Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TUVARO/GOOBZO ADWARE REMOVAL [Closed]


  • This topic is locked This topic is locked

#1
Oday78

Oday78

    New Member

  • Member
  • Pip
  • 4 posts

hi need a little help with tuvaro thanks running a scan with otl as I type

 

OTL logfile created on: 6/16/2014 3:26:03 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Shaboing Boing\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.87 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.58% Memory free
7.75 Gb Paging File | 6.18 Gb Available in Paging File | 79.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.21 Gb Total Space | 405.76 Gb Free Space | 91.34% Space Free | Partition Type: NTFS
 
Computer Name: BOING | User Name: Shaboing Boing | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/16 03:25:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shaboing Boing\Downloads\OTL.exe
PRC - [2014/06/16 03:19:29 | 000,764,024 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe
PRC - [2014/05/29 22:26:50 | 000,640,000 | ---- | M] () -- C:\Program Files (x86)\Premium Software\systerm32.exe
PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/30 18:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/05/29 21:11:48 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/05/21 13:50:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/01/15 20:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/05/28 14:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/21 18:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/16 03:14:54 | 000,043,008 | ---- | M] () -- c:\Users\Shaboing Boing\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbwu5ni.dll
MOD - [2014/05/29 22:26:50 | 000,640,000 | ---- | M] () -- C:\Program Files (x86)\Premium Software\systerm32.exe
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\Premium Software\sqlite3.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service -- (SMUpd)
SRV:64bit: - [2014/06/16 03:19:29 | 000,764,024 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV:64bit: - [2014/05/25 20:03:40 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/18 05:44:46 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/18 05:44:46 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/18 05:43:34 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/03/08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/03/06 02:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/02/22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/27 11:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/12/10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/14 03:25:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/02 05:15:40 | 001,282,152 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/02 00:08:48 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/07/02 00:08:32 | 000,733,696 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel®
SRV - [2014/04/30 03:03:47 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/14 03:25:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/29 12:03:10 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/01/15 20:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/12/19 02:10:38 | 000,072,192 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2012/04/24 18:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/11/21 18:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/16 03:19:29 | 000,114,176 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)
DRV:64bit: - [2014/05/25 19:28:28 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2014/04/13 02:58:41 | 000,034,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\voxaldriverx64.sys -- (voxaldriver)
DRV:64bit: - [2014/04/13 02:58:33 | 000,033,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stdriverx64.sys -- (stdriver)
DRV:64bit: - [2014/03/19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 05:44:46 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/18 05:44:46 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/18 05:44:46 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/18 05:39:41 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 05:39:40 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 05:39:40 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 11:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/02/22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 11:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/11/14 03:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 03:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 03:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 03:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/23 16:30:02 | 000,070,416 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013/09/16 08:18:10 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/16 08:14:16 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/22 18:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/22 18:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 02:09:18 | 000,027,904 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MBI.sys -- (MBI)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/02 00:10:20 | 000,087,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:64bit: - [2013/06/14 04:21:12 | 000,824,536 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/05/17 00:49:12 | 003,847,168 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/04/17 20:53:10 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2013/03/05 02:12:34 | 000,308,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/09/14 01:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/01 23:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012/05/30 23:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV - [2011/09/07 13:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 21:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.safesear....&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?...10&ocid=U010DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7NCHC_enUS579
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Shaboing Boing\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Shaboing Boing\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Shaboing Boing\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shaboing Boing\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shaboing Boing\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{jid1-eFRcA0eiPxecTQ@jetpack}: 0\extensions\{jid1-eFRcA0eiPxecTQ@jetpack}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{jid1-vS7biDmom8YxhA@jetpack}: 0\extensions\{jid1-vS7biDmom8YxhA@jetpack}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
 
[2014/05/25 19:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shaboing Boing\AppData\Roaming\Mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Webroot Filtering Extension = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.0.0.32_0\
CHR - Extension: Google Wallet = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Webroot Password Manager = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab\2.5.5_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {2977d8cc-8902-4340-be88-2c676bf96b8d} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll File not found
O2:64bit: - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O2:64bit: - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
O2 - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll File not found
O2 - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O2 - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {2977d8cc-8902-4340-be88-2c676bf96b8d} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2977d8cc-8902-4340-be88-2c676bf96b8d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Windows FUPM Service Manager] C:\Program Files (x86)\Premium Software\systerm32.exe ()
O4 - HKLM..\Run: [Windows X64 Service Manager] C:\Program Files (x86)\FlashNow Updater\flsysio.exe ()
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKCU..\Run: [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Shaboing Boing\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download App.lnk = C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe (CBS Interactive Inc.)
O4 - Startup: C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O9:64bit: - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} https://oovoowww3-a....vc/ooVooWeb.dll (ooVooWebCtrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35672B5C-855E-49EE-9280-5E69F08E4935}: DhcpNameServer = 40.52.1.201 40.52.1.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE231B59-6028-4360-8D4A-AC173F0FD641}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/16 03:19:29 | 000,103,816 | ---- | C] (Webroot) -- C:\WINDOWS\SysNative\WRusr.dll
[2014/06/16 02:49:55 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/06/16 02:48:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/16 02:32:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/06/16 02:06:21 | 000,153,256 | ---- | C] (Webroot) -- C:\WINDOWS\SysWow64\WRusr.dll
[2014/06/16 02:03:00 | 010,395,072 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[2014/06/16 02:02:44 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\lptmp616931311
[2014/06/16 02:02:20 | 000,114,176 | ---- | C] (Webroot) -- C:\WINDOWS\SysNative\drivers\WRkrn.sys
[2014/06/16 02:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
[2014/05/25 20:24:48 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/05/25 20:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software
[2014/05/25 20:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Premium Software
[2014/05/25 20:07:05 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/25 20:07:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/05/25 20:03:52 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\ilividmoviestoolbar20
[2014/05/25 20:03:47 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/25 20:03:46 | 001,705,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/05/25 20:03:46 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014/05/25 20:03:46 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/05/25 20:03:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/05/25 20:03:40 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/05/25 20:03:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/05/25 20:03:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/05/25 20:03:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/05/25 20:03:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/05/25 20:03:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/05/25 20:03:10 | 000,233,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/05/25 20:02:50 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/05/25 20:02:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/05/25 20:00:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchModule
[2014/05/25 19:59:56 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\VS Revo Group
[2014/05/25 19:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/05/25 19:59:48 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\WINDOWS\SysNative\drivers\revoflt.sys
[2014/05/25 19:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/05/25 19:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/05/25 19:58:57 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\Desktop\Revo Uninstaller Pro v3.0.7
[2014/05/25 19:58:12 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\WeatherBug
[2014/05/25 19:58:12 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\CrashRpt
[2014/05/25 19:57:46 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\WeatherBug
[2014/05/25 19:57:35 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
[2014/05/25 19:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AWS
[2014/05/25 19:55:11 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\Fixila
[2014/05/25 19:44:33 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\Mozilla
[2014/05/25 19:39:44 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/25 19:39:42 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/05/25 19:39:41 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/25 19:39:40 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/05/25 19:39:35 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/25 19:39:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/25 19:39:30 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/25 19:39:28 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/25 19:39:27 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/25 19:39:25 | 013,286,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/05/25 19:39:18 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/05/25 19:39:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/25 19:39:15 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/25 19:39:13 | 011,791,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/05/25 19:39:07 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/05/25 19:39:05 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/05/25 19:39:01 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/25 19:39:00 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/05/25 19:38:59 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/05/25 19:38:58 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/05/25 19:38:58 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/25 19:38:57 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/05/25 19:38:57 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/05/25 19:38:57 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/05/25 19:38:56 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/05/25 19:38:55 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014/05/25 19:38:55 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/05/25 19:38:55 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/25 19:38:54 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/05/25 19:38:54 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/25 19:38:53 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/25 19:38:53 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/25 19:38:53 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/25 19:38:52 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/25 19:38:52 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/25 19:38:51 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/05/25 19:38:51 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/25 19:38:50 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/05/25 19:38:50 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/25 19:38:50 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014/05/25 19:38:50 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014/05/25 19:38:49 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/05/25 19:38:49 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/05/25 19:38:49 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/25 19:38:49 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/05/25 19:38:47 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/25 19:38:47 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/05/25 19:38:47 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/05/25 19:38:47 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/25 19:38:47 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/05/25 19:38:43 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/25 19:38:43 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/25 19:38:42 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014/05/25 19:38:42 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014/05/25 19:38:42 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/25 19:38:40 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/25 19:38:39 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/05/25 19:38:39 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/25 19:38:38 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/25 19:38:38 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/25 19:38:38 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/05/25 19:38:37 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/25 19:38:36 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/25 19:38:36 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/25 19:38:36 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/25 19:38:35 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/25 19:38:35 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/05/25 19:38:35 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/25 19:38:35 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/25 19:38:35 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/25 19:38:34 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/05/25 19:38:34 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/25 19:38:34 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/25 19:38:34 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/25 19:38:33 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/25 19:38:33 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/05/25 19:38:33 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/25 19:38:33 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/25 19:38:32 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/25 19:38:32 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014/05/25 19:38:32 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/05/25 19:38:32 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/25 19:38:32 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014/05/25 19:38:31 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/05/25 19:38:31 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/05/25 19:38:31 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014/05/25 19:38:30 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/25 19:38:30 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014/05/25 19:38:30 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014/05/25 19:38:30 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/25 19:38:30 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/25 19:38:29 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014/05/25 19:38:29 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/25 19:38:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/05/25 19:38:28 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/05/25 19:38:28 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/25 19:38:27 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/25 19:38:27 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/25 19:38:27 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014/05/25 19:38:27 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014/05/25 19:38:27 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/25 19:38:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/05/25 19:38:26 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/05/25 19:38:26 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/05/25 19:38:26 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/25 19:38:26 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014/05/25 19:38:25 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/05/25 19:38:25 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/05/25 19:38:25 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/25 19:38:25 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/25 19:38:25 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/05/25 19:38:24 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/05/25 19:38:24 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDScDrv.dll
[2014/05/25 19:38:24 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014/05/25 19:38:24 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/25 19:38:24 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/25 19:38:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014/05/25 19:38:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014/05/25 19:38:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/05/25 19:38:24 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/25 19:38:24 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/25 19:38:23 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/25 19:38:23 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014/05/25 19:38:23 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/05/25 19:38:22 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/25 19:38:22 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/25 19:38:22 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/25 19:38:21 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014/05/25 19:38:20 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014/05/25 19:38:20 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/05/25 19:38:20 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/25 19:38:20 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/25 19:38:19 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/05/25 19:38:19 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/25 19:38:19 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014/05/25 19:38:18 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/25 19:38:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/25 19:38:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/25 19:38:16 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/05/25 19:38:16 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/25 19:38:16 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/05/25 19:38:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/25 19:38:16 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/25 19:38:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/25 19:38:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/25 19:38:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/25 19:34:17 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\Deployment
[2014/05/25 19:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashNow Updater
[2014/05/25 19:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashNow Updater
[2014/05/25 19:31:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/05/25 19:31:46 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/05/25 19:31:44 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/05/25 19:31:42 | 000,000,000 | -HSD | C] -- C:\Users\Shaboing Boing\AppData\Local\EmieUserList
[2014/05/25 19:31:42 | 000,000,000 | -HSD | C] -- C:\Users\Shaboing Boing\AppData\Local\EmieSiteList
[2014/05/25 19:31:41 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/05/25 19:31:16 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/05/25 19:31:15 | 011,742,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2014/05/25 19:31:14 | 003,394,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/05/25 19:31:13 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OobeFldr.dll
[2014/05/25 19:31:13 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OobeFldr.dll
[2014/05/25 19:31:05 | 008,946,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2014/05/25 19:31:05 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/05/25 19:30:59 | 002,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/05/25 19:30:58 | 008,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2014/05/25 19:30:57 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/05/25 19:30:57 | 001,927,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/05/25 19:30:52 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/05/25 19:30:52 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/05/25 19:30:51 | 013,933,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2014/05/25 19:30:49 | 001,435,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2014/05/25 19:30:48 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/05/25 19:30:45 | 003,494,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2014/05/25 19:30:42 | 012,027,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2014/05/25 19:30:41 | 011,776,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2014/05/25 19:30:39 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/05/25 19:30:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/05/25 19:30:35 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2014/05/25 19:30:35 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2014/05/25 19:30:32 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2014/05/25 19:30:30 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/05/25 19:30:29 | 001,728,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2014/05/25 19:30:28 | 002,574,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014/05/25 19:30:28 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2014/05/25 19:30:25 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/05/25 19:30:25 | 001,445,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webservices.dll
[2014/05/25 19:30:24 | 001,132,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2014/05/25 19:30:23 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/05/25 19:30:22 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/05/25 19:30:21 | 002,588,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/05/25 19:30:21 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/05/25 19:30:20 | 001,341,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2014/05/25 19:30:20 | 001,290,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2014/05/25 19:30:19 | 001,640,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2014/05/25 19:30:19 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/05/25 19:30:19 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014/05/25 19:30:18 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msTextPrediction.dll
[2014/05/25 19:30:17 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/05/25 19:30:16 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2014/05/25 19:30:14 | 001,727,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/05/25 19:30:13 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/05/25 19:30:13 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2014/05/25 19:30:11 | 001,215,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2014/05/25 19:30:11 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/05/25 19:30:11 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/05/25 19:30:10 | 000,800,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2014/05/25 19:30:09 | 002,648,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/05/25 19:30:08 | 001,496,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2014/05/25 19:30:08 | 001,000,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2014/05/25 19:30:07 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/05/25 19:30:06 | 000,461,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014/05/25 19:30:06 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014/05/25 19:30:05 | 001,077,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webservices.dll
[2014/05/25 19:30:05 | 000,410,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014/05/25 19:30:05 | 000,407,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014/05/25 19:30:05 | 000,369,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014/05/25 19:30:05 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014/05/25 19:30:03 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2014/05/25 19:30:01 | 002,825,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2014/05/25 19:30:01 | 002,410,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/05/25 19:30:00 | 001,659,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/05/25 19:30:00 | 001,519,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/05/25 19:30:00 | 001,487,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/05/25 19:30:00 | 001,356,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/05/25 19:29:59 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/05/25 19:29:59 | 000,526,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2014/05/25 19:29:58 | 001,929,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2014/05/25 19:29:58 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014/05/25 19:29:58 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2014/05/25 19:29:58 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DfpCommon.dll
