01:16 | 000,001,153 | ---- | M] () -- C:\Users\disno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Win_update.lnk
[2014/11/21 23:53:26 | 000,000,019 | ---- | M] () -- C:\WINDOWS\SysWow64\85091840.bat
[2014/11/21 15:34:26 | 000,001,456 | ---- | M] () -- C:\Users\disno_000\AppData\Local\Adobe Save for Web 12.0 Prefs
[2014/11/20 13:01:06 | 388,019,686 | ---- | M] () -- C:\Users\disno_000\Desktop\Nostradamus - The Man Who Saw Tomorrow.mp4
[2014/11/20 10:09:55 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/11/20 10:09:55 | 000,731,446 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/11/20 10:09:55 | 000,136,056 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/11/18 21:50:34 | 012,201,144 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/11/18 21:04:27 | 000,000,873 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Conversion to PDF with ScanSnap Organizer.lnk
[2014/11/18 21:02:38 | 000,000,956 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk
[2014/11/18 14:49:18 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2014/11/17 14:17:01 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/11/13 07:40:15 | 000,450,837 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.20141122-001100.backup
[2014/11/04 15:38:37 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/11/03 16:10:18 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/11/01 10:31:45 | 000,021,504 | ---- | M] () -- C:\Users\disno_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/10/30 21:12:41 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014/10/30 21:12:05 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014/10/30 21:10:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014/10/30 21:09:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014/10/30 21:08:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014/10/30 21:06:45 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/10/30 21:06:21 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014/10/30 21:06:09 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/10/30 21:06:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/10/30 21:05:50 | 000,417,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014/10/30 21:04:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/10/30 20:56:53 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/10/30 20:54:13 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014/10/30 20:53:32 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/10/30 20:53:06 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014/10/30 20:52:22 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014/10/30 20:51:37 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/10/30 20:51:31 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/10/30 20:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/10/30 20:50:44 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/10/30 20:50:11 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/10/30 20:49:39 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/10/30 20:40:07 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014/10/30 20:38:28 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/10/30 20:30:28 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/10/30 20:29:50 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/10/30 20:29:17 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014/10/30 20:28:58 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014/10/30 20:25:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/10/30 20:24:48 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/10/30 20:24:25 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/10/30 20:23:46 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014/10/30 20:21:30 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/10/30 20:19:49 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/10/30 20:05:52 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/10/30 20:05:35 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/10/30 20:03:02 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/10/30 19:44:32 | 002,865,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/10/30 19:42:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014/10/30 19:28:47 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014/10/30 19:27:26 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014/10/30 19:26:45 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014/10/30 19:25:24 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014/10/30 19:24:23 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/10/30 19:24:00 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014/10/30 19:23:37 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/10/30 19:23:21 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014/10/30 19:22:08 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/10/30 19:20:27 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/10/30 19:15:59 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/10/30 19:14:25 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014/10/30 19:13:35 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014/10/30 19:12:17 | 000,661,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/10/30 19:12:17 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/10/30 19:11:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/10/30 19:03:33 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014/10/30 18:57:20 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/30 18:56:44 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/10/30 18:56:18 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014/10/30 18:56:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014/10/30 18:53:21 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/10/30 18:52:23 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/10/30 18:51:02 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014/10/30 18:48:50 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/10/30 18:39:28 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/10/30 18:11:30 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/10/29 21:54:20 | 000,000,169 | ---- | M] () -- C:\Users\disno_000\AppData\Roaming\PLGComp.ini
[2014/10/29 16:55:02 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/10/29 16:55:02 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\disno_000\Desktop\*.tmp files -> C:\Users\disno_000\Desktop\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/11/22 12:10:09 | 000,003,120 | ---- | C] () -- C:\Users\disno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk
[2014/11/22 11:33:32 | 000,002,181 | ---- | C] () -- C:\Users\disno_000\Desktop\Google Chrome.lnk
[2014/11/22 00:02:30 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2014/11/22 00:01:16 | 000,001,153 | ---- | C] () -- C:\Users\disno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Win_update.lnk
[2014/11/21 23:53:26 | 000,000,019 | ---- | C] () -- C:\WINDOWS\SysWow64\85091840.bat
[2014/11/20 21:12:32 | 004,432,024 | ---- | C] () -- C:\Users\disno_000\Desktop\DSC06116.JPG
[2014/11/20 12:59:14 | 388,019,686 | ---- | C] () -- C:\Users\disno_000\Desktop\Nostradamus - The Man Who Saw Tomorrow.mp4
[2014/11/18 20:54:52 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/11/05 12:47:49 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysWow64\WDPABKP.dat
[2014/10/20 15:39:48 | 000,000,132 | ---- | C] () -- C:\Users\disno_000\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2014/10/01 09:40:40 | 000,268,643 | ---- | C] () -- C:\Users\disno_000\AppData\Local\ars.cache
[2014/10/01 09:40:40 | 000,168,839 | ---- | C] () -- C:\Users\disno_000\AppData\Local\census.cache
[2014/10/01 09:35:56 | 000,000,010 | ---- | C] () -- C:\Users\disno_000\AppData\Local\sponge.last.runtime.cache
[2014/10/01 09:31:20 | 000,000,036 | ---- | C] () -- C:\Users\disno_000\AppData\Local\housecall.guid.cache
[2014/06/04 11:16:12 | 000,285,216 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\Onsio.sys
[2014/06/04 11:16:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\Onsreged.sys
[2014/05/30 10:50:06 | 000,001,456 | ---- | C] () -- C:\Users\disno_000\AppData\Local\Adobe Save for Web 12.0 Prefs
[2014/05/18 21:40:19 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/14 10:40:24 | 000,007,628 | ---- | C] () -- C:\Users\disno_000\AppData\Local\Resmon.ResmonCfg
[2014/03/18 02:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 02:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/20 13:24:05 | 000,000,132 | ---- | C] () -- C:\Users\disno_000\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2014/01/12 20:58:59 | 000,087,576 | ---- | C] () -- C:\WINDOWS\mws.exe
[2014/01/09 16:58:20 | 000,021,504 | ---- | C] () -- C:\Users\disno_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/09 13:46:44 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2014/01/05 23:03:15 | 000,000,169 | ---- | C] () -- C:\Users\disno_000\AppData\Roaming\PLGComp.ini
[2013/12/30 12:35:26 | 000,000,203 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2013/12/30 12:28:59 | 000,118,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LFKODAK.DLL
[2013/12/30 12:28:58 | 000,338,944 | ---- | C] () -- C:\WINDOWS\SysWow64\LFFPX7.DLL
[2013/12/27 19:03:51 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/08/22 07:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 07:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 06:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/21 23:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 19:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 15:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 15:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/01/11 12:55:46 | 000,014,464 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsUpIO.sys
[2013/01/11 12:54:18 | 000,015,232 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
[2013/01/11 12:54:17 | 000,011,832 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys
[2013/01/11 12:54:17 | 000,010,216 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp32.sys
[2013/01/11 12:47:57 | 000,004,699 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2013/01/11 12:47:52 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
[2013/01/11 12:47:52 | 000,002,537 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013/01/11 12:47:52 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
 
========== ZeroAccess Check ==========
 
[2014/05/19 12:23:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/30 16:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 14:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 01:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 18:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 01:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\disno_000\OneDrive:ms-properties
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:C76EDAC3
 
< End of report >
 

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi you have windows 8 so I will need to use a different scanner

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP