ghostofunder Posted May 25, 2013 ID:683731 Share Posted May 25, 2013 My IE browser has been hijacked and my Chrome browser opens with a second tab for mix.dj searching. I've run Malwarebytes Anti-Virus and nothing is picked up. Any assistance would be greatly appreciated. I ran DDS and these are the logs:DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576Run by Donna at 16:45:01 on 2013-05-25Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3969.1438 [GMT -5:00].AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exeC:\Windows\system32\WLANExt.exeC:\Program Files\Common Files\SPBA\upeksvr.exeC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Program Files\CheckPoint\ZAForceField\IswSvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exeC:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskhost.exeC:\Program Files\CheckPoint\ZAForceField\ForceField.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exeC:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exeC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Windows\system32\o2flash.exeC:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exeC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exeC:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exeC:\Program Files (x86)\AVG\AVG2013\avgui.exeC:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\AVG\AVG2013\avgcfgex.exeC:\Windows\explorer.exeC:\Program Files (x86)\AVG\AVG2013\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2013\avgemca.exeC:\Program Files (x86)\AVG\AVG2013\avgnsa.exeC:\Program Files (x86)\AVG\AVG2013\avgrsa.exeC:\Program Files (x86)\AVG\AVG2013\avgcsrva.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exeC:\Program Files (x86)\KeePass Password Safe 2\KeePass.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskhost.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=&UM=2&ctid=CT3287822uDefault_Page_URL = hxxp://dell13-comm.msn.commWinlogon: Userinit = userinit.exeBHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dllBHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllTB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dllTB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dllTB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dllmRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLYmRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preloadStartupFolder: C:\Users\Donna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Donna\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\Donna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTS~1.LNK - C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: DisableCAD = dword:1IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllTCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12TCP: Interfaces\{036277A3-0881-4D18-9488-50C91EA115EE} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>LSA: Authentication Packages = msv1_0 wvauthmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dllx64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exex64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exex64-Run: [DFEPApplication] C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-5-5 20024]R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-5-6 22128]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-11-30 163840]R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-3-13 187912]R2 DFEPService;Dell Feature Enhancement Pack Service;C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-8-15 2280504]R2 EmbassyService;EmbassyService;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-11-20 225720]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-5-5 13632]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-7-27 636952]R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2012-11-22 828072]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-5-5 166432]R2 PbaDrvSvc_x64;Dell PBA x64 Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2012-11-23 20480]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-5 365600]R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-11-19 1758720]R3 dcdbas;System Management Driver;C:\Windows\System32\drivers\dcdbas64.sys [2012-9-23 39016]R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-5-23 169752]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-23 342528]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-5-5 358456]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-5-5 791608]R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2013-5-6 84712]R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2013-5-6 68208]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 WvPCR;WvPCR;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-11-8 254384]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-5-5 57856]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]S3 O2MDFRDR;O2MDFRDR;C:\Windows\System32\drivers\o2mdfw7x64.sys [2013-5-6 72808]S3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2013-5-6 74984]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-25 1255736].=============== Created Last 30 ================.2013-05-25 14:44:35 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-05-25 14:06:57 -------- d-----w- C:\Program Files (x86)\InCode Solutions2013-05-25 10:11:27 -------- d-----w- C:\Program Files (x86)\MSXML 4.02013-05-25 08:58:30 -------- d-----w- C:\Windows\SysWow64\Wat2013-05-25 08:58:30 -------- d-----w- C:\Windows\System32\Wat2013-05-25 08:23:01 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-05-25 08:22:59 363008 ----a-w- C:\Windows\System32\dxgi.dll2013-05-25 04:26:58 -------- d-----w- C:\Users\Donna\AppData\Roaming\Malwarebytes2013-05-25 04:26:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-05-25 04:26:47 -------- d-----w- C:\ProgramData\Malwarebytes2013-05-25 04:26:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-05-25 00:31:11 -------- d-----w- C:\Users\Donna\AppData\Local\Microsoft Games2013-05-25 00:28:33 -------- d-----w- C:\Program Files\Microsoft Games2013-05-24 18:57:21 -------- d-----w- C:\Windows\System32\appmgmt2013-05-24 18:42:21 -------- d-----w- C:\Program Files (x86)\Conduit2013-05-24 18:42:00 -------- d-----w- C:\Users\Donna\AppData\Local\Conduit2013-05-24 18:40:47 -------- d-----w- C:\Users\Donna\AppData\Local\CRE2013-05-24 10:55:57 -------- dc----w- C:\Users\Donna\AppData\Local\MigWiz2013-05-24 02:58:49 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 22013-05-24 02:46:24 -------- d-----w- C:\Users\Donna\AppData\Local\DoNotTrackPlus2013-05-24 02:36:09 -------- d-----r- C:\Users\Donna\Dropbox2013-05-24 02:29:29 -------- d-----w- C:\Users\Donna\AppData\Roaming\Dropbox2013-05-24 02:02:55 -------- d-----w- C:\Users\Donna\AppData\Roaming\KeePass2013-05-24 02:01:22 -------- d-----w- C:\Users\Donna\AppData\Local\Programs2013-05-24 01:04:15 -------- d-----w- C:\Users\Donna\AppData\Local\Thunderbird2013-05-24 01:04:11 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service2013-05-24 00:39:00 -------- d-----w- C:\Users\Donna\AppData\Roaming\CheckPoint2013-05-24 00:38:56 -------- d-----w- C:\Program Files\CheckPoint2013-05-24 00:38:03 -------- d-----w- C:\Program Files (x86)\Check Point Software Technologies LTD2013-05-24 00:38:01 -------- d-----w- C:\Users\Donna\AppData\Roaming\Check Point Software Technologies LTD2013-05-24 00:37:58 -------- d-----w- C:\Program Files (x86)\CheckPoint2013-05-24 00:36:57 -------- d-----w- C:\ProgramData\CheckPoint2013-05-24 00:05:57 -------- d-----w- C:\Users\Donna\AppData\Roaming\AVG20132013-05-24 00:05:36 -------- d-----w- C:\Users\Donna\AppData\Roaming\TuneUp Software2013-05-24 00:05:25 -------- d--h--w- C:\$AVG2013-05-24 00:05:25 -------- d-----w- C:\ProgramData\AVG20132013-05-24 00:05:03 -------- d-----w- C:\Program Files (x86)\AVG2013-05-24 00:02:14 -------- d--h--w- C:\ProgramData\Common Files2013-05-24 00:02:14 -------- d-----w- C:\Users\Donna\AppData\Local\MFAData2013-05-24 00:02:14 -------- d-----w- C:\Users\Donna\AppData\Local\Avg20132013-05-24 00:02:14 -------- d-----w- C:\ProgramData\MFAData2013-05-23 23:51:29 -------- d-----w- C:\Program Files (x86)\VS Revo Group2013-05-23 23:51:27 -------- d-----w- C:\Program Files (x86)\SweetIM2013-05-23 23:48:42 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery2013-05-23 23:41:45 -------- d-----w- C:\Users\Donna\AppData\Local\Google2013-05-23 23:41:33 -------- d-----w- C:\Users\Donna\AppData\Local\Apps2013-05-23 23:41:32 -------- d-----w- C:\Users\Donna\AppData\Local\Deployment2013-05-23 23:31:24 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2013-05-23 23:28:23 -------- d-----w- C:\Users\Donna\AppData\Roaming\Intel Corporation2013-05-23 23:28:19 0 ----a-w- C:\Windows\invcol.tmp2013-05-23 23:27:09 -------- d-----r- C:\Users\Donna\Virtual Machines2013-05-23 23:27:03 -------- d-----w- C:\Users\Donna\AppData\Local\Dell2013-05-23 23:26:49 -------- d-----w- C:\Users\Donna\AppData\Local\VirtualStore2013-05-23 23:26:35 2622464 ----a-w- C:\Windows\System32\wucltux.dll2013-05-23 23:26:26 99840 ----a-w- C:\Windows\System32\wudriver.dll2013-05-23 23:26:15 36864 ----a-w- C:\Windows\System32\wuapp.exe2013-05-23 23:26:15 186752 ----a-w- C:\Windows\System32\wuwebv.dll2013-05-06 05:51:40 6102016 ----a-w- C:\Windows\System32\stlang64.dll2013-05-06 05:51:40 1821184 ----a-w- C:\Windows\System32\IDTNC64.cpl2013-05-06 05:51:37 -------- d-----w- C:\Program Files\IDT2013-05-06 05:51:19 -------- d-----w- C:\Intel2013-05-06 05:51:09 22128 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys2013-05-06 05:50:44 -------- d-----w- C:\Windows\devcon2013-05-06 05:46:09 -------- d-----w- C:\Program Files\STMicroelectronics2013-05-06 05:45:27 -------- d-----w- C:\Program Files\DellTPad2013-05-06 05:43:15 360832 ----a-w- C:\Windows\System32\drivers\vpcvmm.sys2013-05-06 05:42:52 503808 ----a-w- C:\Windows\System32\srcore.dll2013-05-06 05:34:13 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2712.dll2013-05-06 05:33:46 440592 ----a-w- C:\Windows\System32\drivers\b57nd60a.sys2013-05-06 05:32:47 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll2013-05-06 05:32:47 4746304 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS2013-05-06 05:32:47 3952640 ----a-w- C:\Windows\System32\bcmihvsrv64.dll2013-05-06 05:32:47 3617792 ----a-w- C:\Windows\System32\bcmihvui64.dll2013-05-06 05:32:45 68208 ----a-w- C:\Windows\System32\drivers\ST_ACCEL.sys2013-05-06 05:32:45 65136 ----a-w- C:\Windows\System32\stdcfltnco02.dll2013-05-06 05:32:45 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll2013-05-06 05:28:35 -------- d-----w- C:\Windows\System32\oem2013-05-06 05:28:33 -------- d-----w- C:\Drivers2013-05-06 04:36:22 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation2013-05-06 04:30:55 -------- d-----w- C:\ProgramData\Trend Micro2013-05-06 04:29:20 -------- d-----w- C:\Windows\{69093D49-3DD1-4FB5-A378-0D4DB4CF86EA}2013-05-06 04:29:12 -------- d-----w- C:\Windows\en2013-05-06 04:29:04 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-05-06 04:28:32 57856 ----a-w- C:\Windows\System32\drivers\fssfltr.sys2013-05-06 04:28:19 -------- d-----w- C:\Windows\PCHEALTH2013-05-06 04:27:36 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll2013-05-06 04:27:36 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll2013-05-06 04:27:36 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll2013-05-06 04:27:36 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll2013-05-06 04:27:36 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll2013-05-06 04:27:36 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll2013-05-06 04:27:36 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll2013-05-06 04:27:36 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll2013-05-06 04:27:19 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll2013-05-06 04:27:19 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll2013-05-06 04:27:02 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll2013-05-06 04:27:02 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll2013-05-06 04:26:01 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d0785c5a1ce4a1104\DSETUP.dll2013-05-06 04:26:01 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d0785c5a1ce4a1104\DXSETUP.exe2013-05-06 04:26:01 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d0785c5a1ce4a1104\dsetup32.dll2013-05-06 04:26:00 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfbeb1041ce4a1101\DSETUP.dll2013-05-06 04:26:00 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d00d3e6d1ce4a1102\DSETUP.dll2013-05-06 04:26:00 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d00d3e6d1ce4a1102\DXSETUP.exe2013-05-06 04:26:00 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfbeb1041ce4a1101\DXSETUP.exe2013-05-06 04:26:00 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d00d3e6d1ce4a1102\dsetup32.dll2013-05-06 04:26:00 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfbeb1041ce4a1101\dsetup32.dll2013-05-06 04:25:59 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live2013-05-06 04:25:29 -------- d-----w- C:\Windows\{7197954C-D1BE-4A17-8E69-52FDC4010A30}2013-05-06 04:20:31 93288 ----a-w- C:\Windows\dcmdev64.exe2013-05-06 04:20:31 382056 ----a-w- C:\Windows\hapint.exe2013-05-06 04:20:31 335464 ----a-w- C:\Windows\dchcfg64.exe2013-05-06 04:20:29 459880 ----a-w- C:\Windows\System32\dchbas64.dll2013-05-06 04:20:29 322664 ----a-w- C:\Windows\System32\dchapi64.dll2013-05-06 04:20:26 -------- d-----w- C:\Program Files (x86)\Dell2013-05-06 04:20:08 -------- d-----w- C:\apps2013-05-06 04:20:06 -------- d-----w- C:\ProgramData\Security Innovation2013-05-06 04:20:06 -------- d-----w- C:\Program Files (x86)\Security Innovation2013-05-06 04:19:44 -------- d-----w- C:\Program Files\Fingerprint Sensor2013-05-06 04:19:19 -------- d-----w- C:\Program Files\Common Files\SPBA2013-05-06 04:19:19 -------- d-----w- C:\Program Files (x86)\Common Files\SPBA2013-05-06 04:18:52 -------- d-----w- C:\Program Files (x86)\Gemalto2013-05-06 04:18:42 -------- d-----w- C:\Program Files (x86)\O2Micro OZ776 SCR Driver2013-05-06 04:18:23 -------- d-----w- C:\Windows\Downloaded Installations2013-05-06 04:18:17 40960 ----a-w- C:\Windows\SysWow64\ct32O2.dll2013-05-06 04:18:17 40960 ----a-w- C:\Windows\System32\ct32O2.dll2013-05-06 04:18:08 -------- d-----w- C:\ProgramData\Wave Systems Corp2013-05-06 04:15:46 121344 ----a-w- C:\Windows\System32\basp.dll2013-05-06 04:15:45 -------- d-----w- C:\Program Files\Broadcom2013-05-06 04:15:32 -------- d-----w- C:\Windows\Dell2013-05-06 04:14:44 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll2013-05-06 04:14:43 791608 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys2013-05-06 04:14:43 358456 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys2013-05-06 04:14:43 20024 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys2013-05-06 04:14:37 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll2013-05-06 04:13:39 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent2013-05-06 04:13:34 -------- d-----w- C:\Program Files (x86)\Cisco2013-05-06 04:12:56 1131520 ----a-w- C:\Windows\System32\BCMLogon.dll2013-05-06 04:12:53 8225280 ----a-w- C:\Windows\System32\BCMWLCPL.CPL2013-05-06 04:12:53 73728 ----a-w- C:\Windows\System32\wltrynt.dll2013-05-06 04:12:53 6656 ----a-w- C:\Windows\System32\bcmwlrc.dll2013-05-06 04:12:53 4993024 ----a-w- C:\Windows\System32\bcmttls.dll2013-05-06 04:12:53 4961800 ----a-w- C:\Windows\SysWow64\vcredist_x64.exe2013-05-06 04:12:53 446 ----a-w- C:\Windows\SysWow64\vcredist_x64.bat2013-05-06 04:12:53 445 ----a-w- C:\Windows\System32\vcredist_x64.bat2013-05-06 04:12:53 35344 ----a-w- C:\Windows\System32\drivers\npf.sys2013-05-06 04:12:53 3161088 ----a-w- C:\Windows\System32\vcredist_x64.exe2013-05-06 04:12:53 22592 ----a-w- C:\Windows\System32\drivers\bcm42rly.sys2013-05-06 04:12:52 -------- d-----w- C:\Program Files\Dell2013-05-06 04:11:34 -------- d-----w- C:\Program Files (x86)\ST Microelectronics2013-05-06 04:11:33 -------- d-----w- C:\Program Files\Windows XP Mode2013-05-06 03:56:52 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-06 03:56:52 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-05-06 03:56:43 -------- d-----w- C:\Program Files\Dell Inc.==================== Find3M ====================.2013-05-25 08:23:01 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-05-25 08:22:59 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll2013-05-06 05:43:09 936448 ----a-w- C:\Windows\System32\vmsal.exe2013-05-06 05:42:52 478208 ----a-w- C:\Windows\System32\dpnet.dll2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-03-29 07:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-03-21 08:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe2013-03-14 04:14:20 279024 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe2013-03-14 04:14:18 515568 ----a-w- C:\Windows\System32\igfxsrvc.exe2013-03-14 04:14:18 442352 ----a-w- C:\Windows\System32\igfxpers.exe2013-03-14 04:14:18 254960 ----a-w- C:\Windows\System32\igfxext.exe2013-03-14 04:14:18 172016 ----a-w- C:\Windows\System32\igfxtray.exe2013-03-14 04:14:16 5905904 ----a-w- C:\Windows\System32\GfxUI.exe2013-03-14 04:14:16 399856 ----a-w- C:\Windows\System32\hkcmd.exe2013-03-14 04:14:16 185840 ----a-w- C:\Windows\System32\difx64.exe2013-02-27 17:58:36 342528 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys2013-02-27 17:58:36 16896 ----a-w- C:\Windows\System32\IntcDAuC.dll2013-02-27 17:58:16 116224 ----a-w- C:\Windows\System32\igfxCoIn_v3040.dll2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll.============= FINISH: 16:45:30.73 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2Install Date: 5/23/2013 6:25:47 PMSystem Uptime: 5/25/2013 7:18:40 AM (9 hours ago).Motherboard: Dell Inc. | | 0MYF02Processor: Intel® Core i3-3120M CPU @ 2.50GHz | SOCKET 0 | 1200/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 297 GiB total, 259.805 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP12: 5/23/2013 6:25:55 PM - Windows UpdateRP13: 5/23/2013 6:29:55 PM - Dell UpdatesRP14: 5/23/2013 6:31:25 PM - Windows UpdateRP15: 5/23/2013 7:04:45 PM - Installed AVG 2013RP16: 5/23/2013 7:05:09 PM - Installed AVG 2013RP17: 5/24/2013 1:43:57 PM - Revo Uninstaller's restore point - Free Spider Solitaire v4.0RP18: 5/24/2013 1:57:01 PM - Removed Internet Explorer Toolbar 4.8 by SweetPacksRP19: 5/24/2013 7:28:20 PM - Windows Modules InstallerRP20: 5/25/2013 3:00:28 AM - Windows UpdateRP21: 5/25/2013 5:09:56 AM - Windows Update.