[2014/05/25 19:29:58 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofTasks.dll
[2014/05/25 19:29:57 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014/05/25 19:29:54 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2014/05/25 19:29:53 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2014/05/25 19:29:53 | 000,609,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2014/05/25 19:29:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2014/05/25 19:29:53 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/05/25 19:29:52 | 001,011,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2014/05/25 19:29:51 | 000,422,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2014/05/25 19:29:50 | 001,653,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2014/05/25 19:29:50 | 000,645,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014/05/25 19:29:50 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/05/25 19:29:50 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2014/05/25 19:29:49 | 000,650,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2014/05/25 19:29:48 | 002,760,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpccpl.dll
[2014/05/25 19:29:48 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/05/25 19:29:47 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2014/05/25 19:29:46 | 002,428,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2014/05/25 19:29:46 | 002,220,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/05/25 19:29:46 | 001,392,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/05/25 19:29:45 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/25 19:29:44 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2014/05/25 19:29:42 | 001,519,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/05/25 19:29:42 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014/05/25 19:29:40 | 000,424,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/05/25 19:29:39 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2014/05/25 19:29:38 | 001,757,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/05/25 19:29:38 | 000,881,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/05/25 19:29:36 | 002,395,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014/05/25 19:29:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofUtil.dll
[2014/05/25 19:29:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2014/05/25 19:29:33 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/05/25 19:29:30 | 000,477,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/05/25 19:29:30 | 000,391,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2014/05/25 19:29:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/05/25 19:29:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/05/25 19:29:29 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2014/05/25 19:29:29 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2014/05/25 19:29:28 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014/05/25 19:29:28 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/25 19:29:28 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2014/05/25 19:29:27 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/05/25 19:29:27 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014/05/25 19:29:26 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/05/25 19:29:26 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2014/05/25 19:29:26 | 001,063,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2014/05/25 19:29:26 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2014/05/25 19:29:26 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014/05/25 19:29:25 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/05/25 19:29:25 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recimg.exe
[2014/05/25 19:29:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfp.exe
[2014/05/25 19:29:24 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2014/05/25 19:29:24 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perftrack.dll
[2014/05/25 19:29:23 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014/05/25 19:29:23 | 000,669,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2014/05/25 19:29:23 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/05/25 19:29:22 | 001,428,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2014/05/25 19:29:22 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2014/05/25 19:29:22 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2014/05/25 19:29:21 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2014/05/25 19:29:20 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2014/05/25 19:29:20 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/25 19:29:19 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/05/25 19:29:18 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/05/25 19:29:18 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014/05/25 19:29:18 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2014/05/25 19:29:18 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2014/05/25 19:29:17 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2014/05/25 19:29:15 | 000,745,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/05/25 19:29:15 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/05/25 19:29:14 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2014/05/25 19:29:14 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014/05/25 19:29:14 | 000,372,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2014/05/25 19:29:13 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2014/05/25 19:29:13 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014/05/25 19:29:13 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2014/05/25 19:29:12 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014/05/25 19:29:12 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2014/05/25 19:29:11 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfuimanager.dll
[2014/05/25 19:29:10 | 001,791,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2014/05/25 19:29:10 | 000,824,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/05/25 19:29:10 | 000,531,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2014/05/25 19:29:10 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2014/05/25 19:29:09 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/05/25 19:29:07 | 000,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2014/05/25 19:29:07 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfuimanager.dll
[2014/05/25 19:29:07 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/05/25 19:29:07 | 000,244,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2014/05/25 19:29:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2014/05/25 19:29:06 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/05/25 19:29:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/05/25 19:29:05 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014/05/25 19:29:05 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014/05/25 19:29:05 | 000,761,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2014/05/25 19:29:05 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/05/25 19:29:04 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2014/05/25 19:29:04 | 000,336,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014/05/25 19:29:04 | 000,317,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2014/05/25 19:29:04 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/05/25 19:29:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmIndexer.dll
[2014/05/25 19:29:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slc.dll
[2014/05/25 19:29:02 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2014/05/25 19:29:02 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014/05/25 19:29:02 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2014/05/25 19:29:02 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2014/05/25 19:29:01 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2014/05/25 19:29:00 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2014/05/25 19:29:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2014/05/25 19:28:58 | 000,324,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2014/05/25 19:28:57 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanMM.dll
[2014/05/25 19:28:56 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014/05/25 19:28:56 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014/05/25 19:28:56 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ninput.dll
[2014/05/25 19:28:56 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2014/05/25 19:28:55 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014/05/25 19:28:55 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2014/05/25 19:28:54 | 002,288,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2014/05/25 19:28:54 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014/05/25 19:28:53 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2014/05/25 19:28:53 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2014/05/25 19:28:52 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/25 19:28:51 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2014/05/25 19:28:51 | 000,123,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/05/25 19:28:51 | 000,105,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/05/25 19:28:50 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdbui.dll
[2014/05/25 19:28:50 | 000,258,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/05/25 19:28:49 | 000,289,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqmapi.dll
[2014/05/25 19:28:48 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DismApi.dll
[2014/05/25 19:28:48 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/05/25 19:28:47 | 003,596,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2014/05/25 19:28:45 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2014/05/25 19:28:44 | 002,811,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll
[2014/05/25 19:28:43 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmIndexer.dll
[2014/05/25 19:28:43 | 000,210,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014/05/25 19:28:43 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/05/25 19:28:42 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2014/05/25 19:28:42 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/05/25 19:28:41 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dism.exe
[2014/05/25 19:28:41 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/05/25 19:28:40 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014/05/25 19:28:40 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2014/05/25 19:28:40 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2014/05/25 19:28:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2014/05/25 19:28:37 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/05/25 19:28:37 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/25 19:28:37 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clrhost.dll
[2014/05/25 19:28:36 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014/05/25 19:28:36 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2014/05/25 19:28:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PkgMgr.exe
[2014/05/25 19:28:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2014/05/25 19:28:35 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014/05/25 19:28:35 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WLanConn.dll
[2014/05/25 19:28:35 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014/05/25 19:28:35 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2014/05/25 19:28:35 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2014/05/25 19:28:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2014/05/25 19:28:34 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/05/25 19:28:33 | 002,165,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncCenter.dll
[2014/05/25 19:28:33 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PurchaseWindowsLicense.dll
[2014/05/25 19:28:33 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/05/25 19:28:32 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2014/05/25 19:28:32 | 000,722,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeui.exe
[2014/05/25 19:28:32 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2014/05/25 19:28:32 | 000,180,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014/05/25 19:28:31 | 000,943,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WlanMM.dll
[2014/05/25 19:28:31 | 000,506,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2014/05/25 19:28:31 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/05/25 19:28:31 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2014/05/25 19:28:30 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2014/05/25 19:28:30 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2014/05/25 19:28:30 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014/05/25 19:28:30 | 000,083,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2014/05/25 19:28:29 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmdskmgr.dll
[2014/05/25 19:28:28 | 003,085,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2014/05/25 19:28:28 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srchadmin.dll
[2014/05/25 19:28:28 | 000,170,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2014/05/25 19:28:28 | 000,139,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2014/05/25 19:28:27 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/05/25 19:28:26 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ninput.dll
[2014/05/25 19:28:26 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/25 19:28:26 | 000,151,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2014/05/25 19:28:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clrhost.dll
[2014/05/25 19:28:23 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014/05/25 19:28:23 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2014/05/25 19:28:23 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2014/05/25 19:28:23 | 000,142,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smss.exe
[2014/05/25 19:28:22 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2014/05/25 19:28:22 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2014/05/25 19:28:22 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2014/05/25 19:28:22 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014/05/25 19:28:22 | 000,209,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2014/05/25 19:28:22 | 000,188,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2014/05/25 19:28:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AltTab.dll
[2014/05/25 19:28:21 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timedate.cpl
[2014/05/25 19:28:21 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqmapi.dll
[2014/05/25 19:28:21 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2014/05/25 19:28:21 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netid.dll
[2014/05/25 19:28:21 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsutil.exe
[2014/05/25 19:28:19 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\das.dll
[2014/05/25 19:28:19 | 000,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sharemediacpl.dll
[2014/05/25 19:28:19 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/05/25 19:28:19 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014/05/25 19:28:19 | 000,080,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2014/05/25 19:28:19 | 000,043,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2014/05/25 19:28:18 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2014/05/25 19:28:18 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2014/05/25 19:28:18 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2014/05/25 19:28:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fsutil.exe
[2014/05/25 19:28:17 | 000,924,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2014/05/25 19:28:17 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014/05/25 19:28:17 | 000,140,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2014/05/25 19:28:17 | 000,041,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2014/05/25 19:28:16 | 000,275,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powrprof.dll
[2014/05/25 19:28:16 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2014/05/25 19:28:15 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2014/05/25 19:28:15 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2014/05/25 19:28:15 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2014/05/25 19:28:15 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2014/05/25 19:28:15 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/05/25 19:28:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2014/05/25 19:28:14 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/05/25 19:28:14 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2014/05/25 19:28:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2014/05/25 19:28:14 | 000,079,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2014/05/25 19:28:13 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timedate.cpl
[2014/05/25 19:28:13 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RestoreOptIn.exe
[2014/05/25 19:28:12 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwizeng.dll
[2014/05/25 19:28:12 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2014/05/25 19:28:12 | 000,137,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2014/05/25 19:28:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContent.dll
[2014/05/25 19:28:11 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/05/25 19:28:11 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2014/05/25 19:28:11 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2014/05/25 19:28:11 | 000,032,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountBroker.exe
[2014/05/25 19:28:10 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MicrosoftAccountTokenProvider.dll
[2014/05/25 19:28:10 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2014/05/25 19:28:09 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2014/05/25 19:28:09 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WLanConn.dll
[2014/05/25 19:28:08 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3mm.dll
[2014/05/25 19:28:08 | 000,094,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcd.dll
[2014/05/25 19:28:08 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RestoreOptIn.exe
[2014/05/25 19:28:08 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014/05/25 19:28:07 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srchadmin.dll
[2014/05/25 19:28:07 | 000,029,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountBroker.exe
[2014/05/25 19:28:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2014/05/25 19:28:06 | 000,131,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014/05/25 19:28:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAMM.dll
[2014/05/25 19:28:05 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2014/05/25 19:28:04 | 003,312,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2014/05/25 19:28:04 | 000,079,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcd.dll
[2014/05/25 19:28:03 | 000,071,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2014/05/25 19:28:03 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2014/05/25 19:27:59 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cleanmgr.exe
[2014/05/25 19:27:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2014/05/25 19:27:58 | 000,054,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys
[2014/05/25 19:27:57 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cleanmgr.exe
[2014/05/25 19:27:56 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpchttp.dll
[2014/05/25 19:27:54 | 000,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2014/05/25 19:27:53 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2014/05/25 19:27:53 | 000,189,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2014/05/25 19:27:53 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2014/05/25 19:27:53 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014/05/25 19:27:52 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2014/05/25 19:27:52 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\korwbrkr.dll
[2014/05/25 19:27:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netid.dll
[2014/05/25 19:27:52 | 000,036,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2014/05/25 19:27:52 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2014/05/25 19:27:51 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2014/05/25 19:27:49 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll
[2014/05/25 19:27:48 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2014/05/25 19:27:47 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmdskmgr.dll
[2014/05/25 19:27:47 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2014/05/25 19:27:47 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2014/05/25 19:27:47 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acppage.dll
[2014/05/25 19:27:47 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/05/25 19:27:46 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2014/05/25 19:27:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014/05/25 19:27:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpchttp.dll
[2014/05/25 19:27:45 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2014/05/25 19:27:45 | 000,038,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2014/05/25 19:27:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbrand.dll
[2014/05/25 19:27:43 | 001,152,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2014/05/25 19:27:43 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/05/25 19:27:43 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MicrosoftAccountTokenProvider.dll
[2014/05/25 19:27:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slpts.dll
[2014/05/25 19:27:42 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2014/05/25 19:27:42 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2014/05/25 19:27:41 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2014/05/25 19:27:41 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014/05/25 19:27:41 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2014/05/25 19:27:41 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbadmin.exe
[2014/05/25 19:27:41 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2014/05/25 19:27:41 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2014/05/25 19:27:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acppage.dll
[2014/05/25 19:27:40 | 000,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2014/05/25 19:27:40 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2014/05/25 19:27:40 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/25 19:27:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Renewal.dll
[2014/05/25 19:27:40 | 000,028,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2014/05/25 19:27:40 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysResetErr.exe
[2014/05/25 19:27:39 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014/05/25 19:27:39 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2014/05/25 19:27:39 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014/05/25 19:27:39 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2014/05/25 19:27:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2014/05/25 19:27:38 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2014/05/25 19:27:38 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/05/25 19:27:38 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdboot.exe
[2014/05/25 19:27:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/05/25 19:27:37 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PkgMgr.exe
[2014/05/25 19:27:37 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2014/05/25 19:27:37 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spbcd.dll
[2014/05/25 19:27:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2014/05/25 19:27:37 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/25 19:27:37 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slpts.dll
[2014/05/25 19:27:36 | 000,780,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2014/05/25 19:27:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbrand.dll
[2014/05/25 19:27:35 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2014/05/25 19:27:34 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2014/05/25 19:27:34 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/05/25 19:27:34 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAConn.dll
[2014/05/25 19:27:33 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeResults.exe
[2014/05/25 19:27:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/05/25 19:27:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2014/05/25 19:27:32 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2014/05/25 19:27:32 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014/05/25 19:27:31 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2014/05/25 19:27:30 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014/05/25 19:27:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/25 19:27:29 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2014/05/25 19:27:28 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2014/05/25 19:27:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spcompat.dll
[2014/05/25 19:27:28 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/25 19:27:28 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2014/05/25 19:27:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys
[2014/05/25 19:27:27 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgrade.exe
[2014/05/25 19:27:27 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2014/05/25 19:27:26 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwizeng.dll
[2014/05/25 19:27:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energytask.dll
[2014/05/25 19:27:25 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskpart.exe
[2014/05/25 19:27:25 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spbcd.dll
[2014/05/25 19:27:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/05/25 19:27:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2014/05/25 19:27:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.exe
[2014/05/25 19:27:16 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2014/05/25 19:27:16 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2014/05/25 19:27:16 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2014/05/25 19:27:16 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2014/05/25 19:27:16 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpclean.dll
[2014/05/25 19:27:16 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceassociation.dll
[2014/05/25 19:27:15 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/05/25 19:27:14 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2014/05/25 19:27:14 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2014/05/25 19:27:14 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dasHost.exe
[2014/05/25 19:27:13 | 001,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2014/05/25 19:27:12 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srrstr.dll
[2014/05/25 19:27:12 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2014/05/25 19:27:12 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2014/05/25 19:27:12 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/05/25 19:27:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/05/25 19:27:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2014/05/25 19:27:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/05/25 19:27:11 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014/05/25 19:27:11 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2014/05/25 19:27:11 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winsku.dll
[2014/05/25 19:27:11 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2014/05/25 19:27:10 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfrgui.exe
[2014/05/25 19:27:10 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2014/05/25 19:27:10 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2014/05/25 19:27:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SSShim.dll
[2014/05/25 19:27:10 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll
[2014/05/25 19:27:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/05/25 19:27:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceassociation.dll
[2014/05/25 19:27:09 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2014/05/25 19:27:09 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2014/05/25 19:27:09 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2014/05/25 19:27:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.exe
[2014/05/25 19:27:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll
[2014/05/25 19:27:09 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2014/05/25 19:27:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2014/05/25 19:27:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\f3ahvoas.dll
[2014/05/25 19:27:07 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SrTasks.exe
[2014/05/25 19:27:07 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2014/05/25 19:27:06 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsdyn.dll
[2014/05/25 19:27:06 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfrgui.exe
[2014/05/25 19:27:06 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsku.dll
[2014/05/25 19:27:06 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2014/05/25 19:27:06 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2014/05/25 19:27:06 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentHost.dll
[2014/05/25 19:27:05 | 002,566,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2014/05/25 19:27:05 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2014/05/25 19:27:05 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014/05/25 19:27:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AepRoam.dll
[2014/05/25 19:27:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2014/05/25 19:27:03 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014/05/25 19:27:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxshared.dll
[2014/05/25 19:27:02 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2014/05/25 19:27:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConfigureExpandedStorage.dll
[2014/05/25 19:27:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2014/05/25 19:27:01 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/05/25 19:27:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConfigureExpandedStorage.dll
[2014/05/25 19:27:00 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/25 19:27:00 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/25 19:27:00 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scavengeui.dll
[2014/05/25 19:27:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/25 19:26:57 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2014/05/25 19:26:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/25 19:26:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2014/05/25 19:26:53 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2014/05/25 19:26:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014/05/25 19:26:47 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/05/25 19:26:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014/05/25 19:26:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syncui.dll
[2014/05/25 19:26:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/25 19:26:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncPolicy.dll
[2014/05/25 19:26:44 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/05/25 19:26:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\finger.exe
[2014/05/25 19:26:43 | 002,544,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2014/05/25 19:26:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpdxm.dll
[2014/05/25 19:26:43 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncPolicy.dll
[2014/05/25 19:26:42 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2014/05/25 19:26:41 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ocsetapi.dll
[2014/05/25 19:26:40 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2014/05/25 19:26:40 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ocsetapi.dll
[2014/05/25 19:26:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2014/05/25 19:26:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/25 19:26:39 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitagent.exe
[2014/05/25 19:26:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2014/05/25 19:26:38 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\korwbrkr.dll
[2014/05/25 19:26:37 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2014/05/25 19:26:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/25 19:26:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/25 19:26:35 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2014/05/25 19:26:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2014/05/25 19:26:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2014/05/25 19:26:34 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/05/25 19:26:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2014/05/25 19:26:34 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/25 19:26:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2014/05/25 19:26:33 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/05/25 19:26:33 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/25 19:26:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2014/05/25 19:26:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2014/05/25 19:26:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/25 19:26:32 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/05/25 19:26:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/05/25 19:26:32 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2014/05/25 19:26:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\finger.exe
[2014/05/25 19:26:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/25 19:26:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-networking-wcmapi-l1-1-0.dll
[2014/05/25 19:26:31 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\f3ahvoas.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/16 03:20:26 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/16 03:20:26 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/16 03:20:26 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/16 03:19:29 | 000,153,256 | ---- | M] (Webroot) -- C:\WINDOWS\SysWow64\WRusr.dll
[2014/06/16 03:19:29 | 000,114,176 | ---- | M] (Webroot) -- C:\WINDOWS\SysNative\drivers\WRkrn.sys
[2014/06/16 03:19:29 | 000,103,816 | ---- | M] (Webroot) -- C:\WINDOWS\SysNative\WRusr.dll
[2014/06/16 03:18:37 | 000,000,074 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\sp_data.sys
[2014/06/16 03:16:04 | 000,258,048 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Local\ChromeHitoryDB
[2014/06/16 03:15:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/16 03:14:40 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/16 03:13:24 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/16 03:13:23 | 3327,864,832 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/16 02:45:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-606004080-2999541650-1733327023-1001UA.job
[2014/06/16 02:35:07 | 000,002,457 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/16 02:35:07 | 000,002,236 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/16 02:35:07 | 000,002,000 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/16 02:26:38 | 419,539,792 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/06/16 02:03:49 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/16 02:03:32 | 000,002,218 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
[2014/06/16 02:03:31 | 010,395,072 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[2014/06/16 02:03:31 | 000,002,218 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
[2014/06/16 01:58:50 | 000,000,956 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606004080-2999541650-1733327023-1001UA.job
[2014/06/16 01:54:23 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/16 01:53:23 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/25 20:07:05 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/25 20:07:04 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/05/25 20:03:44 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/05/25 20:03:40 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/05/25 20:03:40 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/05/25 20:03:40 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/05/25 20:03:36 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/05/25 20:03:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/05/25 20:03:19 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/05/25 20:03:10 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/05/25 20:02:50 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/05/25 20:02:50 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/05/25 19:59:50 | 000,001,119 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/05/25 19:59:50 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/05/25 19:57:37 | 000,000,824 | ---- | M] () -- C:\Users\Shaboing Boing\Desktop\WeatherBug.lnk
[2014/05/25 19:56:42 | 000,001,072 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/25 19:53:13 | 000,001,058 | ---- | M] () -- C:\Users\Shaboing Boing\Desktop\Dropbox.lnk
[2014/05/25 19:45:55 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606004080-2999541650-1733327023-1001Core.job
[2014/05/25 19:45:42 | 000,000,552 | ---- | M] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014/05/25 19:32:03 | 000,000,045 | ---- | M] () -- C:\user.js
[2014/05/25 19:28:28 | 000,016,152 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2014/05/25 19:27:26 | 000,344,488 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/16 02:03:01 | 000,002,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
[2014/06/16 02:03:00 | 000,002,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
[2014/05/25 20:07:24 | 000,258,048 | ---- | C] () -- C:\Users\Shaboing Boing\AppData\Local\ChromeHitoryDB
[2014/05/25 19:59:50 | 000,001,119 | ---- | C] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/05/25 19:59:50 | 000,001,095 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/05/25 19:57:37 | 000,000,824 | ---- | C] () -- C:\Users\Shaboing Boing\Desktop\WeatherBug.lnk
[2014/05/25 19:56:41 | 000,001,072 | ---- | C] () -- C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/25 19:45:37 | 000,000,552 | ---- | C] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014/05/25 19:38:15 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/25 19:32:03 | 000,000,045 | ---- | C] () -- C:\user.js
[2014/05/25 19:31:38 | 000,139,600 | ---- | C] () -- C:\WINDOWS\SysNative\systemsf.ebd
[2014/05/25 19:29:23 | 000,262,335 | ---- | C] () -- C:\WINDOWS\SysNative\dfpinc.dat
[2014/05/25 19:27:25 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/05/25 19:27:25 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysNative\WimBootCompress.ini
[2014/05/25 19:26:42 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysWow64\RacRules.xml
[2014/05/25 19:26:42 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysNative\RacRules.xml
[2014/05/25 19:26:41 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-suggestions.searchconnector-ms
[2014/05/25 19:26:41 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-suggestions.searchconnector-ms
[2014/05/25 19:26:41 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-zeroinput.searchconnector-ms
[2014/05/25 19:26:41 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-zeroinput.searchconnector-ms
[2014/05/25 19:26:40 | 419,539,792 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014/05/25 19:26:31 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/05/25 19:26:31 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/05/25 19:26:27 | 000,050,053 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/05/25 19:26:24 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2014/04/13 02:29:16 | 000,000,258 | RHS- | C] () -- C:\Users\Shaboing Boing\ntuser.pol
[2014/03/18 05:40:55 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/18 04:55:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/03/13 02:31:49 | 000,000,074 | ---- | C] () -- C:\Users\Shaboing Boing\AppData\Roaming\sp_data.sys
[2013/10/29 23:48:56 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/29 23:48:56 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/29 23:48:56 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/01 23:44:46 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/07/25 16:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 16:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
[2014/03/18 05:11:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/19 23:48:41 | 021,232,792 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/19 21:20:53 | 018,679,216 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Attached Files