==== Installed Programs ======================.7-Zip 9.21Adobe Flash Player 11 ActiveXAuthenTec WinBio FingerPrint Software 64-bitAVG 2013Broadcom NetXtreme-I Netlink Driver and Management InstallerCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleCustomD3DX10Dell Client System UpdateDell Data Protection | AccessDell Digital DeliveryDell Edoc ViewerDell Feature Enhancement PackDell TouchpadDellAccessDropboxDW WLAN Card UtilityEMBASSY Client CoreERAS ConnectorGemaltoGemPcCCIDGoogle ChromeGoogle Update HelperIntel® Control CenterIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® SDK for OpenCL - CPU Only Runtime PackageIntel® USB 3.0 eXtensible Host Controller DriverIntel® Trusted Connect Service ClientJunk Mail filter updateKeePass Password Safe 2.22Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Movie MakerMozilla Maintenance ServiceMozilla Thunderbird 17.0.6 (x86 en-US)MSVCRTMSVCRT_amd64MSVCRT110MSVCRT110_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)O2Micro OZ776 SCR DriverPBA DriverPhoto CommonPhoto GalleryPreboot ManagerPrivate Information ManagerRemoveIT Pro v4 - SERevo Uninstaller 1.94Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)SI TSSSPBA (WBF) 5.9ST Microelectronics 3 Axis Digital Accelerometer Solutiontoolkit32for64bitTrusted Drive ManagerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Visual Studio 2010 x64 RedistributablesWave Crypto Runtime 2.0.9.0 x64Wave Crypto Runtime 2.0.9.0 x86Wave Infrastructure InstallerWave Support Software InstallerWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZoneAlarm FirewallZoneAlarm Free FirewallZoneAlarm LTD ToolbarZoneAlarm SecurityZoneAlarm Security Toolbar .==== Event Viewer Messages From Past Week ========.5/25/2013 9:47:03 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.5/25/2013 5:13:02 AM, Error: Service Control Manager [7001] - The WvPCR service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.5/25/2013 5:13:02 AM, Error: Service Control Manager [7001] - The SI TSS v1.2.1.41 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.5/25/2013 5:11:58 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.5/25/2013 4:05:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2847204).5/25/2013 4:05:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2829530).5/25/2013 4:02:04 AM, Error: Service Control Manager [7023] - 5/25/2013 3:30:58 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).5/25/2013 3:28:06 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).5/24/2013 5:40:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DFEPService service.5/24/2013 5:38:43 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000010, 0x0000000000000002, 0x0000000000000000, 0xfffff88002e753d8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 052413-44522-01.5/23/2013 7:39:13 PM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.5/23/2013 6:51:49 PM, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.5/23/2013 6:48:40 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 2 time(s).5/23/2013 6:38:23 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s)..==== End Of File =========================== Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 25, 2013 Staff ID:683739 Share Posted May 25, 2013 Hello ghostofunder I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.[*]Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.[*]Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.[*]Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.-AdwCleaner-Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[s1].txt as well.-Junkware-Removal-Tool-Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.When they are complete let me have the two reports and let me know how things are running.Gringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:683770 Share Posted May 26, 2013 Thanks the reply Gringo. Here are the two files:# AdwCleaner v2.301 - Logfile created 05/25/2013 at 20:01:07# Updated 16/05/2013 by Xplode# Operating system : Windows 7 Professional Service Pack 1 (64 bits)# User : Donna - DONNA-NEW# Boot Mode : Normal# Running from : C:\Users\Donna\Desktop\AdwCleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****Folder Found : C:\Users\Donna\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar***** [Registry] *****Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApiKey Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcjKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD ToolbarValue Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16576[OK] Registry is clean.-\\ Google Chrome v27.0.1453.94File : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\PreferencesFound [l.3262] : urls_to_restore_on_startup = [ "hxxps://fclaweb.fcla.edu/", "hxxp://search.conduit.com/?ctid=CT3287822&SearchSource=48&CUI=UN32803421331684431&UM=2" ]*************************AdwCleaner[R1].txt - [2845 octets] - [25/05/2013 20:01:07]########## EOF - C:\AdwCleaner[R1].txt - [2905 octets] ##########Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Professional x64Ran by Donna on Sat 05/25/2013 at 19:48:52.97~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3759848468-541695144-1953164835-1000\Software\Microsoft\Internet Explorer\Main\\Start Page~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepaneSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetimSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetimSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopesSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escorteng.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.toolSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3287822Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B5F55283-0BE1-4A44-9C68-AFEF9B24C8DD}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D1E467CD-9079-4406-BDB5-9B3C71F22A6A}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}~~~ FilesSuccessfully deleted: [File] "C:\end"~~~ FoldersSuccessfully deleted: [Folder] "C:\Users\Donna\appdata\local\conduit"Successfully deleted: [Folder] "C:\Users\Donna\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"~~~ Event Viewer Logs were cleared Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:683773 Share Posted May 26, 2013 Seems to be gone from IE but still shows up when I open Chrome. Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 26, 2013 Staff ID:683780 Share Posted May 26, 2013 Hello ghostofunder I Would like you to do the following.Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts. When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:683875 Share Posted May 26, 2013 I ran Combofix but am now having severe problems. I was unable to save the log file on the infected laptop. When I tried to open the instructions I saved in notepad, when I try to launch Chrome and when I tried to open the Snipping too I get the the error "Illegal operation attempted on a registry key that it marked for deletion". Obviously I'm posting this from a different machine. Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:683877 Share Posted May 26, 2013 Uh Oh! When I was unable to save the log file on the infected laptop I tried saving it to my Dropbox. I opened Dropbox on the laptop I'm currently using and mix.dj is now on this machine too. Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 26, 2013 Staff ID:683980 Share Posted May 26, 2013 Please read my instruction paying attention to note2 - restart the computer and send me the report - we will clean up this other computer when we are done with this one Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:683987 Share Posted May 26, 2013 In other words, go through the same process, right? Stating with running AdwCleaner? Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 26, 2013 Staff ID:684000 Share Posted May 26, 2013 No read post 5 in those instruction show how to run combofix and I give a special note to pay attention that if you get the error that you had gotten that the only thing that needs to be done is restart the computerthat is what I want you to do now - restart the computer and send me the report - all future reference please read all the instructionsgringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:684001 Share Posted May 26, 2013 Ignore previous post. I reread you message incorrectly. The max.dj search table is still present. Here is the log:ComboFix 13-05-25.02 - Donna 05/26/2013 8:00.1.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3969.2604 [GMT -4:00]Running from: c:\users\Donna\Desktop\ComboFix.exeAV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\security\Database\tmp.edb..((((((((((((((((((((((((( Files Created from 2013-04-26 to 2013-05-26 )))))))))))))))))))))))))))))))..2013-05-26 12:07 . 2013-05-26 12:07 -------- d-----w- c:\users\Default\AppData\Local\temp2013-05-26 02:13 . 2013-05-26 02:13 -------- d-----w- c:\program files (x86)\Common Files\Java2013-05-26 02:13 . 2013-05-26 02:13 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-05-26 02:13 . 2013-05-26 02:13 -------- d-----w- c:\program files (x86)\Java2013-05-26 01:57 . 2013-05-26 01:58 -------- d-----w- c:\programdata\Cisco2013-05-26 01:50 . 2013-05-26 02:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-05-26 01:50 . 2013-05-26 02:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-05-26 01:50 . 2013-05-26 01:50 -------- d-----w- c:\programdata\McAfee2013-05-26 00:48 . 2013-05-26 00:48 -------- d-----w- c:\windows\ERUNT2013-05-26 00:48 . 2013-05-26 00:48 -------- d-----w- C:\JRT2013-05-25 14:44 . 2013-05-25 14:56 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-05-25 14:06 . 2013-05-25 14:06 -------- d-----w- c:\program files (x86)\InCode Solutions2013-05-25 13:49 . 2013-05-25 13:49 -------- d-----w- c:\program files (x86)\7-Zip2013-05-25 10:11 . 2013-05-25 10:11 -------- d-----w- c:\program files (x86)\MSXML 4.02013-05-25 10:10 . 2013-05-03 21:15 75016696 ----a-w- c:\windows\system32\MRT.exe2013-05-25 08:58 . 2013-05-25 08:58 -------- d-----w- c:\windows\SysWow64\Wat2013-05-25 08:58 . 2013-05-25 08:58 -------- d-----w- c:\windows\system32\Wat2013-05-25 08:23 . 2013-05-25 08:23 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-05-25 08:22 . 2013-05-25 08:22 363008 ----a-w- c:\windows\system32\dxgi.dll2013-05-25 04:26 . 2013-05-25 04:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-05-25 04:26 . 2013-05-25 04:26 -------- d-----w- c:\programdata\Malwarebytes2013-05-25 04:26 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-05-25 00:28 . 2013-05-25 00:28 -------- d-----w- c:\program files\Microsoft Games2013-05-24 18:57 . 2013-05-24 18:57 -------- d-----w- c:\windows\system32\appmgmt2013-05-24 02:58 . 2013-05-24 02:58 -------- d-----w- c:\program files (x86)\KeePass Password Safe 22013-05-24 01:04 . 2013-05-24 01:04 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service2013-05-24 01:04 . 2013-05-24 01:04 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird2013-05-24 00:38 . 2013-05-24 00:38 -------- d-----w- c:\program files\CheckPoint2013-05-24 00:38 . 2013-05-24 00:38 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD2013-05-24 00:37 . 2013-05-24 00:38 -------- d-----w- c:\program files (x86)\CheckPoint2013-05-24 00:36 . 2013-05-24 00:36 -------- d-----w- c:\programdata\CheckPoint2013-05-24 00:05 . 2013-05-24 00:05 -------- d-----w- c:\programdata\AVG20132013-05-24 00:05 . 2013-05-24 00:05 -------- d-----w- C:\$AVG2013-05-24 00:05 . 2013-05-24 00:05 -------- d-----w- c:\program files (x86)\AVG2013-05-24 00:02 . 2013-05-25 22:47 -------- d-----w- c:\programdata\MFAData2013-05-24 00:02 . 2013-05-24 00:02 -------- d--h--w- c:\programdata\Common Files2013-05-23 23:51 . 2013-05-23 23:51 -------- d-----w- c:\program files (x86)\VS Revo Group2013-05-23 23:48 . 2013-05-23 23:48 -------- d-----w- c:\program files (x86)\Dell Digital Delivery2013-05-23 23:41 . 2013-05-23 23:42 -------- d-----w- c:\program files (x86)\Google2013-05-23 23:31 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys2013-05-23 23:28 . 2013-05-23 23:28 0 ----a-w- c:\windows\invcol.tmp2013-05-23 23:26 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll2013-05-23 23:26 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe2013-05-23 23:26 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll2013-05-23 23:26 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll2013-05-23 23:26 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll2013-05-23 23:26 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll2013-05-23 23:26 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll2013-05-23 23:26 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll2013-05-23 23:26 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe2013-05-23 23:25 . 2013-05-24 02:36 -------- d-----w- c:\users\Donna2013-05-06 05:51 . 2012-09-20 16:56 6102016 ----a-w- c:\windows\system32\stlang64.dll2013-05-06 05:51 . 2012-09-20 16:56 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl2013-05-06 05:51 . 2013-05-06 05:51 -------- d-----w- c:\program files\IDT2013-05-06 05:51 . 2013-05-23 23:32 -------- d-----w- c:\program files (x86)\Intel2013-05-06 05:51 . 2013-05-23 23:30 -------- d-----w- C:\Intel2013-05-06 05:51 . 2013-05-06 05:51 -------- d-----w- c:\program files\DIFX2013-05-06 05:51 . 2013-05-06 04:28 -------- dc----w- c:\windows\system32\DRVSTORE2013-05-06 05:51 . 2011-07-16 04:31 22128 ----a-w- c:\windows\system32\drivers\stdcfltn.sys2013-05-06 05:50 . 2013-05-06 05:50 -------- d-----w- c:\windows\devcon2013-05-06 05:46 . 2013-05-06 05:46 -------- d-----w- c:\program files\STMicroelectronics2013-05-06 05:43 . 2013-05-06 05:43 360832 ----a-w- c:\windows\system32\drivers\vpcvmm.sys2013-05-06 05:42 . 2013-05-06 05:42 503808 ----a-w- c:\windows\system32\srcore.dll2013-05-06 05:34 . 2013-02-22 19:48 9007616 ----a-w- c:\windows\system32\igfxress.dll2013-05-06 05:33 . 2012-05-15 23:31 440592 ----a-w- c:\windows\system32\drivers\b57nd60a.sys2013-05-06 05:32 . 2011-10-27 07:44 4746304 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS2013-05-06 05:32 . 2011-10-27 07:44 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll2013-05-06 05:32 . 2011-10-27 07:38 3952640 ----a-w- c:\windows\system32\bcmihvsrv64.dll2013-05-06 05:32 . 2011-10-27 07:38 3617792 ----a-w- c:\windows\system32\bcmihvui64.dll2013-05-06 05:32 . 2012-05-21 06:54 68208 ----a-w- c:\windows\system32\drivers\ST_ACCEL.sys2013-05-06 05:32 . 2012-05-21 06:54 65136 ----a-w- c:\windows\system32\stdcfltnco02.dll2013-05-06 05:32 . 2012-05-21 06:54 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll2013-05-06 05:28 . 2013-05-23 23:35 -------- d-----w- c:\windows\system32\oem2013-05-06 05:28 . 2013-05-06 05:34 -------- d-----w- C:\Drivers2013-05-06 04:36 . 2013-05-06 04:36 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation2013-05-06 04:30 . 2013-05-24 00:46 -------- d-----w- c:\programdata\Trend Micro2013-05-06 04:29 . 2013-05-06 04:29 -------- d-----w- c:\windows\{69093D49-3DD1-4FB5-A378-0D4DB4CF86EA}2013-05-06 04:29 . 2013-05-06 04:29 -------- d-----w- c:\windows\en2013-05-06 04:29 . 2013-05-06 04:29 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition2013-05-06 04:28 . 2012-09-12 20:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys2013-05-06 04:28 . 2013-05-06 04:28 -------- d-----w- c:\program files\Windows Live2013-05-06 04:28 . 2013-05-06 04:28 -------- d-----w- c:\windows\PCHEALTH2013-05-06 04:28 . 2013-05-06 04:28 -------- d-----w- c:\program files (x86)\Windows Live2013-05-06 04:27 . 2010-06-02 09:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll2013-05-06 04:27 . 2010-06-02 09:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll2013-05-06 04:27 . 2010-06-02 09:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll2013-05-06 04:27 . 2010-06-02 09:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll2013-05-06 04:27 . 2010-05-26 16:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll2013-05-06 04:27 . 2010-05-26 16:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll2013-05-06 04:27 . 2010-05-26 16:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll2013-05-06 04:27 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll2013-05-06 04:27 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll2013-05-06 04:27 . 2009-09-04 22:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll2013-05-06 04:27 . 2006-11-29 18:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll2013-05-06 04:27 . 2006-11-29 18:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll2013-05-06 04:25 . 2013-05-06 04:25 -------- d-----w- c:\program files (x86)\Common Files\Windows Live2013-05-06 04:25 . 2013-05-23 23:30 -------- d-----w- c:\programdata\Dell2013-05-06 04:25 . 2013-05-06 04:25 -------- d-----w- c:\windows\{7197954C-D1BE-4A17-8E69-52FDC4010A30}2013-05-06 04:20 . 2012-09-23 08:19 93288 ----a-w- c:\windows\dcmdev64.exe2013-05-06 04:20 . 2012-09-23 08:19 382056 ----a-w- c:\windows\hapint.exe2013-05-06 04:20 . 2012-09-23 08:19 335464 ----a-w- c:\windows\dchcfg64.exe2013-05-06 04:20 . 2012-09-23 08:19 459880 ----a-w- c:\windows\system32\dchbas64.dll2013-05-06 04:20 . 2012-09-23 08:19 322664 ----a-w- c:\windows\system32\dchapi64.dll2013-05-06 04:20 . 2013-05-06 04:29 -------- d-----w- c:\program files (x86)\Dell2013-05-06 04:20 . 2013-05-06 04:20 -------- d-----w- C:\apps2013-05-06 04:20 . 2013-05-06 04:20 -------- d-----w- c:\programdata\Security Innovation2013-05-06 04:20 . 2013-05-06 04:20 -------- d-----w- c:\program files (x86)\Security Innovation2013-05-06 04:19 . 2013-05-06 04:19 -------- d-----w- c:\program files\Fingerprint Sensor2013-05-06 04:19 . 2013-05-06 04:32 -------- d-----w- c:\program files\Common Files\SPBA2013-05-06 04:19 . 2013-05-06 04:19 -------- d-----w- c:\program files (x86)\Common Files\SPBA2013-05-06 04:18 . 2013-05-06 04:18 -------- d-----w- c:\program files (x86)\Gemalto2013-05-06 04:18 . 2013-05-06 04:18 -------- d-----w- c:\program files (x86)\O2Micro OZ776 SCR Driver2013-05-06 04:18 . 2013-05-06 04:18 -------- d-----w- c:\windows\Downloaded Installations2013-05-06 04:18 . 2013-05-06 04:18 40960 ----a-w- c:\windows\SysWow64\ct32O2.dll2013-05-06 04:18 . 2013-05-06 04:18 40960 ----a-w- c:\windows\system32\ct32O2.dll2013-05-06 04:18 . 2013-05-06 04:34 -------- d-----w- c:\programdata\Wave Systems Corp2013-05-06 04:15 . 2011-12-19 14:46 121344 ----a-w- c:\windows\system32\basp.dll2013-05-06 04:15 . 2013-05-06 04:15 -------- d-----w- c:\program files\Broadcom2013-05-06 04:15 . 2013-05-06 04:15 -------- d-----w- c:\windows\Dell2013-05-06 04:14 . 2012-10-16 13:52 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll2013-05-06 04:14 . 2012-10-16 13:53 791608 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys2013-05-06 04:14 . 2012-10-16 13:53 358456 ----a-w- c:\windows\system32\drivers\iusb3hub.sys2013-05-06 04:14 . 2012-10-16 13:53 20024 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys2013-05-06 04:14 . 2012-10-19 21:42 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll2013-05-06 04:14 . 2013-05-23 23:32 -------- d-----w- c:\programdata\Intel..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-05-23 23:26 . 2012-07-17 19:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-05-06 05:42 . 2013-05-06 05:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll2013-05-06 05:42 . 2013-05-06 05:42 561664 ----a-w- c:\windows\apppatch\AcLayers.dll2013-05-06 05:42 . 2013-05-06 05:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2013-05-06 05:42 . 2013-05-06 05:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2013-03-29 07:53 . 2013-03-29 07:53 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys2013-03-21 08:08 . 2013-03-21 08:08 240952 ----a-w- c:\windows\system32\drivers\avgtdia.