  • Attached File  OTL.Txt   277.71KB   149 downloads
  • Attached File  Extras.Txt   58.54KB   140 downloads
  • Attached File  JRT.txt   1.61KB   201 downloads

Edited by Essexboy, 16 June 2014 - 08:15 AM.

  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi there Oday78, wavey.gif.pagespeed.ce.4AQn4GwL8t.gif Welcome to the forums!
welcome.gif.pagespeed.ce.jM2aDq5TfO.gif. My name is Biscuithd and I will be assisting you with your Computer issues.

I know how upsetting it can be when one's computer is experiencing problems. I will try to help get things squared away. For a start please make sure that you...

  • Carefully read every post completely before doing anything.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • Do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

Give me the remainder of the day to assess your log and create a fix. Also, you've "attached" your Extras.txt, would you "Post" the Extras.txt as you've done with the OTL log. I'll need to see that to properly assess you machine.


  • 0

#3
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi Oday78,

 

I have a fix for you and additionally, a few tools that I'd like you to run. I know you've previously run JRT, but please run it again. Also, please run these tools in the order that I've specified below.

 

Run OTL as you've done previously.

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Command
[CreateRestorePoint] 
 
:OTL

PRC - [2014/05/29 22:26:50 | 000,640,000 | ---- | M] () -- C:\Program Files (x86)\Premium Software\systerm32.exe

MOD - [2014/05/29 22:26:50 | 000,640,000 | ---- | M] () -- C:\Program Files (x86)\Premium Software\systerm32.exe

MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\Premium Software\sqlite3.dll

O4 - HKLM..\Run: [Windows FUPM Service Manager] C:\Program Files (x86)\Premium Software\systerm32.exe ()

[2014/05/25 20:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software

O4 - HKLM..\Run: [Windows X64 Service Manager] C:\Program Files (x86)\FlashNow Updater\flsysio.exe ()

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service -- (SMUpd)

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found

O2:64bit: - BHO: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {2977d8cc-8902-4340-be88-2c676bf96b8d} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll File not found

O2:64bit: - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll File not found

O2 - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll File not found

O3:64bit: - HKLM\..\Toolbar: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - {2977d8cc-8902-4340-be88-2c676bf96b8d} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll File not found

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {2977d8cc-8902-4340-be88-2c676bf96b8d} - No CLSID value found.

O4 - HKCU..\Run: [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe File not found

O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} https://oovoowww3-a....vc/ooVooWeb.dll (ooVooWebCtrl Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35672B5C-855E-49EE-9280-5E69F08E4935}: DhcpNameServer = 40.52.1.201 40.52.1.203

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE231B59-6028-4360-8D4A-AC173F0FD641}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) -  File not found
:Files

C:\Program Files (x86)\Premium Software

C:\Program Files (x86)\FlashNow Updater
 
:Commands 
 
[EMPTYTEMP] 
[RESETHOSTS] 
[REBOOT] 
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

THEN

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next, download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  • Double click on zoek.exe to run.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
  • Click Options button below the large panel and check the box:

    Auto Clean
  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

 

Security Check

Download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Last, rerun OTL as you did previously, but this time just press the Quick Scan button. When OTL completes you will find one log, OTL.TXT. Please post that with the adwCleaner log, the Junkware log, the ZOEK log and the Security Log.


  • 0

#4
Oday78

Oday78

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Attached File  Extras.Txt   58.54KB   179 downloadsAttached File  Extras.Txt   58.54KB   179 downloads

 

thanks for help me, heres the extra.txt

 

 

 


  • 0

#5
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Sorry for my lack of clarity. What you are doing is "Attaching" the file. However, what I need you to do is Open the file in Notepad, Select All of the log, Copy the log, and Paste it into a response back to me. For the moment, forget about the Extras.txt file and go to Post #2 and begin the scans. At the end I will need you to Post the logs (not Attach) them into a post to me. It's fine if you want to do a fresh post for each log.

 

If any of this is not clear, let me know and I'll try different instructions. Often just a change of words (on my part) will add some clarity to what I'm saying. :)


  • 0

#6
Oday78

Oday78

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

lol I understand here is everything you need, p.s thanks again.

 

OTL Extras logfile created on: 6/16/2014 3:26:03 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Shaboing Boing\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.87 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.58% Memory free
7.75 Gb Paging File | 6.18 Gb Available in Paging File | 79.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.21 Gb Total Space | 405.76 Gb Free Space | 91.34% Space Free | Partition Type: NTFS
 
Computer Name: BOING | User Name: Shaboing Boing | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = internetshortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9E835905-E224-44C0-A818-B972D817FB78}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DB976C7D-0F91-4268-89D9-93C9888B22BF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033A751F-768E-4180-BF33-024B22DC14C5}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{07FA624F-5FCE-4F58-80CC-40870F0F6021}" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe |
"{0E9A5131-B22B-4037-8962-CEAC67D547E0}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{1520DA18-C58A-42F7-9A1C-954920BACA77}" = dir=in | name=skype |
"{15B0B2CD-8FBB-48FD-B421-5D7545FA63EF}" = protocol=6 | dir=in | app=c:\program files (x86)\tango\tango.exe |
"{1B05927C-B450-466F-B0D4-65F95ABD5A43}" = protocol=17 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{1D6B439C-58A7-481E-9AB4-4EC6AEF7B79A}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{23F764BD-6D96-455E-A7E3-59F3FD29B2A4}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{2803DE99-5046-4D95-B8E7-799881FD54BE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{292EF6AD-C899-4B20-9903-862AEF19EA86}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{3258299E-87BB-49AA-A691-6AF1671E5FA3}" = dir=out | name=check point vpn |
"{39B2243A-183A-47AD-9E41-799CB867AD22}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{3B1A3B60-7F84-443D-90ED-81D64F35E3C0}" = dir=out | name=sonicwall mobile connect |
"{3C4D8EFC-F60E-46F9-B448-E9C14A47BCCB}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4372D52F-DC00-4500-A9E9-A401AC443987}" = dir=out | name=@{microsoft.zunemusic_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{457DC7F2-AB3A-4939-A6A1-FD36FC138146}" = dir=out | name=windows_ie_ac_001 |
"{499DD63A-5B89-4F2D-87A1-C6BD68B174FA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4B383E95-E62A-4993-A5D7-6883F818C7DC}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5454C703-01C6-4215-9E0E-E5E09386657B}" = dir=out | name=pinball fx2 |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5B0B570F-5892-4288-9980-5081721D518D}" = dir=out | name=skype |
"{5B275CE5-8977-4517-9BA6-96241D009C9B}" = dir=out | name=kindle |
"{5CCC84A6-5B45-4E6F-A9C5-76BA93552762}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6666B86A-484D-49DF-ABCA-6FA5BC5D60AB}" = dir=in | name=juniper networks junos pulse |
"{6A5C4C61-1545-4455-8791-EDCE908AFDDE}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{752F3D48-FE4F-4E7B-9BE8-1A28FFC5C152}" = dir=out | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{7AB21AE4-0956-47DA-86B3-53466C638B30}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{7DDB678C-AD17-4EE6-8C24-64C1BF85C773}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7E1D3B01-EFEB-4117-B78C-CAEBBF124662}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8343C5A6-09B4-456A-8AC2-E86CC7AD0B19}" = protocol=6 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{85A4E2C8-C804-4833-9C8B-582A84E99CB2}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8811041D-38B9-4AD9-8A27-AA90E434F2CE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{91A5603A-12DC-4BDD-83CB-3F2003FDB8A9}" = dir=out | name=juniper networks junos pulse |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A43D371B-BD5E-47F0-8616-996FDFB1D772}" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe |
"{A5AFCE7F-0339-407C-B210-13750AC6F885}" = dir=in | name=check point vpn |
"{B9CFAA4C-C556-407E-9A24-8203E5D95D9E}" = dir=out | name=- games app - |
"{BD8690B6-10A2-41AA-9703-AC920D2A02CB}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{BE295637-A8EB-4C5F-9CC0-1871F0AE0051}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{BEB33731-36D4-47F3-B31B-B1A4D6BEC65B}" = dir=in | name=sonicwall mobile connect |
"{C0647A51-0461-471C-B621-93118A9C0B9C}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{C488F87D-525B-41C1-A6F6-BCA1E31FDA2B}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C5080664-47E3-4D90-A854-7A11C31A9063}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CC5852D6-DF02-4B97-985E-28C60BF6E4B4}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D00293C6-EC85-4291-A51F-688176DD6F08}" = protocol=17 | dir=in | app=c:\program files (x86)\tango\tango.exe |
"{D14D5BBE-EFAA-43FB-ABA3-66CAB04F9130}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{D2D998D4-98E7-45EE-80F6-A84ED746A497}" = dir=out | name=@{microsoft.zunevideo_1.5.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D39E27D8-4F3A-42E6-915D-21FC85B276C7}" = dir=out | name=f5 vpn |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DF1E7942-4478-43AF-BF0E-12D665B8F790}" = dir=in | name=pinball fx2 |
"{E610F554-C644-4903-A1B1-56650BBFFB8A}" = dir=out | name=windows_ie_ac_001 |
"{E6D5A438-3BBD-44DB-BD0C-545AE350CCD5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC0905EE-F270-4C3F-836F-B46229F1208B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECAE3BAF-F697-4ACA-9979-706393A0EEBE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{ECB00ACD-6BE2-43C6-8192-3548C7DA5984}" = dir=in | app=c:\users\shaboing boing\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{ED154E9A-C712-4A1D-BF1F-705DCAD79210}" = dir=out | name=netflix |
"{F00BCCCC-8950-468B-86B8-4A1D0124DC74}" = dir=in | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{F25A9A28-E3CA-4A6F-8DA7-DA126FF69A4D}" = dir=in | name=f5 vpn |
"{F5419318-3E23-432B-8BC1-766BAE88E9F9}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F7348718-179D-4D70-9607-C7C13B28E601}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7A733F5-080B-48F4-891F-7ADE2AC1854D}" = dir=out | name=fresh paint |
"{FB924A8D-F619-4D94-8C52-408EBB2D7E18}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"TCP Query User{1B073883-CBCA-475A-BABF-8760DE9567C2}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe |
"TCP Query User{4D829C3A-FB85-41B8-84B8-F1D5DC7ECD3F}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe |
"TCP Query User{56D16E1A-8BDE-431B-B5FC-FA32EE4BF173}C:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B4972206-58CA-493D-B977-CF2ADD6C76E1}C:\program files\webroot\wrsa.exe" = protocol=6 | dir=in | app=c:\program files\webroot\wrsa.exe |
"TCP Query User{CB2E5C15-6739-4D93-973F-95ED8B2E826A}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"TCP Query User{E8992478-459B-4BFD-AF58-CC947826C1BD}C:\program files (x86)\tango\tango.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tango\tango.exe |
"UDP Query User{0CFAEC62-3561-435B-BD5D-5F58179F98D0}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe |
"UDP Query User{185A6553-AD57-4604-874B-48E68FD9A118}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"UDP Query User{1EBFF834-7F6F-4643-82C5-1132CED0C289}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe |
"UDP Query User{346C98BB-11AF-4497-920B-D6EE519AB7AE}C:\program files\webroot\wrsa.exe" = protocol=17 | dir=in | app=c:\program files\webroot\wrsa.exe |
"UDP Query User{68AD7A2F-27C2-4CCA-9D2B-B1FE211A3E5F}C:\program files (x86)\tango\tango.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tango\tango.exe |
"UDP Query User{F2C8C45E-5262-4D15-9CE2-BA1265C1D5AF}C:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel® Trusted Execution Engine
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60E37FDF-D8C7-4DF3-8DEE-A4E2AAECF0BE}" = Intel® Trusted Execution Engine Driver
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87D47061-DA54-4409-8145-69E0542EF6D4}" = Intel® Trusted Execution Engine
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A" = Windows Driver Package - ASUS (ATP) Mouse  (09/17/2013 1.0.0.186)
"Level Quality Watcher" = SavingsBull
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C32CA36A-DA63-4D55-9B17-87C61033137D}" = NpackdCL
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9661090-C134-46E8-90B2-76D72355C2A6}" = Realtek PCIE Card Reader
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"ASIO4ALL" = ASIO4ALL
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9" = Intel® Sideband Fabric Device Driver
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"FL Studio 10" = FL Studio 10
"Golden" = Golden Records Vinyl to CD Converter
"Google Chrome" = Google Chrome
"Highlightly" = Highlightly
"ilividmoviestoolbar20CR" = Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.)
"ilividmoviestoolbar20IE" = Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"Like" = Like 1.2
"MixPad" = MixPad
"MyBitCast" = MyBitCast 2.0
"SoundTap" = SoundTap Streaming Audio Recorder
"Switch" = Switch Sound File Converter
"VideoPad" = VideoPad Video Editor
"Voxal" = Voxal Voice Changer
"WavePad" = WavePad Sound Editor
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-2f37a8f4-f44d-4d6a-afb3-80bbe9dc78b1" = Cut the Rope
"WTA-300528be-6cb0-4daf-9f1a-1ed861c3d155" = Bejeweled 3
"WTA-9516301f-005d-47c0-871c-7d6da0032d49" = Penguins!
"WTA-a9ab6aab-28ce-4502-b8b2-adc6cb75f60a" = Peggle
"WTA-b9847515-e6c4-4db4-b28f-d343a1997d25" = Tales of Lagoona
"WTA-baee0226-8abd-44de-acf0-4469c54acd02" = Azteca
"Yahoo! Companion" = Yahoo! Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Download App" = Download App
"Dropbox" = Dropbox
"OneDriveSetup.exe" = Microsoft OneDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/16/2014 3:15:24 AM | Computer Name = BOING | Source = VSS | ID = 8194
Description =
 
Error - 6/16/2014 3:20:07 AM | Computer Name = BOING | Source = VSS | ID = 12310
Description =
 
[ System Events ]
Error - 6/16/2014 3:15:27 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly.  It has done this
 1 time(s).  The following corrective action will be taken in 30000 milliseconds:
 Restart the service.
 
Error - 6/16/2014 3:15:27 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7031
Description = The Windows Modules Installer service terminated unexpectedly.  It
 has done this 1 time(s).  The following corrective action will be taken in 120000
 milliseconds: Restart the service.
 
Error - 6/16/2014 3:15:27 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7034
Description = The Volume Shadow Copy service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 6/16/2014 3:15:36 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly.  It has done this
 2 time(s).  The following corrective action will be taken in 5000 milliseconds:
 Restart the service.
 
Error - 6/16/2014 3:15:57 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
   %%3
 
Error - 6/16/2014 3:13:37 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000
Description = The Search Module Update service failed to start due to the following
 error:   %%2
 
Error - 6/16/2014 3:13:37 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000
Description = The SPDRIVER_1.36.1.172 service failed to start due to the following
 error:   %%3
 
Error - 6/16/2014 3:13:39 AM | Computer Name = BOING | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:13:33 AM on ?6/?16/?2014 was unexpected.
 