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 130736 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 130736 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 130736 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-10-23 134176]"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-10-16 291648]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-07 56128]"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2013-04-05 1960448]"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-12-10 527864]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816].c:\users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Donna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-17 28711576]Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2012-8-15 507448].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2012-8-15 507448].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"HideFastUserSwitching"= 1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 WvPCR;WvPCR;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-11-08 254384]R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2012-12-10 112080]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2011-01-03 74984]R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-05-25 1255736]S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-05-14 4937264]S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-12-01 163840]S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-03-13 187912]S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]S2 EmbassyService;EmbassyService;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-11-20 225720]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 828072]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-10-23 166432]S2 PbaDrvSvc_x64;Dell PBA x64 Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2012-11-23 20480]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-10-23 365600]S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-10 479224]S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-11-19 1758720]S3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2013-02-27 342528]S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-10-16 358456]S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-10-16 791608]S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-11-14 84712]S3 ST_ACCEL;STMicroelectronics Accelerometer Service;c:\windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-05-23 23:42 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-06 03:56].2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 23:41].2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 23:41]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]2012-11-09 04:39 135584 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]2012-11-09 04:39 135584 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-12-21 684016]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-20 1664000]"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2012-01-18 7469568]"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2012-11-09 370584]"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2012-08-15 7077432]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-14 172016]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-14 399856]"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-14 442352]"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-11-22 1127592].HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceFontCache.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.commLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\windows\system32\o2flash.exec:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe.**************************************************************************.Completion time: 2013-05-26 08:14:45 - machine was rebootedComboFix-quarantined-files.txt 2013-05-26 12:14.Pre-Run: 276,590,518,272 bytes freePost-Run: 276,370,096,128 bytes free.- - End Of File - - B2AE24D79DC77995A0CFDD29C6C390F6 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 26, 2013 Staff ID:684046 Share Posted May 26, 2013 Hello ghostofunder Lets get a deeper look into the system and lets see if something shows up.Download and run OTLDownload OTL by Old Timer and save it to your Desktop.Double click on OTL.exe to run it.Under Output, ensure that Minimal Output is selected.Under Extra Registry section, select Use SafeList.Click the Scan All Users checkbox.Click on Run Scan at the top left hand corner.When done, two Notepad files will open.OTL.txt <-- Will be opened and the that I need posted back hereExtra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later[*]Please post the contents of OTL.txt in your next reply.Gringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:684060 Share Posted May 26, 2013 Having to divide into multiple posts. Part 1%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 297.32 Gb Total Space | 257.47 Gb Free Space | 86.60% Space Free | Partition Type: NTFSComputer Name: DONNA-NEW | User Name: Donna | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - File not foundPRC - C:\Users\Donna\Desktop\OTL.exe (OldTimer Tools)PRC - C:\Users\Donna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)PRC - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)PRC - C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.)PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)========== Modules (No Company Name) ==========MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c484ce0997e68573a00dc6cddf16e2ac\IAStorUtil.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\a9f8b35698a9a28f22861f7b814b79bc\IAStorCommon.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()MOD - C:\Users\Donna\AppData\Roaming\Dropbox\bin\libcef.dll ()MOD - C:\Users\Donna\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()========== Services (SafeList) ==========SRV:64bit: - (PbaDrvSvc_x64) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe ()SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)SRV:64bit: - (EmbassyService) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe ()SRV:64bit: - (Wave Authentication Manager Service) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe (Wave Systems Corp.)SRV:64bit: - (TdmService) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)SRV:64bit: - (WvPCR) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe (Wave Systems Corp.)SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)SRV:64bit: - (SecureStorageService) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)SRV:64bit: - (DFEPService) -- C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe (Dell Inc.)SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)SRV:64bit: - (BrcmMgmtAgent) -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe (Broadcom Corporation)SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\o2flash.exe (O2Micro International)SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)SRV - (DellDigitalDelivery) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe ()SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)========== Driver Services (SafeList) ==========DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.)DRV:64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)DRV:64bit: - (dcdbas) -- C:\Windows\SysNative\drivers\dcdbas64.sys (Dell Inc.)DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)DRV:64bit: - (ST_ACCEL) -- C:\Windows\SysNative\drivers\ST_ACCEL.sys (STMicroelectronics)DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)DRV:64bit: - (Blfp) -- C:\Windows\SysNative\drivers\basp.sys (Broadcom Corporation)DRV:64bit: - (O2SDJRDR) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys (O2Micro )DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)DRV:64bit: - (O2MDRRDR) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys (O2Micro )DRV:64bit: - (O2MDFRDR) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys (O2Micro )DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {891954C5-D884-4A78-B046-2D224A4E82CE}IE:64bit: - HKLM\..\SearchScopes\{891954C5-D884-4A78-B046-2D224A4E82CE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJSIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope = {D1E467CD-9079-4406-BDB5-9B3C71F22A6A}IE - HKLM\..\SearchScopes\{891954C5-D884-4A78-B046-2D224A4E82CE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJSIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comIE - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comIE - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\..\SearchScopes,DefaultScope = {891954C5-D884-4A78-B046-2D224A4E82CE}IE - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\..\SearchScopes\{CB2E8768-4963-4720-A3B8-C82C43492B0F}: "URL" = http://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=445eeb5a2661447ba6aac6123e12b7ae&tu=10G90008D2B0008&sku=&tstsId=&ver=&&r=583IE - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013/05/23 20:38:58 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\FirefoxFF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013/05/23 20:38:59 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/05/23 21:04:08 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins[2013/05/23 21:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\Mozilla\Extensions[2013/05/23 20:38:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions========== Chrome ==========CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},CHR - homepage: http://fclaweb.fcla.edu/CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dllCHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dllCHR - plugin: Intelu00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllCHR - plugin: Intelu00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllCHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\CHR - Extension: Google Docs = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\CHR - Extension: Google Drive = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: YouTube = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: Last.fm Scrobbler = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm\1.16_1\CHR - Extension: Picasa Extension (by Google) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhlohbbihddnfcehbijmlnpkafmmkfp\0.1_0\CHR - Extension: Google Dictionary (by Google) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.17_1\CHR - Extension: Gmail = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\CHR - Extension: Google Docs = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\CHR - Extension: Google Drive = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: YouTube = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: Last.fm Scrobbler = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm\1.16_1\CHR - Extension: Picasa Extension (by Google) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhlohbbihddnfcehbijmlnpkafmmkfp\0.1_0\CHR - Extension: Google Dictionary (by Google) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.17_1\CHR - Extension: Gmail = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\O1 HOSTS File: ([2013/05/26 08:10:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll (Check Point Software Technologies LTD)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll (Check Point Software Technologies LTD)O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3:64bit: - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)O3 - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)O4:64bit: - HKLM..\Run: [DFEPApplication] C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe (Dell Inc.)O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [iSW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)O4:64bit: - HKLM..\Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)O4 - HKLM..\Run: [iMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk = File not foundO4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk = File not foundO4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Donna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)O4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk = File not foundO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-3759848468-541695144-1953164835-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O13 - gopher Prefix: missingO17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{036277A3-0881-4D18-9488-50C91EA115EE}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:684061 Share Posted May 26, 2013 Part 2========== Files/Folders - Created Within 30 Days ==========[2013/05/26 17:47:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe[2013/05/26 15:14:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2013/05/26 07:59:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe[2013/05/26 07:59:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe[2013/05/26 07:59:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe[2013/05/26 07:58:36 | 000,000,000 | ---D | C] -- C:\Qoobox[2013/05/26 07:58:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt[2013/05/26 07:55:22 | 005,071,432 | R--- | C] (Swearware) -- C:\Users\Donna\Desktop\ComboFix.exe[2013/05/25 22:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java[2013/05/25 22:13:21 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe[2013/05/25 22:13:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe[2013/05/25 22:13:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe[2013/05/25 22:13:16 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll[2013/05/25 22:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java[2013/05/25 21:58:24 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Cisco[2013/05/25 21:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco[2013/05/25 21:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco[2013/05/25 21:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun[2013/05/25 21:50:58 | 000,788,896 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll[2013/05/25 21:50:57 | 000,866,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll[2013/05/25 21:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee[2013/05/25 21:33:57 | 000,483,328 | ---- | C] (Simon Tatham) -- C:\Users\Donna\Desktop\putty.exe[2013/05/25 20:48:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT[2013/05/25 20:48:22 | 000,000,000 | ---D | C] -- C:\JRT[2013/05/25 20:44:29 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Donna\Desktop\JRT.exe[2013/05/25 10:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)[2013/05/25 10:06:57 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro v4 - SE[2013/05/25 10:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro v4 - SE[2013/05/25 10:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InCode Solutions[2013/05/25 09:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip[2013/05/25 09:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip[2013/05/25 06:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0[2013/05/25 04:58:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat[2013/05/25 04:58:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat[2013/05/25 04:24:25 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe[2013/05/25 04:24:25 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll[2013/05/25 04:24:25 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/05/25 04:24:24 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/05/25 04:24:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/05/25 04:24:24 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/05/25 04:24:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/05/25 04:24:23 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/05/25 04:24:23 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/05/25 04:24:23 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/05/25 04:24:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll[2013/05/25 04:24:22 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/05/25 04:24:22 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/05/25 04:24:22 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/05/25 04:24:22 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/05/25 04:24:22 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/05/25 04:24:22 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe[2013/05/25 04:24:21 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/05/25 04:24:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/05/25 04:24:21 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/05/25 04:24:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx[2013/05/25 04:24:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll[2013/05/25 04:24:20 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/05/25 04:24:20 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/05/25 04:24:20 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2013/05/25 04:24:20 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/05/25 04:24:20 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/05/25 04:24:20 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll[2013/05/25 04:24:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2013/05/25 04:24:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2013/05/25 04:24:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll[2013/05/25 04:24:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2013/05/25 04:24:19 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe[2013/05/25 04:24:18 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat[2013/05/25 04:24:18 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2013/05/25 04:24:18 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll[2013/05/25 04:24:18 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec[2013/05/25 04:24:18 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll[2013/05/25 04:24:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll[2013/05/25 04:24:18 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll[2013/05/25 04:24:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll[2013/05/25 04:24:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll[2013/05/25 04:24:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2013/05/25 04:24:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll[2013/05/25 04:24:17 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2013/05/25 04:24:17 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll[2013/05/25 04:24:17 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll[2013/05/25 04:24:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll[2013/05/25 04:24:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2013/05/25 04:24:16 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2013/05/25 04:24:16 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe[2013/05/25 04:24:16 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe[2013/05/25 04:24:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll[2013/05/25 04:24:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2013/05/25 04:24:14 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2013/05/25 04:24:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll[2013/05/25 04:24:14 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2013/05/25 04:24:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll[2013/05/25 04:24:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll[2013/05/25 04:24:14 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll[2013/05/25 04:24:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll[2013/05/25 04:24:14 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe[2013/05/25 04:24:14 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll[2013/05/25 04:24:14 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll[2013/05/25 04:24:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll[2013/05/25 04:24:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe[2013/05/25 04:24:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe[2013/05/25 04:24:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx[2013/05/25 04:23:01 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll[2013/05/25 04:23:01 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll[2013/05/25 04:23:01 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll[2013/05/25 04:23:01 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll[2013/05/25 04:23:01 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/05/25 04:23:01 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/05/25 04:23:01 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/05/25 04:23:01 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/05/25 04:23:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll[2013/05/25 04:23:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/05/25 04:23:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/05/25 04:23:01 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/05/25 04:23:01 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/05/25 04:23:00 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll[2013/05/25 04:23:00 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll[2013/05/25 04:23:00 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll[2013/05/25 04:23:00 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll[2013/05/25 04:23:00 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll[2013/05/25 04:22:59 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll[2013/05/25 04:22:59 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll[2013/05/25 04:22:59 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll[2013/05/25 04:22:58 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll[2013/05/25 04:22:56 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll[2013/05/25 04:22:56 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll[2013/05/25 04:22:56 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll[2013/05/25 04:22:56 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll[2013/05/25 04:22:56 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll[2013/05/25 04:22:56 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll[2013/05/25 04:22:56 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll[2013/05/25 04:22:55 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll[2013/05/25 04:22:55 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll[2013/05/25 04:22:55 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll[2013/05/25 00:26:58 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Malwarebytes[2013/05/25 00:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/05/25 00:26:47 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys[2013/05/25 00:26:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2013/05/25 00:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2013/05/24 20:31:11 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Microsoft Games[2013/05/24 20:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games[2013/05/24 14:57:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt[2013/05/24 14:40:47 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\CRE[2013/05/24 06:55:57 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\MigWiz[2013/05/24 06:47:58 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys[2013/05/24 06:47:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll[2013/05/24 06:47:57 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe[2013/05/24 06:47:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe[2013/05/24 06:47:46 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll[2013/05/24 06:47:46 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll[2013/05/24 06:47:46 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll[2013/05/24 06:47:46 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll[2013/05/24 06:47:46 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll[2013/05/24 06:47:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll[2013/05/24 06:47:42 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll[2013/05/24 06:47:42 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll[2013/05/24 06:47:41 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll[2013/05/24 06:47:41 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe[2013/05/24 06:47:36 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll[2013/05/24 06:47:36 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll[2013/05/24 06:47:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys[2013/05/24 06:47:04 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe[2013/05/24 06:47:03 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe[2013/05/24 06:47:03 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe[2013/05/24 06:47:02 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe[2013/05/24 06:47:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll[2013/05/24 06:47:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll[2013/05/24 06:38:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump[2013/05/23 22:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeePass Password Safe 2[2013/05/23 22:46:24 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\DoNotTrackPlus[2013/05/23 22:36:09 | 000,000,000 | R--D | C] -- C:\Users\Donna\Dropbox[2013/05/23 22:29:56 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox[2013/05/23 22:29:29 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Dropbox[2013/05/23 22:02:55 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\KeePass[2013/05/23 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Programs[2013/05/23 21:04:16 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Mozilla[2013/05/23 21:04:15 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Thunderbird[2013/05/23 21:04:15 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Thunderbird[2013/05/23 21:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla[2013/05/23 21:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service[2013/05/23 21:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird[2013/05/23 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\ForceField Shared Files[2013/05/23 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\CheckPoint[2013/05/23 20:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint[2013/05/23 20:38:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point[2013/05/23 20:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD[2013/05/23 20:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox[2013/05/23 20:38:01 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Check Point Software Technologies LTD[2013/05/23 20:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint[2013/05/23 20:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint[2013/05/23 20:05:57 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\AVG2013[2013/05/23 20:05:36 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\TuneUp Software[2013/05/23 20:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG[2013/05/23 20:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013[2013/05/23 20:05:25 | 000,000,000 | ---D | C] -- C:\$AVG[2013/05/23 20:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG[2013/05/23 20:02:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files[2013/05/23 20:02:14 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\MFAData[2013/05/23 20:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData[2013/05/23 20:02:14 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Avg2013[2013/05/23 19:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group[2013/05/23 19:51:29 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller[2013/05/23 19:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery[2013/05/23 19:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome[2013/05/23 19:41:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google[2013/05/23 19:41:45 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Google[2013/05/23 19:41:33 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Apps[2013/05/23 19:41:32 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Deployment[2013/05/23 19:40:55 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Macromedia[2013/05/23 19:40:54 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Adobe[2013/05/23 19:30:34 | 000,515,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe[2013/05/23 19:30:34 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc[2013/05/23 19:30:34 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc[2013/05/23 19:30:34 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc[2013/05/23 19:30:34 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc[2013/05/23 19:30:34 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc[2013/05/23 19:30:34 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc[2013/05/23 19:30:34 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc[2013/05/23 19:30:34 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc[2013/05/23 19:30:34 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc[2013/05/23 19:30:34 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc[2013/05/23 19:30:34 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc[2013/05/23 19:30:34 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc[2013/05/23 19:30:34 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc[2013/05/23 19:30:34 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc[2013/05/23 19:30:34 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc[2013/05/23 19:30:34 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc[2013/05/23 19:30:34 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc[2013/05/23 19:30:34 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc[2013/05/23 19:30:34 | 000,431,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc[2013/05/23 19:30:34 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll[2013/05/23 19:30:34 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc[2013/05/23 19:30:34 | 000,279,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe[2013/05/23 19:30:34 | 000,241,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll[2013/05/23 19:30:34 | 000,216,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll[2013/05/23 19:30:34 | 000,195,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll[2013/05/23 19:30:34 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll[2013/05/23 19:30:34 | 000,172,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe[2013/05/23 19:30:34 | 000,116,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3040.dll[2013/05/23 19:30:34 | 000,056,832 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll[2013/05/23 19:30:34 | 000,056,320 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll[2013/05/23 19:30:33 | 029,591,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll[2013/05/23 19:30:33 | 029,574,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll[2013/05/23 19:30:33 | 027,457,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll[2013/05/23 19:30:33 | 021,850,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll[2013/05/23 19:30:33 | 005,358,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys[2013/05/23 19:30:33 | 003,580,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll[2013/05/23 19:30:33 | 003,511,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll[2013/05/23 19:30:33 | 003,121,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll[2013/05/23 19:30:33 | 001,040,384 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll[2013/05/23 19:30:33 | 000,931,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll[2013/05/23 19:30:33 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll[2013/05/23 19:30:33 | 000,542,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll[2013/05/23 19:30:33 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll[2013/05/23 19:30:33 | 000,442,352 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe[2013/05/23 19:30:33 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc[2013/05/23 19:30:33 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc[2013/05/23 19:30:33 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc[2013/05/23 19:30:33 | 000,384,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll[2013/05/23 19:30:33 | 000,330,752 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll[2013/05/23 19:30:33 | 000,254,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe[2013/05/23 19:30:33 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll[2013/05/23 19:30:33 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl[2013/05/23 19:30:33 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll[2013/05/23 19:30:33 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll[2013/05/23 19:30:32 | 011,632,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig7icd64.dll[2013/05/23 19:30:32 | 011,175,424 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll[2013/05/23 19:30:32 | 008,621,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig7icd32.dll[2013/05/23 19:30:32 | 005,905,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe[2013/05/23 19:30:32 | 002,898,944 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll[2013/05/23 19:30:32 | 000,399,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe[2013/05/23 19:30:32 | 000,175,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll[2013/05/23 19:30:31 | 000,342,528 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys[2013/05/23 19:30:31 | 000,185,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe[2013/05/23 19:30:31 | 000,016,896 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll[2013/05/23 19:28:23 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Intel Corporation[2013/05/23 19:27:09 | 000,000,000 | R--D | C] -- C:\Users\Donna\Virtual Machines[2013/05/23 19:27:09 | 000,000,000 | R--D | C] -- C:\Users\Donna\Searches[2013/05/23 19:27:09 | 000,000,000 | R--D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools[2013/05/23 19:27:09 | 000,000,000 | -H-D | C] -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned[2013/05/23 19:27:03 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Dell[2013/05/23 19:26:59 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Identities[2013/05/23 19:26:53 | 000,000,000 | R--D | C] -- C:\Users\Donna\Contacts[2013/05/23 19:26:49 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\VirtualStore[2013/05/23 19:26:35 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll[2013/05/23 19:26:35 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe[2013/05/23 19:26:35 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll[2013/05/23 19:26:26 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll[2013/05/23 19:26:26 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll[2013/05/23 19:26:26 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll[2013/05/23 19:26:15 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll[2013/05/23 19:26:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe[2013/05/23 19:25:58 | 000,000,000 | --SD | C] -- C:\Users\Donna\AppData\Roaming\Microsoft[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Videos[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Saved Games[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Pictures[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Music[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Links[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Favorites[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Downloads[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Documents[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\Desktop[2013/05/23 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\AppData\Local\Temporary Internet Files[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Templates[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Start Menu[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\SendTo[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Recent[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\PrintHood[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\NetHood[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Documents\My Videos[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Documents\My Pictures[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Documents\My Music[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\My Documents[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Local Settings[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\AppData\Local\History[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Cookies[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\Application Data[2013/05/23 19:25:58 | 000,000,000 | -HSD | C] -- C:\Users\Donna\AppData\Local\Application Data[2013/05/23 19:25:58 | 000,000,000 | -H-D | C] -- C:\Users\Donna\AppData[2013/05/23 19:25:58 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Temp[2013/05/23 19:25:58 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Microsoft[2013/05/23 19:25:58 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Media Center Programs[2013/05/06 01:51:40 | 006,102,016 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll[2013/05/06 01:51:40 | 001,821,184 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl[2013/05/06 01:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\IDT[2013/05/06 01:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel[2013/05/06 01:51:19 | 000,000,000 | ---D | C] -- C:\Intel[2013/05/06 01:51:09 | 000,022,128 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdcfltn.sys[2013/05/06 01:51:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE[2013/05/06 01:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX[2013/05/06 01:50:44 | 000,000,000 | ---D | C] -- C:\Windows\devcon[2013/05/06 01:50:04 | 000,000,000 | ---D | C] -- C:\Windows\CSC[2013/05/06 01:49:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information[2013/05/06 01:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics[2013/05/06 01:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad[2013/05/06 01:44:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ[2013/05/06 01:44:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA[2013/05/06 01:43:15 | 000,360,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys[2013/05/06 01:43:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui[2013/05/06 01:43:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui[2013/05/06 01:43:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui[2013/05/06 01:43:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui[2013/05/06 01:43:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui[2013/05/06 01:43:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui[2013/05/06 01:43:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui[2013/05/06 01:43:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui[2013/05/06 01:43:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui[2013/05/06 01:43:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui[2013/05/06 01:43:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui[2013/05/06 01:43:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui[2013/05/06 01:43:09 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe[2013/05/06 01:43:09 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe[2013/05/06 01:43:09 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe[2013/05/06 01:43:09 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe[2013/05/06 01:43:09 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe[2013/05/06 01:43:09 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe[2013/05/06 01:43:09 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll[2013/05/06 01:43:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys[2013/05/06 01:43:03 | 000,194,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys[2013/05/06 01:43:03 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys[2013/05/06 01:43:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll[2013/05/06 01:43:01 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll[2013/05/06 01:43:01 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll[2013/05/06 01:43:01 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll[2013/05/06 01:43:01 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll[2013/05/06 01:43:01 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll[2013/05/06 01:43:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll[2013/05/06 01:43:01 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll[2013/05/06 01:43:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll[2013/05/06 01:43:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll[2013/05/06 01:43:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe[2013/05/06 01:43:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe[2013/05/06 01:43:01 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll[2013/05/06 01:43:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll[2013/05/06 01:43:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe[2013/05/06 01:43:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe[2013/05/06 01:42:52 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll[2013/05/06 01:42:52 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll[2013/05/06 01:42:52 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll[2013/05/06 01:42:51 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll[2013/05/06 01:42:51 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll[2013/05/06 01:42:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll[2013/05/06 01:42:51 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys[2013/05/06 01:42:50 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll[2013/05/06 01:42:50 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll[2013/05/06 01:42:50 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll[2013/05/06 01:42:50 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll[2013/05/06 01:42:46 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll[2013/05/06 01:42:46 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll[2013/05/06 01:42:46 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll[2013/05/06 01:42:46 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll[2013/05/06 01:42:46 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax[2013/05/06 01:42:46 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax[2013/05/06 01:42:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll[2013/05/06 01:42:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll[2013/05/06 01:42:46 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll[2013/05/06 01:42:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll[2013/05/06 01:42:45 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll[2013/05/06 01:42:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll[2013/05/06 01:42:43 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll[2013/05/06 01:42:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll[2013/05/06 01:42:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll[2013/05/06 01:42:42 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll[2013/05/06 01:42:42 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe[2013/05/06 01:42:40 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll[2013/05/06 01:42:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe[2013/05/06 01:42:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll[2013/05/06 01:42:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll[2013/05/06 01:42:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe[2013/05/06 01:42:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll[2013/05/06 01:42:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe[2013/05/06 01:42:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll[2013/05/06 01:42:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe[2013/05/06 01:42:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe[2013/05/06 01:42:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe[2013/05/06 01:42:36 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe[2013/05/06 01:42:36 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe[2013/05/06 01:42:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll[2013/05/06 01:42:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll[2013/05/06 01:42:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll[2013/05/06 01:42:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll[2013/05/06 01:42:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll[2013/05/06 01:42:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll[2013/05/06 01:42:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll[2013/05/06 01:42:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll[2013/05/06 01:42:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll[2013/05/06 01:42:34 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll[2013/05/06 01:42:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe[2013/05/06 01:42:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll[2013/05/06 01:42:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll[2013/05/06 01:42:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll[2013/05/06 01:42:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll[2013/05/06 01:42:33 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll[2013/05/06 01:42:33 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll[2013/05/06 01:42:32 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll[2013/05/06 01:42:32 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll[2013/05/06 01:42:32 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll[2013/05/06 01:42:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll[2013/05/06 01:42:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll[2013/05/06 01:42:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll[2013/05/06 01:42:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs[2013/05/06 01:42:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs[2013/05/06 01:42:30 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs[2013/05/06 01:42:30 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs[2013/05/06 01:42:30 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs[2013/05/06 01:42:30 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs[2013/05/06 01:42:30 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs[2013/05/06 01:42:30 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs[2013/05/06 01:42:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs[2013/05/06 01:42:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs[2013/05/06 01:42:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs[2013/05/06 01:42:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs[2013/05/06 01:42:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs[2013/05/06 01:42:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs[2013/05/06 01:42:30 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs[2013/05/06 01:42:29 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll[2013/05/06 01:42:29 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll[2013/05/06 01:42:29 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs[2013/05/06 01:42:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs[2013/05/06 01:42:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs[2013/05/06 01:42:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs[2013/05/06 01:42:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs[2013/05/06 01:42:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs[2013/05/06 01:42:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs[2013/05/06 01:42:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs[2013/05/06 01:42:29 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs[2013/05/06 01:42:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs[2013/05/06 01:42:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs[2013/05/06 01:42:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs[2013/05/06 01:42:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs[2013/05/06 01:42:28 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll[2013/05/06 01:42:28 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll[2013/05/06 01:42:28 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl[2013/05/06 01:42:28 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl[2013/05/06 01:42:28 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll[2013/05/06 01:42:28 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys[2013/05/06 01:42:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll[2013/05/06 01:42:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll[2013/05/06 01:42:25 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll[2013/05/06 01:42:25 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll[2013/05/06 01:42:24 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll[2013/05/06 01:42:24 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll[2013/05/06 01:42:24 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll[2013/05/06 01:42:24 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll[2013/05/06 01:42:24 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll[2013/05/06 01:42:24 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll[2013/05/06 01:42:24 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll[2013/05/06 01:42:24 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax[2013/05/06 01:42:24 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax[2013/05/06 01:42:23 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys[2013/05/06 01:42:23 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll[2013/05/06 01:42:23 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS[2013/05/06 01:42:23 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll[2013/05/06 01:42:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll[2013/05/06 01:42:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll[2013/05/06 01:42:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll[2013/05/06 01:42:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll[2013/05/06 01:42:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll[2013/05/06 01:42:23 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll[2013/05/06 01:42:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll[2013/05/06 01:42:22 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll[2013/05/06 01:42:22 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll[2013/05/06 01:42:22 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll[2013/05/06 01:42:22 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll[2013/05/06 01:42:22 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll[2013/05/06 01:42:22 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll[2013/05/06 01:42:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll[2013/05/06 01:42:22 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll[2013/05/06 01:42:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll[2013/05/06 01:42:22 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll[2013/05/06 01:42:22 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll[2013/05/06 01:42:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll[2013/05/06 01:42:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe[2013/05/06 01:42:21 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll[2013/05/06 01:42:21 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll[2013/05/06 01:42:21 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys[2013/05/06 01:42:21 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe[2013/05/06 01:42:20 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll[2013/05/06 01:42:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll[2013/05/06 01:42:20 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys[2013/05/06 01:42:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe[2013/05/06 01:42:20 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys[2013/05/06 01:42:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll[2013/05/06 01:42:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll[2013/05/06 01:42:19 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll[2013/05/06 01:42:19 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys[2013/05/06 01:42:19 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe[2013/05/06 01:42:19 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll[2013/05/06 01:42:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll[2013/05/06 01:42:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe[2013/05/06 01:42:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe[2013/05/06 01:42:19 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys[2013/05/06 01:42:18 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi[2013/05/06 01:42:18 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe[2013/05/06 01:42:18 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi[2013/05/06 01:42:18 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe[2013/05/06 01:42:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll[2013/05/06 01:42:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll[2013/05/06 01:42:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll[2013/05/06 01:42:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys[2013/05/06 01:42:16 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll[2013/05/06 01:42:16 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll[2013/05/06 01:42:15 | 003,958,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe[2013/05/06 01:42:15 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll[2013/05/06 01:42:15 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll[2013/05/06 01:42:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL[2013/05/06 01:42:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL[2013/05/06 01:42:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL[2013/05/06 01:42:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL[2013/05/06 01:42:07 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll[2013/05/06 01:42:07 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll[2013/05/06 01:34:13 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll[2013/05/06 01:34:13 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll[2013/05/06 01:34:13 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll[2013/05/06 01:34:13 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2712.dll[2013/05/06 01:34:13 | 000,064,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll[2013/05/06 01:34:13 | 000,056,832 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll[2013/05/06 01:34:13 | 000,056,320 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll[2013/05/06 01:34:12 | 012,615,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll[2013/05/06 01:34:12 | 011,049,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll[2013/05/06 01:34:09 | 012,858,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll[2013/05/06 01:34:07 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll[2013/05/06 01:34:01 | 000,569,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys[2013/05/06 01:33:46 | 000,440,592 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys[2013/05/06 01:33:42 | 000,449,480 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\drivers\Apfiltr.sys[2013/05/06 01:33:42 | 000,113,048 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\Vxdif.dll[2013/05/06 01:33:40 | 001,178,216 | ---- | C] (O2Micro) -- C:\Windows\SysNative\O2Icon_2.dll[2013/05/06 01:33:40 | 001,145,448 | ---- | C] (O2Micro) -- C:\Windows\SysNative\O2Icon.dll[2013/05/06 01:33:40 | 000,244,328 | ---- | C] (O2Micro International) -- C:\Windows\SysNative\o2flash.exe[2013/05/06 01:33:40 | 000,244,328 | ---- | C] (O2Micro International) -- C:\Windows\SysNative\drivers\o2flash.exe[2013/05/06 01:33:40 | 000,084,712 | ---- | C] (O2Micro ) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys[2013/05/06 01:33:40 | 000,074,984 | ---- | C] (O2Micro ) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys[2013/05/06 01:33:40 | 000,072,808 | ---- | C] (O2Micro ) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys[2013/05/06 01:33:34 | 000,062,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys[2013/05/06 01:33:29 | 002,188,800 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll[2013/05/06 01:33:29 | 000,672,256 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll[2013/05/06 01:33:29 | 000,543,744 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys[2013/05/06 01:33:29 | 000,499,200 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll[2013/05/06 01:33:28 | 001,008,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll[2013/05/06 01:33:28 | 000,576,856 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll[2013/05/06 01:33:28 | 000,572,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO64.dll[2013/05/06 01:33:28 | 000,255,488 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646428.dll[2013/05/06 01:32:47 | 004,746,304 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS[2013/05/06 01:32:47 | 003,952,640 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll[2013/05/06 01:32:47 | 003,617,792 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll[2013/05/06 01:32:47 | 000,095,544 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll[2013/05/06 01:32:45 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll[2013/05/06 01:32:45 | 000,068,208 | ---- | C] (STMicroelectronics) -- C:\Windows\SysNative\drivers\ST_ACCEL.sys[2013/05/06 01:32:45 | 000,065,136 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\stdcfltnco02.dll[2013/05/06 01:28:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem[2013/05/06 01:28:33 | 000,000,000 | ---D | C] -- C:\Drivers[2013/05/06 00:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation[2013/05/06 00:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro[2013/05/06 00:29:20 | 000,000,000 | ---D | C] -- C:\Windows\{69093D49-3DD1-4FB5-A378-0D4DB4CF86EA}[2013/05/06 00:29:12 | 000,000,000 | ---D | C] -- C:\Windows\en[2013/05/06 00:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition[2013/05/06 00:28:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys[2013/05/06 00:28:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live[2013/05/06 00:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live[2013/05/06 00:28:19 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH[2013/05/06 00:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live[2013/05/06 00:27:36 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll[2013/05/06 00:27:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll[2013/05/06 00:27:36 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll[2013/05/06 00:27:36 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll[2013/05/06 00:27:36 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll[2013/05/06 00:27:36 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll[2013/05/06 00:27:36 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll[2013/05/06 00:27:36 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll[2013/05/06 00:27:19 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll[2013/05/06 00:27:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll[2013/05/06 00:27:02 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll[2013/05/06 00:27:02 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll[2013/05/06 00:25:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live[2013/05/06 00:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell[2013/05/06 00:25:29 | 000,000,000 | ---D | C] -- C:\Windows\{7197954C-D1BE-4A17-8E69-52FDC4010A30}[2013/05/06 00:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell[2013/05/06 00:20:31 | 000,382,056 | ---- | C] (Dell Inc.) -- C:\Windows\hapint.exe[2013/05/06 00:20:31 | 000,335,464 | ---- | C] (Dell Inc.) -- C:\Windows\dchcfg64.exe[2013/05/06 00:20:31 | 000,093,288 | ---- | C] (Dell Inc.) -- C:\Windows\dcmdev64.exe[2013/05/06 00:20:29 | 000,459,880 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\dchbas64.dll[2013/05/06 00:20:29 | 000,322,664 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\dchapi64.dll[2013/05/06 00:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell[2013/05/06 00:20:08 | 000,000,000 | ---D | C] -- C:\apps[2013/05/06 00:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Security Innovation[2013/05/06 00:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Innovation[2013/05/06 00:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor[2013/05/06 00:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA[2013/05/06 00:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPBA[2013/05/06 00:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gemalto[2013/05/06 00:18:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2Micro OZ776 SCR Driver[2013/05/06 00:18:23 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations[2013/05/06 00:18:17 | 000,040,960 | ---- | C] (O2Micro) -- C:\Windows\SysWow64\ct32O2.dll[2013/05/06 00:18:17 | 000,040,960 | ---- | C] (O2Micro) -- C:\Windows\SysNative\ct32O2.dll[2013/05/06 00:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Wave Systems Corp[2013/05/06 00:15:46 | 000,121,344 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\basp.dll[2013/05/06 00:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom[2013/05/06 00:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom[2013/05/06 00:15:32 | 000,000,000 | ---D | C] -- C:\Windows\Dell[2013/05/06 00:14:44 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll[2013/05/06 00:14:43 | 000,791,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys[2013/05/06 00:14:43 | 000,358,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys[2013/05/06 00:14:43 | 000,020,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys[2013/05/06 00:14:37 | 000,008,192 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll[2013/05/06 00:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel[2013/05/06 00:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Intel[2013/05/06 00:13:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel[2013/05/06 00:13:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent[2013/05/06 00:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco[2013/05/06 00:13:01 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN[2013/05/06 00:12:56 | 001,131,520 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\BCMLogon.dll[2013/05/06 00:12:53 | 008,225,280 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\BCMWLCPL.CPL[2013/05/06 00:12:53 | 004,993,024 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmttls.dll[2013/05/06 00:12:53 | 004,961,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vcredist_x64.exe[2013/05/06 00:12:53 | 003,161,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vcredist_x64.exe[2013/05/06 00:12:53 | 000,073,728 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\wltrynt.dll[2013/05/06 00:12:53 | 000,035,344 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys[2013/05/06 00:12:53 | 000,022,592 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bcm42rly.sys[2013/05/06 00:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Dell[2013/05/06 00:11:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information[2013/05/06 00:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ST Microelectronics[2013/05/06 00:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode[2013/05/05 23:56:52 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/05/05 23:56:52 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2013/05/05 23:56:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed[2013/05/05 23:56:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed[2013/05/05 23:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc[2013/05/05 23:55:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] Link to post Share on other sites More sharing options...
ghostofunder Posted May 26, 2013 Author ID:684063 Share Posted May 26, 2013 Part 3========== Files - Modified Within 30 Days ==========[2013/05/26 17:47:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe[2013/05/26 17:46:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/05/26 17:08:39 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/05/26 17:08:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/05/26 15:21:29 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/05/26 15:21:29 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/05/26 15:18:28 | 000,794,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2013/05/26 15:18:28 | 000,673,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2013/05/26 15:18:28 | 000,125,676 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2013/05/26 15:14:41 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/05/26 15:14:18 | 000,000,390 | RHS- | M] () -- C:\ProgramData\ntuser.pol[2013/05/26 15:12:40 | 3121,385,472 | -HS- | M] () -- C:\hiberfil.sys[2013/05/26 08:10:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts[2013/05/26 07:55:30 | 005,071,432 | R--- | M] (Swearware) -- C:\Users\Donna\Desktop\ComboFix.exe[2013/05/25 22:13:09 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll[2013/05/25 22:13:09 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll[2013/05/25 22:13:09 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe[2013/05/25 22:13:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe[2013/05/25 22:13:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe[2013/05/25 22:13:09 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll[2013/05/25 21:33:57 | 000,483,328 | ---- | M] (Simon Tatham) -- C:\Users\Donna\Desktop\putty.exe[2013/05/25 20:44:29 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Donna\Desktop\JRT.exe[2013/05/25 20:43:40 | 000,632,031 | ---- | M] () -- C:\Users\Donna\Desktop\AdwCleaner.exe[2013/05/25 18:15:27 | 000,001,304 | ---- | M] () -- C:\Users\Donna\Desktop\Notepad.lnk[2013/05/25 05:00:54 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[2013/05/25 04:39:28 | 000,790,900 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2013/05/25 04:24:25 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe[2013/05/25 04:24:25 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll[2013/05/25 04:24:25 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/05/25 04:24:24 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/05/25 04:24:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/05/25 04:24:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/05/25 04:24:24 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/05/25 04:24:23 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/05/25 04:24:23 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/05/25 04:24:23 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/05/25 04:24:23 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll[2013/05/25 04:24:22 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/05/25 04:24:22 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/05/25 04:24:22 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/05/25 04:24:22 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/05/25 04:24:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/05/25 04:24:22 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe[2013/05/25 04:24:21 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/05/25 04:24:21 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/05/25 04:24:21 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/05/25 04:24:21 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx[2013/05/25 04:24:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll[2013/05/25 04:24:20 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/05/25 04:24:20 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/05/25 04:24:20 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2013/05/25 04:24:20 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/05/25 04:24:20 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/05/25 04:24:20 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll[2013/05/25 04:24:20 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2013/05/25 04:24:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2013/05/25 04:24:20 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf[2013/05/25 04:24:20 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll[2013/05/25 04:24:19 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2013/05/25 04:24:19 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe[2013/05/25 04:24:18 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat[2013/05/25 04:24:18 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2013/05/25 04:24:18 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll[2013/05/25 04:24:18 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec[2013/05/25 04:24:18 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll[2013/05/25 04:24:18 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll[2013/05/25 04:24:18 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll[2013/05/25 04:24:18 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll[2013/05/25 04:24:18 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll[2013/05/25 04:24:18 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2013/05/25 04:24:18 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll[2013/05/25 04:24:18 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf[2013/05/25 04:24:17 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2013/05/25 04:24:17 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll[2013/05/25 04:24:17 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll[2013/05/25 04:24:17 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll[2013/05/25 04:24:16 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2013/05/25 04:24:16 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2013/05/25 04:24:16 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe[2013/05/25 04:24:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe[2013/05/25 04:24:16 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll[2013/05/25 04:24:15 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2013/05/25 04:24:14 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2013/05/25 04:24:14 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll[2013/05/25 04:24:14 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2013/05/25 04:24:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll[2013/05/25 04:24:14 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll[2013/05/25 04:24:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll[2013/05/25 04:24:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll[2013/05/25 04:24:14 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe[2013/05/25 04:24:14 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll[2013/05/25 04:24:14 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll[2013/05/25 04:24:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll[2013/05/25 04:24:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe[2013/05/25 04:24:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe[2013/05/25 04:24:13 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx[2013/05/25 04:23:01 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll[2013/05/25 04:23:01 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll[2013/05/25 04:23:01 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll[2013/05/25 04:23:01 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll[2013/05/25 04:23:01 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/05/25 04:23:01 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/05/25 04:23:01 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/05/25 04:23:01 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/05/25 04:23:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/05/25 04:23:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll[2013/05/25 04:23:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/05/25 04:23:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/05/25 04:23:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/05/25 04:23:01 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/05/25 04:23:01 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/05/25 04:23:00 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll[2013/05/25 04:23:00 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll[2013/05/25 04:23:00 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll[2013/05/25 04:23:00 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll[2013/05/25 04:23:00 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll[2013/05/25 04:22:59 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll[2013/05/25 04:22:59 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll[2013/05/25 04:22:59 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll[2013/05/25 04:22:58 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll[2013/05/25 04:22:56 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll[2013/05/25 04:22:56 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll[2013/05/25 04:22:56 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll[2013/05/25 04:22:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll[2013/05/25 04:22:56 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll[2013/05/25 04:22:56 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll[2013/05/25 04:22:56 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll[2013/05/25 04:22:55 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll[2013/05/25 04:22:55 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll[2013/05/25 04:22:55 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll[2013/05/25 00:26:48 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/05/24 06:38:19 | 452,196,980 | ---- | M] () -- C:\Windows\MEMORY.DMP[2013/05/23 22:58:50 | 000,001,107 | ---- | M] () -- C:\Users\Donna\Desktop\KeePass 2.lnk[2013/05/23 22:36:09 | 000,001,044 | ---- | M] () -- C:\Users\Donna\Desktop\Dropbox.lnk[2013/05/23 22:30:08 | 000,001,054 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk[2013/05/23 22:29:56 | 000,002,281 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2013/05/23 21:04:30 | 000,002,112 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk[2013/05/23 21:04:12 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk[2013/05/23 20:41:50 | 000,417,507 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml[2013/05/23 20:38:53 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk[2013/05/23 20:05:36 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk[2013/05/23 19:51:46 | 000,000,884 | RHS- | M] () -- C:\Users\Donna\ntuser.pol[2013/05/23 19:51:29 | 000,001,266 | ---- | M] () -- C:\Users\Donna\Desktop\Revo Uninstaller.lnk[2013/05/23 19:42:23 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2013/05/23 19:39:27 | 000,015,370 | ---- | M] () -- C:\Windows\SysNative\results.xml[2013/05/23 17:09:23 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf[2013/05/23 17:09:23 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf[2013/05/06 01:51:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf[2013/05/06 01:51:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ST_ACCEL_01009.Wdf[2013/05/06 01:47:25 | 000,029,407 | RH-- | M] () -- C:\dell.sdr[2013/05/06 01:45:39 | 001,015,774 | ---- | M] () -- C:\Windows\SysNative\oem7.inf[2013/05/06 01:43:15 | 000,360,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys[2013/05/06 01:43:15 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui[2013/05/06 01:43:15 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui[2013/05/06 01:43:15 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui[2013/05/06 01:43:15 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui[2013/05/06 01:43:14 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui[2013/05/06 01:43:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui[2013/05/06 01:43:14 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui[2013/05/06 01:43:14 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui[2013/05/06 01:43:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui[2013/05/06 01:43:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui[2013/05/06 01:43:12 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui[2013/05/06 01:43:12 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui[2013/05/06 01:43:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcvmm.sys.mui[2013/05/06 01:43:10 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui[2013/05/06 01:43:10 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcuxd.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcusb.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcnfltr.sys.mui[2013/05/06 01:43:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui[2013/05/06 01:43:09 | 004,514,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe[2013/05/06 01:43:09 | 002,264,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe[2013/05/06 01:43:09 | 001,369,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe[2013/05/06 01:43:09 | 001,210,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe[2013/05/06 01:43:09 | 000,936,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe[2013/05/06 01:43:09 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe[2013/05/06 01:43:09 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll[2013/05/06 01:43:09 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys[2013/05/06 01:43:03 | 000,194,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys[2013/05/06 01:43:03 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys[2013/05/06 01:43:03 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll[2013/05/06 01:43:01 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll[2013/05/06 01:43:01 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll[2013/05/06 01:43:01 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll[2013/05/06 01:43:01 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll[2013/05/06 01:43:01 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll[2013/05/06 01:43:01 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll[2013/05/06 01:43:01 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll[2013/05/06 01:43:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll[2013/05/06 01:43:01 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll[2013/05/06 01:43:01 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe[2013/05/06 01:43:01 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe[2013/05/06 01:43:01 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll[2013/05/06 01:43:01 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll[2013/05/06 01:43:01 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe[2013/05/06 01:43:01 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe[2013/05/06 01:42:52 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll[2013/05/06 01:42:52 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll[2013/05/06 01:42:52 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll[2013/05/06 01:42:51 | 000,750,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll[2013/05/06 01:42:51 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll[2013/05/06 01:42:51 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll[2013/05/06 01:42:51 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys[2013/05/06 01:42:50 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll[2013/05/06 01:42:50 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll[2013/05/06 01:42:50 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll[2013/05/06 01:42:50 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll[2013/05/06 01:42:46 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll[2013/05/06 01:42:46 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll[2013/05/06 01:42:46 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll[2013/05/06 01:42:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll[2013/05/06 01:42:46 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax[2013/05/06 01:42:46 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax[2013/05/06 01:42:46 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll[2013/05/06 01:42:46 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll[2013/05/06 01:42:46 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll[2013/05/06 01:42:46 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll[2013/05/06 01:42:45 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll[2013/05/06 01:42:43 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll[2013/05/06 01:42:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll[2013/05/06 01:42:43 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe[2013/05/06 01:42:43 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll[2013/05/06 01:42:43 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll[2013/05/06 01:42:42 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll[2013/05/06 01:42:40 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll[2013/05/06 01:42:40 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe[2013/05/06 01:42:40 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll[2013/05/06 01:42:39 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll[2013/05/06 01:42:39 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe[2013/05/06 01:42:39 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll[2013/05/06 01:42:39 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe[2013/05/06 01:42:39 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll[2013/05/06 01:42:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe[2013/05/06 01:42:38 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe[2013/05/06 01:42:38 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe[2013/05/06 01:42:36 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe[2013/05/06 01:42:36 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe[2013/05/06 01:42:36 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll[2013/05/06 01:42:36 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll[2013/05/06 01:42:35 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll[2013/05/06 01:42:35 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll[2013/05/06 01:42:35 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll[2013/05/06 01:42:35 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll[2013/05/06 01:42:35 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll[2013/05/06 01:42:35 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll[2013/05/06 01:42:35 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll[2013/05/06 01:42:34 | 001,161,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll[2013/05/06 01:42:34 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe[2013/05/06 01:42:34 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll[2013/05/06 01:42:34 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll[2013/05/06 01:42:34 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll[2013/05/06 01:42:34 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll[2013/05/06 01:42:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll[2013/05/06 01:42:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll[2013/05/06 01:42:33 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll[2013/05/06 01:42:33 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll[2013/05/06 01:42:32 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll[2013/05/06 01:42:32 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll[2013/05/06 01:42:32 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll[2013/05/06 01:42:32 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll[2013/05/06 01:42:32 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll[2013/05/06 01:42:32 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll[2013/05/06 01:42:30 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cero.rs[2013/05/06 01:42:30 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysNative\esrb.rs[2013/05/06 01:42:30 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysNative\fpb.rs[2013/05/06 01:42:30 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs[2013/05/06 01:42:30 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs[2013/05/06 01:42:30 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs[2013/05/06 01:42:30 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysNative\csrr.rs[2013/05/06 01:42:30 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cob-au.rs[2013/05/06 01:42:30 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysNative\usk.rs[2013/05/06 01:42:30 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc.rs[2013/05/06 01:42:30 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\grb.rs[2013/05/06 01:42:30 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysNative\grb.rs[2013/05/06 01:42:30 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs[2013/05/06 01:42:30 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs[2013/05/06 01:42:30 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi.rs[2013/05/06 01:42:30 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysNative\djctq.rs[2013/05/06 01:42:29 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll[2013/05/06 01:42:29 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll[2013/05/06 01:42:29 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cero.rs[2013/05/06 01:42:29 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\esrb.rs[2013/05/06 01:42:29 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\fpb.rs[2013/05/06 01:42:29 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs[2013/05/06 01:42:29 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\csrr.rs[2013/05/06 01:42:29 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs[2013/05/06 01:42:29 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\usk.rs[2013/05/06 01:42:29 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc.rs[2013/05/06 01:42:29 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs[2013/05/06 01:42:29 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs[2013/05/06 01:42:29 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi.rs[2013/05/06 01:42:29 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\djctq.rs[2013/05/06 01:42:28 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll[2013/05/06 01:42:28 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll[2013/05/06 01:42:28 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl[2013/05/06 01:42:28 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl[2013/05/06 01:42:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll[2013/05/06 01:42:28 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys[2013/05/06 01:42:27 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll[2013/05/06 01:42:26 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll[2013/05/06 01:42:25 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll[2013/05/06 01:42:25 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll[2013/05/06 01:42:24 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll[2013/05/06 01:42:24 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll[2013/05/06 01:42:24 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll[2013/05/06 01:42:24 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll[2013/05/06 01:42:24 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll[2013/05/06 01:42:24 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll[2013/05/06 01:42:24 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll[2013/05/06 01:42:24 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax[2013/05/06 01:42:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax[2013/05/06 01:42:23 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys[2013/05/06 01:42:23 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll[2013/05/06 01:42:23 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS[2013/05/06 01:42:23 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll[2013/05/06 01:42:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll[2013/05/06 01:42:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll[2013/05/06 01:42:23 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll[2013/05/06 01:42:23 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll[2013/05/06 01:42:23 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll[2013/05/06 01:42:23 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll[2013/05/06 01:42:23 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll[2013/05/06 01:42:22 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll[2013/05/06 01:42:22 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll[2013/05/06 01:42:22 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll[2013/05/06 01:42:22 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll[2013/05/06 01:42:22 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll[2013/05/06 01:42:22 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll[2013/05/06 01:42:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll[2013/05/06 01:42:22 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll[2013/05/06 01:42:22 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll[2013/05/06 01:42:22 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll[2013/05/06 01:42:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll[2013/05/06 01:42:22 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll[2013/05/06 01:42:22 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe[2013/05/06 01:42:21 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll[2013/05/06 01:42:21 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll[2013/05/06 01:42:21 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll[2013/05/06 01:42:21 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys[2013/05/06 01:42:21 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe[2013/05/06 01:42:20 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll[2013/05/06 01:42:20 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys[2013/05/06 01:42:20 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe[2013/05/06 01:42:20 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys[2013/05/06 01:42:20 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll[2013/05/06 01:42:20 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll[2013/05/06 01:42:19 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll[2013/05/06 01:42:19 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys[2013/05/06 01:42:19 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe[2013/05/06 01:42:19 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll[2013/05/06 01:42:19 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll[2013/05/06 01:42:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe[2013/05/06 01:42:19 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe[2013/05/06 01:42:19 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys[2013/05/06 01:42:18 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi[2013/05/06 01:42:18 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe[2013/05/06 01:42:18 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi[2013/05/06 01:42:18 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe[2013/05/06 01:42:18 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll[2013/05/06 01:42:18 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll[2013/05/06 01:42:18 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll[2013/05/06 01:42:17 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys[2013/05/06 01:42:16 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll[2013/05/06 01:42:16 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll[2013/05/06 01:42:15 | 003,958,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe[2013/05/06 01:42:15 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll[2013/05/06 01:42:15 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll[2013/05/06 01:42:13 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL[2013/05/06 01:42:13 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL[2013/05/06 01:42:13 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL[2013/05/06 01:42:13 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL[2013/05/06 01:42:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL[2013/05/06 01:42:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL[2013/05/06 01:42:07 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll[2013/05/06 01:42:07 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll[2013/05/06 01:32:43 | 000,002,954 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_LAT_E5430.mrk[2013/05/06 01:32:43 | 000,002,954 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_LAT_E5430.mrk[2013/05/06 00:25:32 | 000,001,073 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk[2013/05/06 00:18:48 | 000,000,206 | ---- | M] () -- C:\Windows\hbcikrnl.ini[2013/05/06 00:18:17 | 000,040,960 | ---- | M] (O2Micro) -- C:\Windows\SysWow64\ct32O2.dll[2013/05/06 00:18:17 | 000,040,960 | ---- | M] (O2Micro) -- C:\Windows\SysNative\ct32O2.dll[2013/05/06 00:14:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf[2013/05/05 23:56:52 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/05/05 23:56:52 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]========== Files Created - No Company Name ==========[2013/05/26 07:59:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2013/05/26 07:59:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2013/05/26 07:59:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2013/05/26 07:59:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2013/05/26 07:59:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2013/05/25 20:43:39 | 000,632,031 | ---- | C] () -- C:\Users\Donna\Desktop\AdwCleaner.exe[2013/05/25 18:15:27 | 000,001,304 | ---- | C] () -- C:\Users\Donna\Desktop\Notepad.lnk[2013/05/25 04:24:20 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf[2013/05/25 04:24:18 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf[2013/05/25 00:26:48 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/05/24 06:38:19 | 452,196,980 | ---- | C] () -- C:\Windows\MEMORY.DMP[2013/05/23 22:58:50 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk[2013/05/23 22:58:50 | 000,001,107 | ---- | C] () -- C:\Users\Donna\Desktop\KeePass 2.lnk[2013/05/23 22:36:09 | 000,001,044 | ---- | C] () -- C:\Users\Donna\Desktop\Dropbox.lnk[2013/05/23 22:30:08 | 000,001,054 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk[2013/05/23 21:04:12 | 000,002,112 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk[2013/05/23 21:04:12 | 000,002,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk[2013/05/23 21:04:12 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk[2013/05/23 20:39:03 | 000,417,507 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml[2013/05/23 20:38:53 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk[2013/05/23 20:05:36 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk[2013/05/23 19:51:46 | 000,000,884 | RHS- | C] () -- C:\Users\Donna\ntuser.pol[2013/05/23 19:51:29 | 000,001,266 | ---- | C] () -- C:\Users\Donna\Desktop\Revo Uninstaller.lnk[2013/05/23 19:42:23 | 000,002,281 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2013/05/23 19:42:23 | 000,002,257 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2013/05/23 19:41:54 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/05/23 19:41:53 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/05/23 19:39:27 | 000,015,370 | ---- | C] () -- C:\Windows\SysNative\results.xml[2013/05/23 19:30:34 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin[2013/05/23 19:30:34 | 000,598,384 | ---- | C] () -- C:\Windows\SysNative\igvpkrng700.bin[2013/05/23 19:30:34 | 000,017,078 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp[2013/05/23 19:30:33 | 000,080,384 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll[2013/05/23 19:30:33 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll[2013/05/23 19:30:33 | 000,009,728 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll[2013/05/23 19:30:32 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin[2013/05/23 19:30:32 | 000,754,652 | ---- | C] () -- C:\Windows\SysNative\igcodeckrng700.bin[2013/05/23 19:30:32 | 000,223,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources[2013/05/23 19:30:32 | 000,194,245 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources[2013/05/23 19:30:32 | 000,163,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources[2013/05/23 19:30:32 | 000,149,682 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources[2013/05/23 19:30:32 | 000,148,042 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources[2013/05/23 19:30:32 | 000,146,004 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources[2013/05/23 19:30:32 | 000,144,645 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources[2013/05/23 19:30:32 | 000,144,260 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources[2013/05/23 19:30:32 | 000,144,020 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources[2013/05/23 19:30:32 | 000,143,932 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources[2013/05/23 19:30:32 | 000,142,882 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources[2013/05/23 19:30:32 | 000,142,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources[2013/05/23 19:30:32 | 000,142,717 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources[2013/05/23 19:30:32 | 000,141,838 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources[2013/05/23 19:30:32 | 000,137,889 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources[2013/05/23 19:30:32 | 000,137,784 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources[2013/05/23 19:30:32 | 000,126,300 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources[2013/05/23 19:30:32 | 000,124,650 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources[2013/05/23 19:30:32 | 000,000,268 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config[2013/05/23 19:30:31 | 000,210,106 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources[2013/05/23 19:30:31 | 000,166,170 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources[2013/05/23 19:30:31 | 000,159,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources[2013/05/23 19:30:31 | 000,147,393 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources[2013/05/23 19:30:31 | 000,147,288 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources[2013/05/23 19:30:31 | 000,145,491 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources[2013/05/23 19:30:31 | 000,142,289 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources[2013/05/23 19:30:31 | 000,142,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources[2013/05/23 19:30:31 | 000,141,049 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources[2013/05/23 19:30:31 | 000,137,141 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources[2013/05/23 19:30:31 | 000,132,623 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources[2013/05/23 19:26:09 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk[2013/05/23 19:25:58 | 000,001,073 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk[2013/05/23 19:25:58 | 000,000,290 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk[2013/05/23 19:25:58 | 000,000,272 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk[2013/05/06 01:51:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf[2013/05/06 01:51:32 | 001,015,774 | ---- | C] () -- C:\Windows\SysNative\oem7.inf[2013/05/06 01:51:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ST_ACCEL_01009.Wdf[2013/05/06 01:49:31 | 3121,385,472 | -HS- | C] () -- C:\hiberfil.sys[2013/05/06 01:47:24 | 000,029,407 | RH-- | C] () -- C:\dell.sdr[2013/05/06 01:34:13 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa[2013/05/06 01:34:13 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin[2013/05/06 01:34:13 | 000,755,188 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin[2013/05/06 01:34:13 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp[2013/05/06 01:34:13 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp[2013/05/06 01:34:13 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp[2013/05/06 01:34:13 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp[2013/05/06 01:34:13 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp[2013/05/06 01:34:13 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp[2013/05/06 01:34:13 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp[2013/05/06 01:34:12 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin[2013/05/06 01:34:12 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin[2013/05/06 01:34:07 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll[2013/05/06 01:32:43 | 000,002,954 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_LAT_E5430.mrk[2013/05/06 01:32:43 | 000,002,954 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_LAT_E5430.mrk[2013/05/06 00:29:07 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk[2013/05/06 00:29:05 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk[2013/05/06 00:28:55 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk[2013/05/06 00:18:48 | 000,000,390 | RHS- | C] () -- C:\ProgramData\ntuser.pol[2013/05/06 00:18:42 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini[2013/05/06 00:14:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf[2013/05/06 00:12:53 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll[2013/05/06 00:12:53 | 000,000,446 | ---- | C] () -- C:\Windows\SysWow64\vcredist_x64.bat[2013/05/06 00:12:53 | 000,000,445 | ---- | C] () -- C:\Windows\SysNative\vcredist_x64.bat[2013/05/05 23:56:52 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2012/11/08 12:21:40 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-HK.dll[2012/11/08 12:21:38 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sl.dll[2012/11/08 12:21:38 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sk.dll[2012/11/08 12:21:36 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_hr.dll[2012/11/08 12:21:34 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ro.dll[2012/11/08 12:21:34 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pt-BR.dll[2012/11/08 12:21:34 | 000,089,088 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_tr.dll[2012/11/08 12:21:32 | 000,092,160 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_hu.dll[2012/11/08 12:21:32 | 000,084,992 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_he.dll[2012/11/08 12:21:30 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_el.dll[2012/11/08 12:21:30 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_fi.dll[2012/11/08 12:21:28 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_cs.dll[2012/11/08 12:21:28 | 000,087,040 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ar.dll[2012/11/08 12:21:26 | 000,091,648 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sv.dll[2012/11/08 12:21:26 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-CHT.dll[2012/11/08 12:21:26 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-CHS.dll[2012/11/08 12:21:24 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pt.dll[2012/11/08 12:21:24 | 000,091,648 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ru.dll[2012/11/08 12:21:22 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pl.dll[2012/11/08 12:21:22 | 000,089,600 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_no.dll[2012/11/08 12:21:20 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_nl.dll[2012/11/08 12:21:20 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ko.dll[2012/11/08 12:21:18 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_fr.dll[2012/11/08 12:21:18 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_it.dll[2012/11/08 12:21:18 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ja.dll[2012/11/08 12:21:16 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_es.dll[2012/11/08 12:21:14 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_de.dll[2012/11/08 12:21:14 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_da.dll[2012/07/27 11:36:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll[2012/07/10 16:57:58 | 001,008,640 | ---- | C] () -- C:\Windows\SysWow64\DemoLicense.dll========== ZeroAccess Check ==========[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]< End of report > Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 27, 2013 Staff ID:684103 Share Posted May 27, 2013 In which browser are you seeing max.dj in - I am not seeing it in the reportsgringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 27, 2013 Author ID:684114 Share Posted May 27, 2013 Chrome. When I launch Chrome it opens a tab with my default homepage and a second tab with the mix.dj search and the search.conduit.com url. Since I'm seeing it on two different computers Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 27, 2013 Staff ID:684116 Share Posted May 27, 2013 Check this and see if it helps - http://www.guidingtech.com/8004/have-new-tab-page-open-specific-website-firefox-chrome/ Link to post Share on other sites More sharing options...
ghostofunder Posted May 27, 2013 Author ID:684120 Share Posted May 27, 2013 That did it! Thanks so much for helping me get rid of all of the conduit entries and pointing me in the right direction to fix the Chrome issue. Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 27, 2013 Staff ID:684124 Share Posted May 27, 2013 Hello ghostofunder At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.:Run CFScript:Please start by opening Notepad and copy/paste the text in the box into the window:ClearJavaCache::Save it to your desktop as CFScript.txtReferring to the picture above, drag CFScript.txt into ComboFix.exeThis will let ComboFix run again.Restart if you have to.Save the produced logfile to your desktop.Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stallNote 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingreport from Combofixlet me know of any problems you may have hadHow is the computer doing now after running the script?Gringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 27, 2013 Author ID:684332 Share Posted May 27, 2013 Everything seems to be running ok with one exception. I'm getting the following error when I try to launch KeePass:"A device attached to the system is not functioning"ComboFix 13-05-25.02 - Donna 05/26/2013 8:00.1.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3969.2604 [GMT -4:00]Running from: c:\users\Donna\Desktop\ComboFix.exeAV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\security\Database\tmp.edb..((((((((((((((((((((((((( Files Created from 2013-04-26 to 2013-05-26 )))))))))))))))))))))))))))))))..2013-05-26 12:07 . 2013-05-26 12:07 -------- d-----w- c:\users\Default\AppData\Local\temp2013-05-26 02:13 . 2013-05-26 02:13 -------- d-----w- c:\program files (x86)\Common Files\Java2013-05-26 02:13 . 2013-05-26 02:13 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-05-26 02:13 . 2013-05-26 02:13 -------- d-----w- c:\program files (x86)\Java2013-05-26 01:57 . 2013-05-26 01:58 -------- d-----w- c:\programdata\Cisco2013-05-26 01:50 . 2013-05-26 02:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-05-26 01:50 . 2013-05-26 02:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-05-26 01:50 . 2013-05-26 01:50 -------- d-----w- c:\programdata\McAfee2013-05-26 00:48 . 2013-05-26 00:48 -------- d-----w- c:\windows\ERUNT2013-05-26 00:48 . 2013-05-26 00:48 -------- d-----w- C:\JRT2013-05-25 14:44 . 2013-05-25 14:56 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-05-25 14:06 . 2013-05-25 14:06 -------- d-----w- c:\program files (x86)\InCode Solutions2013-05-25 13:49 . 2013-05-25 13:49 -------- d-----w- c:\program files (x86)\7-Zip2013-05-25 10:11 . 2013-05-25 10:11 -------- d-----w- c:\program files (x86)\MSXML 4.02013-05-25 10:10 . 2013-05-03 21:15 75016696 ----a-w- c:\windows\system32\MRT.exe2013-05-25 08:58 . 2013-05-25 08:58 -------- d-----w- c:\windows\SysWow64\Wat2013-05-25 08:58 . 2013-05-25 08:58 -------- d-----w- c:\windows\system32\Wat2013-05-25 08:23 . 2013-05-25 08:23 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-05-25 08:22 . 2013-05-25 08:22 363008 ----a-w- c:\windows\system32\dxgi.dll2013-05-25 04:26 . 2013-05-25 04:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-05-25 04:26 . 2013-05-25 04:26 -------- d-----w- c:\programdata\Malwarebytes2013-05-25 04:26 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-05-25 00:28 . 2013-05-25 00:28 -------- d-----w- c:\program files\Microsoft Games2013-05-24 18:57 . 2013-05-24 18:57 -------- d-----w- c:\windows\system32\appmgmt2013-05-24 02:58 . 2013-05-24 02:58 -------- d-----w- c:\program files (x86)\KeePass Password Safe 22013-05-24 01:04 . 2013-05-24 01:04 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service2013-05-24 01:04 . 2013-05-24 01:04 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird2013-05-24 00:38 . 2013-05-24 00:38 -------- d-----w- c:\program files\CheckPoint2013-05-24 00:38 . 2013-05-24 00:38 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD2013-05-24 00:37 . 2013-05-24 00:38 -------- d-----w- c:\program files (x86)\CheckPoint2013-05-24 00:36 . 2013-05-24 00:36 -------- d-----w- c:\programdata\CheckPoint2013-05-24 00:05 . 2013-05-24 00:05 -------- d-----w- c:\programdata\AVG20132013-05-24 00:05 . 2013-05-24 00:05 -------- d-----w- C:\$AVG2013-05-24 00:05 . 2013-05-24 00:05 -------- d-----w- c:\program files (x86)\AVG2013-05-24 00:02 . 2013-05-25 22:47 -------- d-----w- c:\programdata\MFAData2013-05-24 00:02 . 2013-05-24 00:02 -------- d--h--w- c:\programdata\Common Files2013-05-23 23:51 . 2013-05-23 23:51 -------- d-----w- c:\program files (x86)\VS Revo Group2013-05-23 23:48 . 2013-05-23 23:48 -------- d-----w- c:\program files (x86)\Dell Digital Delivery2013-05-23 23:41 . 2013-05-23 23:42 -------- d-----w- c:\program files (x86)\Google2013-05-23 23:31 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys2013-05-23 23:28 . 2013-05-23 23:28 0 ----a-w- c:\windows\invcol.tmp2013-05-23 23:26 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll2013-05-23 23:26 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe2013-05-23 23:26 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll2013-05-23 23:26 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll2013-05-23 23:26 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll2013-05-23 23:26 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll2013-05-23 23:26 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll2013-05-23 23:26 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll2013-05-23 23:26 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe2013-05-23 23:25 . 2013-05-24 02:36 -------- d-----w- c:\users\Donna2013-05-06 05:51 . 2012-09-20 16:56 6102016 ----a-w- c:\windows\system32\stlang64.dll2013-05-06 05:51 . 2012-09-20 16:56 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl2013-05-06 05:51 . 2013-05-06 05:51 -------- d-----w- c:\program files\IDT2013-05-06 05:51 . 2013-05-23 23:32 -------- d-----w- c:\program files (x86)\Intel2013-05-06 05:51 . 2013-05-23 23:30 -------- d-----w- C:\Intel2013-05-06 05:51 . 2013-05-06 05:51 -------- d-----w- c:\program files\DIFX2013-05-06 05:51 . 2013-05-06 04:28 -------- dc----w- c:\windows\system32\DRVSTORE2013-05-06 05:51 . 2011-07-16 04:31 22128 ----a-w- c:\windows\system32\drivers\stdcfltn.sys2013-05-06 05:50 . 2013-05-06 05:50 -------- d-----w- c:\windows\devcon2013-05-06 05:46 . 2013-05-06 05:46 -------- d-----w- c:\program files\STMicroelectronics2013-05-06 05:43 . 2013-05-06 05:43 360832 ----a-w- c:\windows\system32\drivers\vpcvmm.sys2013-05-06 05:42 . 2013-05-06 05:42 503808 ----a-w- c:\windows\system32\srcore.dll2013-05-06 05:34 . 2013-02-22 19:48 9007616 ----a-w- c:\windows\system32\igfxress.dll2013-05-06 05:33 . 2012-05-15 23:31 440592 ----a-w- c:\windows\system32\drivers\b57nd60a.sys2013-05-06 05:32 . 2011-10-27 07:44 4746304 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS2013-05-06 05:32 . 2011-10-27 07:44 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll2013-05-06 05:32 . 2011-10-27 07:38 3952640 ----a-w- c:\windows\system32\bcmihvsrv64.dll2013-05-06 05:32 . 2011-10-27 07:38 3617792 ----a-w- c:\windows\system32\bcmihvui64.dll2013-05-06 05:32 . 2012-05-21 06:54 68208 ----a-w- c:\windows\system32\drivers\ST_ACCEL.sys2013-05-06 05:32 . 2012-05-21 06:54 65136 ----a-w- c:\windows\system32\stdcfltnco02.dll2013-05-06 05:32 . 2012-05-21 06:54 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll2013-05-06 05:28 . 2013-05-23 23:35 -------- d-----w- c:\windows\system32\oem2013-05-06 05:28 . 2013-05-06 05:34 -------- d-----w- C:\Drivers2013-05-06 04:36 . 2013-05-06 04:36 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation2013-05-06 04:30 . 2013-05-24 00:46 -------- d-----w- c:\programdata\Trend Micro2013-05-06 04:29 . 2013-05-06 04:29 -------- d-----w- c:\windows\{69093D49-3DD1-4FB5-A378-0D4DB4CF86EA}2013-05-06 04:29 . 2013-05-06 04:29 -------- d-----w- c:\windows\en2013-05-06 04:29 . 2013-05-06 04:29 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition2013-05-06 04:28 . 2012-09-12 20:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys2013-05-06 04:28 . 2013-05-06 04:28 -------- d-----w- c:\program files\Windows Live2013-05-06 04:28 . 2013-05-06 04:28 -------- d-----w- c:\windows\PCHEALTH2013-05-06 04:28 . 2013-05-06 04:28 -------- d-----w- c:\program files (x86)\Windows Live2013-05-06 04:27 . 2010-06-02 09:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll2013-05-06 04:27 . 2010-06-02 09:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll2013-05-06 04:27 . 2010-06-02 09:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll2013-05-06 04:27 . 2010-06-02 09:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll2013-05-06 04:27 . 2010-05-26 16:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll2013-05-06 04:27 . 2010-05-26 16:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll2013-05-06 04:27 . 2010-05-26 16:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll2013-05-06 04:27 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll2013-05-06 04:27 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll2013-05-06 04:27 . 2009-09-04 22:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll2013-05-06 04:27 . 2006-11-29 18:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll2013-05-06 04:27 . 2006-11-29 18:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll2013-05-06 04:25 . 2013-05-06 04:25 -------- d-----w- c:\program files (x86)\Common Files\Windows Live2013-05-06 04:25 . 2013-05-23 23:30 -------- d-----w- c:\programdata\Dell2013-05-06 04:25 . 2013-05-06 04:25 -------- d-----w- c:\windows\{7197954C-D1BE-4A17-8E69-52FDC4010A30}2013-05-06 04:20 . 2012-09-23 08:19 93288 ----a-w- c:\windows\dcmdev64.exe2013-05-06 04:20 . 2012-09-23 08:19 382056 ----a-w- c:\windows\hapint.exe2013-05-06 04:20 . 2012-09-23 08:19 335464 ----a-w- c:\windows\dchcfg64.exe2013-05-06 04:20 . 2012-09-23 08:19 459880 ----a-w- c:\windows\system32\dchbas64.dll2013-05-06 04:20 . 2012-09-23 08:19 322664 ----a-w- c:\windows\system32\dchapi64.dll2013-05-06 04:20 . 2013-05-06 04:29 -------- d-----w- c:\program files (x86)\Dell2013-05-06 04:20 . 2013-05-06 04:20 -------- d-----w- C:\apps2013-05-06 04:20 . 2013-05-06 04:20 -------- d-----w- c:\programdata\Security Innovation2013-05-06 04:20 . 2013-05-06 04:20 -------- d-----w- c:\program files (x86)\Security Innovation2013-05-06 04:19 . 2013-05-06 04:19 -------- d-----w- c:\program files\Fingerprint Sensor2013-05-06 04:19 . 2013-05-06 04:32 -------- d-----w- c:\program files\Common Files\SPBA2013-05-06 04:19 . 2013-05-06 04:19 -------- d-----w- c:\program files (x86)\Common Files\SPBA2013-05-06 04:18 . 2013-05-06 04:18 -------- d-----w- c:\program files (x86)\Gemalto2013-05-06 04:18 . 2013-05-06 04:18 -------- d-----w- c:\program files (x86)\O2Micro OZ776 SCR Driver2013-