Error - 6/16/2014 3:13:43 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000
Description = The Search Module Update service failed to start due to the following
 error:   %%2
 
Error - 6/16/2014 3:13:43 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000
Description = The SPDRIVER_1.36.1.172 service failed to start due to the following
 error:   %%3
 
 
< End of report >

 

 

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Junkware Removal Tool (JRT) by Thisisu

 

Version: 6.1.4 (04.06.2014:1)

 

OS: Windows 8.1 x64

 

Ran by Shaboing Boing on Mon 06/16/2014 at 19:06:10.27

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

~~~ Services

 

 

 

 

~~~ Registry Values

 

 

 

 

~~~ Registry Keys

 

 

 

 

~~~ Files

 

 

 

 

~~~ Folders

 

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Scan was completed on Mon 06/16/2014 at 19:12:32.13

 

End of JRT log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

# AdwCleaner v3.212 - Report created 16/06/2014 at 19:05:21
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Shaboing Boing - BOING
# Running from : C:\Users\Shaboing Boing\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [25117 octets] - [16/06/2014 02:49:11]
AdwCleaner[R1].txt - [890 octets] - [16/06/2014 03:13:34]
AdwCleaner[R2].txt - [1008 octets] - [16/06/2014 19:05:46]
AdwCleaner[R3].txt - [1068 octets] - [16/06/2014 19:04:27]
AdwCleaner[S0].txt - [24408 octets] - [16/06/2014 02:50:17]
AdwCleaner[S1].txt - [950 octets] - [16/06/2014 03:15:27]
AdwCleaner[S2].txt - [991 octets] - [16/06/2014 19:05:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1050 octets] ##########

 

 Results of screen317's Security Check version 0.99.84 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Webroot SecureAnywhere  
Windows Defender        
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player  13.0.0.214 
 Google Chrome Npackd... 
 Google Chrome 35.0.1916.114 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

Zoek.exe v5.0.0.0 Updated 16-June-2014
Tool run by Shaboing Boing on Mon 06/16/2014 at 19:17:18.63.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Shaboing Boing\Downloads\zoek.exe [Scan all users]  [Checkboxes used]

==== System Restore Info ======================

6/16/2014 7:19:28 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\YahooAUService deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Yahoo! Companion deleted
C:\PROGRA~2\GUT6AA1.tmp deleted
C:\PROGRA~2\GUM6AA0.tmp deleted
C:\PROGRA~2\NCH Software\Components\NCHToolbars deleted
C:\PROGRA~2\Yahoo! deleted
C:\Users\Shaboing Boing\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\Yahoo! deleted
C:\PROGRA~3\SearchModule deleted
C:\Users\Shaboing Boing\AppData\Local\ilividmoviestoolbar20 deleted
C:\Users\Shaboing Boing\Downloads\avg_free_stb_all_2014_4577_cnet.exe deleted
C:\Users\Shaboing Boing\AppData\LocalLow\YahooCouponAddOn deleted
C:\Users\Shaboing Boing\AppData\LocalLow\Yahoo! deleted
C:\Users\Shaboing Boing\AppData\LocalLow\Yahoo! Companion deleted
C:\Users\Shaboing Boing\AppData\LocalLow\ilividmoviestoolbar20 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\user.js deleted
"C:\Users\Shaboing Boing\AppData\Local\ChromeHitoryDB" deleted
"C:\Users\Shaboing Boing\AppData\Roaming\Fixila" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{jid1-vS7biDmom8YxhA@jetpack}"="0\extensions\{jid1-vS7biDmom8YxhA@jetpack}" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cmclajginlihohopoeofghddnhpplhom - C:\Program Files (x86)\Highlightly\Chrome\cmclajginlihohopoeofghddnhpplhom.crx[]
eihhgekonheiliaidomffpplfhecmkag - No path found[]
kjeghcllfecehndceplomkocgfbklffd - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx[06/16/2014 02:02 AM]
okfhiodnpcnnnpgbjbhfebjnbagmfhab - C:\ProgramData\WRData\pkg\lpchrome.crx[06/16/2014 02:03 AM]

Google Voice Search Hotword (Beta) - Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Webroot Filtering Extension - Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd
Webroot Password Manager - Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...Box&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.co...Page={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-606004080-2999541650-1733327023-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{jid1-eFRcA0eiPxecTQ@jetpack} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{jid1-vS7biDmom8YxhA@jetpack} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Shaboing Boing\Desktop\Download App.lnk - C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe
C:\Users\Shaboing Boing\Desktop\Dropbox.lnk - C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Shaboing Boing\Desktop\WeatherBug.lnk - C:\Program Files (x86)\AWS\WeatherBug\Weather.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AudioWizard.lnk - C:\Program Files (x86)\Realtek\Audio\HDA\MaxxAudioControl64.exe
C:\Users\Public\Desktop\FL Studio 10.lnk - C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe
C:\Users\Public\Desktop\Golden Records Vinyl to CD Converter.lnk - C:\Program Files (x86)\NCH Software\Golden\golden.exe
C:\Users\Public\Desktop\Google Chrome.lnk - 
C:\Users\Public\Desktop\MixPad.lnk - C:\Program Files (x86)\NCH Software\MixPad\mixpad.exe
C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Public\Desktop\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\Switch\switch.exe
C:\Users\Public\Desktop\VideoPad Video Editor.lnk - C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe
C:\Users\Public\Desktop\WavePad Sound Editor.lnk - C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www-search.ne...70dcc3cff,&pi=1
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download App\Download App.lnk - C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download App\Uninstall Download App.lnk - C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive\Download App\uninst.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download App.lnk - C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe /HIDEWINDOW
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug\Uninstall WeatherBug.lnk - C:\WINDOWS\system32\msiexec.exe /x {297DCADA-86A1-4A42-8A13-66B7D7A09FD2}
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug\WeatherBug.lnk - C:\Program Files (x86)\AWS\WeatherBug\Weather.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashNow Updater\FlashNow Updater.lnk - C:\Program Files (x86)\FlashNow Updater\flcheck.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Install Webroot FF RunOnce.lnk - C:\Program Files (x86)\Common Files\wruninstall.exe -q -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Install Webroot IE RunOnce.lnk - C:\Program Files (x86)\Common Files\wruninstall.exe -p -name=webroot -ffuuid {8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} --disablenotes --disableidentities --disablevault --disablecontext
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere\Webroot SecureAnywhere.lnk - C:\Program Files\Webroot\WRSA.exe -showgui

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - 
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - 
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - 
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.ne...70dcc3cff,&pi=1
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.ne...70dcc3cff,&pi=1
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.ne...70dcc3cff,&pi=1
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - 
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - 
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Install.lnk - C:\eSupport\eDriver\AsInsWiz.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - 
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.ne...70dcc3cff,&pi=1

==== shortcuts After Repair ======================

C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eihhgekonheiliaidomffpplfhecmkag deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar20CR deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar20IE deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Shaboing Boing\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=89 folders=9 19210699 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Shaboing Boing\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\SHABOI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Mon 06/16/2014 at 19:07:42.60 ======================

 

OTL logfile created on: 6/16/2014 7:10:55 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Shaboing Boing\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.87 Gb Total Physical Memory | 2.82 Gb Available Physical Memory | 72.68% Memory free
7.75 Gb Paging File | 6.70 Gb Available in Paging File | 86.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.21 Gb Total Space | 410.20 Gb Free Space | 92.34% Space Free | Partition Type: NTFS
 
Computer Name: BOING | User Name: Shaboing Boing | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/16 03:25:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shaboing Boing\Downloads\OTL.exe
PRC - [2014/06/16 03:19:29 | 000,764,024 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe
PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/30 18:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/05/29 21:11:48 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/05/21 13:50:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/01/15 20:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/05/28 14:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/21 18:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/16 19:08:02 | 000,043,008 | ---- | M] () -- c:\Users\Shaboing Boing\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplddek7.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/16 03:19:29 | 000,764,024 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV:64bit: - [2014/03/18 05:47:33 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/18 05:44:46 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/18 05:44:46 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/18 05:43:34 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/03/08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/03/06 02:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/02/22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/27 11:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/12/10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/14 03:25:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/02 05:15:40 | 001,282,152 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/02 00:08:48 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/07/02 00:08:32 | 000,733,696 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel®
SRV - [2014/04/30 03:03:47 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/14 03:25:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/29 12:03:10 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/01/15 20:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/12/19 02:10:38 | 000,072,192 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2012/04/24 18:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/11/21 18:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/16 03:19:29 | 000,114,176 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)
DRV:64bit: - [2014/05/25 19:28:28 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2014/05/01 09:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/13 02:58:41 | 000,034,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\voxaldriverx64.sys -- (voxaldriver)
DRV:64bit: - [2014/04/13 02:58:33 | 000,033,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stdriverx64.sys -- (stdriver)
DRV:64bit: - [2014/03/19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 05:44:46 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/18 05:44:46 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/18 05:44:46 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/18 05:39:41 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 05:39:40 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 05:39:40 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 11:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/11/14 03:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 03:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 03:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 03:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/23 16:30:02 | 000,070,416 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013/09/16 08:18:10 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/16 08:14:16 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/22 18:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/22 18:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 02:09:18 | 000,027,904 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MBI.sys -- (MBI)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/02 00:10:20 | 000,087,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:64bit: - [2013/06/14 04:21:12 | 000,824,536 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/05/17 00:49:12 | 003,847,168 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/04/17 20:53:10 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2013/03/05 02:12:34 | 000,308,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/09/14 01:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/01 23:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012/05/30 23:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV - [2011/09/07 13:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 21:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&#38;pc=ASU2JS
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.safesear....&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?...10&ocid=U010DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Page={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Shaboing Boing\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Shaboing Boing\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Shaboing Boing\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shaboing Boing\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shaboing Boing\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
 
[2014/05/25 19:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shaboing Boing\AppData\Roaming\Mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Webroot Filtering Extension = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.0.0.32_0\
CHR - Extension: Google Wallet = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Webroot Password Manager = C:\Users\Shaboing Boing\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab\2.5.5_0\
 
O1 HOSTS File: ([2014/06/16 19:02:02 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O2:64bit: - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
O2 - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O2 - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O3 - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Shaboing Boing\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download App.lnk = C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe (CBS Interactive Inc.)
O4 - Startup: C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Shaboing Boing\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O9:64bit: - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll (Webroot)
O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll (Webroot)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE231B59-6028-4360-8D4A-AC173F0FD641}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/16 19:29:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014/06/16 19:29:38 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\Temp
[2014/06/16 19:17:13 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/06/16 19:07:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/06/16 03:23:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/06/16 03:19:29 | 000,103,816 | ---- | C] (Webroot) -- C:\WINDOWS\SysNative\WRusr.dll
[2014/06/16 02:49:55 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/06/16 02:48:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/16 02:32:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/06/16 02:06:21 | 000,153,256 | ---- | C] (Webroot) -- C:\WINDOWS\SysWow64\WRusr.dll
[2014/06/16 02:03:00 | 010,395,072 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[2014/06/16 02:02:44 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\lptmp616931311
[2014/06/16 02:02:20 | 000,114,176 | ---- | C] (Webroot) -- C:\WINDOWS\SysNative\drivers\WRkrn.sys
[2014/06/16 02:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
[2014/05/25 19:59:56 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\VS Revo Group
[2014/05/25 19:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/05/25 19:59:48 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\WINDOWS\SysNative\drivers\revoflt.sys
[2014/05/25 19:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/05/25 19:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/05/25 19:58:57 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\Desktop\Revo Uninstaller Pro v3.0.7
[2014/05/25 19:58:12 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\WeatherBug
[2014/05/25 19:58:12 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\CrashRpt
[2014/05/25 19:57:46 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\WeatherBug
[2014/05/25 19:57:35 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
[2014/05/25 19:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AWS
[2014/05/25 19:44:33 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Roaming\Mozilla
[2014/05/25 19:34:17 | 000,000,000 | ---D | C] -- C:\Users\Shaboing Boing\AppData\Local\Deployment
[2014/05/25 19:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashNow Updater
[2014/05/25 19:31:42 | 000,000,000 | -HSD | C] -- C:\Users\Shaboing Boing\AppData\Local\EmieUserList
[2014/05/25 19:31:42 | 000,000,000 | -HSD | C] -- C:\Users\Shaboing Boing\AppData\Local\EmieSiteList
[2014/05/25 19:26:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/16 19:28:55 | 000,002,240 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/16 19:28:55 | 000,001,896 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/16 19:28:55 | 000,001,844 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/16 19:17:13 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2014/06/16 19:08:15 | 000,000,074 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\sp_data.sys
[2014/06/16 19:07:38 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/16 19:06:50 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/16 19:06:50 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/16 19:06:50 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/16 19:04:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/16 19:03:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/16 19:02:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/16 19:02:20 | 3327,864,832 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/16 19:02:02 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts
[2014/06/16 03:56:00 | 000,000,956 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606004080-2999541650-1733327023-1001UA.job
[2014/06/16 03:54:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/16 03:19:29 | 000,153,256 | ---- | M] (Webroot) -- C:\WINDOWS\SysWow64\WRusr.dll
[2014/06/16 03:19:29 | 000,114,176 | ---- | M] (Webroot) -- C:\WINDOWS\SysNative\drivers\WRkrn.sys
[2014/06/16 03:19:29 | 000,103,816 | ---- | M] (Webroot) -- C:\WINDOWS\SysNative\WRusr.dll
[2014/06/16 02:45:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-606004080-2999541650-1733327023-1001UA.job
[2014/06/16 02:26:38 | 419,539,792 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/06/16 02:03:32 | 000,002,218 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
[2014/06/16 02:03:31 | 010,395,072 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[2014/06/16 02:03:31 | 000,002,218 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
[2014/06/16 01:53:23 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/25 19:59:50 | 000,001,119 | ---- | M] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/05/25 19:59:50 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/05/25 19:57:37 | 000,000,824 | ---- | M] () -- C:\Users\Shaboing Boing\Desktop\WeatherBug.lnk
[2014/05/25 19:56:42 | 000,001,072 | ---- | M] () -- C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/25 19:53:13 | 000,001,058 | ---- | M] () -- C:\Users\Shaboing Boing\Desktop\Dropbox.lnk
[2014/05/25 19:45:55 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606004080-2999541650-1733327023-1001Core.job
[2014/05/25 19:45:42 | 000,000,552 | ---- | M] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014/05/25 19:28:28 | 000,016,152 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2014/05/25 19:27:26 | 000,344,488 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2014/06/16 19:29:39 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2014/06/16 02:03:01 | 000,002,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
[2014/06/16 02:03:00 | 000,002,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
[2014/05/25 19:59:50 | 000,001,119 | ---- | C] () -- C:\Users\Shaboing Boing\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/05/25 19:59:50 | 000,001,095 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/05/25 19:57:37 | 000,000,824 | ---- | C] () -- C:\Users\Shaboing Boing\Desktop\WeatherBug.lnk
[2014/05/25 19:56:41 | 000,001,072 | ---- | C] () -- C:\Users\Shaboing Boing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/25 19:45:37 | 000,000,552 | ---- | C] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014/05/25 19:38:15 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/25 19:31:38 | 000,139,600 | ---- | C] () -- C:\WINDOWS\SysNative\systemsf.ebd
[2014/05/25 19:29:23 | 000,262,335 | ---- | C] () -- C:\WINDOWS\SysNative\dfpinc.dat
[2014/05/25 19:27:25 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/05/25 19:27:25 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysNative\WimBootCompress.ini
[2014/05/25 19:26:42 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysWow64\RacRules.xml
[2014/05/25 19:26:42 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysNative\RacRules.xml
[2014/05/25 19:26:41 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-suggestions.searchconnector-ms
[2014/05/25 19:26:41 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-suggestions.searchconnector-ms
[2014/05/25 19:26:41 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-zeroinput.searchconnector-ms
[2014/05/25 19:26:41 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-zeroinput.searchconnector-ms
[2014/05/25 19:26:40 | 419,539,792 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014/05/25 19:26:31 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/05/25 19:26:31 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/05/25 19:26:27 | 000,050,053 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/05/25 19:26:24 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2014/04/13 02:29:16 | 000,000,258 | RHS- | C] () -- C:\Users\Shaboing Boing\ntuser.pol
[2014/03/18 05:40:55 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/18 04:55:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/03/13 02:31:49 | 000,000,074 | ---- | C] () -- C:\Users\Shaboing Boing\AppData\Roaming\sp_data.sys
[2013/10/29 23:48:56 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/29 23:48:56 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/29 23:48:56 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/01 23:44:46 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/07/25 16:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 16:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
[2014/03/18 05:11:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 05:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 03:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/03/11 08:35:19 | 000,000,000 | ---D | M] -- C:\Users\Shaboing Boing\AppData\Roaming\ASUS WebStorage
[2014/04/13 02:16:16 | 000,000,000 | ---D | M] -- C:\Users\Shaboing Boing\AppData\Roaming\CBS Interactive
[2014/06/16 19:08:13 | 000,000,000 | ---D | M] -- C:\Users\Shaboing Boing\AppData\Roaming\Dropbox
[2014/06/16 19:08:08 | 000,000,000 | ---D | M] -- C:\Users\Shaboing Boing\AppData\Roaming\DropboxMaster
[2014/03/12 11:34:51 | 000,000,000 | ---D | M] -- C:\Users\Shaboing Boing\AppData\Roaming\IDM2
[2014/05/25 19:57:46 | 000,000,000 | ---D | M] -- C:\Users\Shaboing Boing\AppData\Roaming\WeatherBug
 
========== Purity Check ==========
 
 

< End of report >


Edited by Oday78, 16 June 2014 - 07:10 PM.

  • 0

#7
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

How's the machine running now?


  • 1

#8
Oday78

Oday78

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
It's running great tuvaro is gone when I open the browser, thanks a lot
  • 0

#9
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

You're logs are looking much better. A couple of more and scans and clean up and let see where we are.

 

Download Malwarebytes' Anti-Malware

 

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Threat Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

 

ESET Online Scanner:

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

 

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install.
  • Make sure that the option Remove found threats is unticked
  • If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first! located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt
  • Then paste the Logfile in the thread
  • Then click on: Finish

To summarize, please post back the ESET log and the MBAM log.


  • 0

#10
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Are you still with me? Is so, please post your MBAM and ESET logs. Thanks!! :)


  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP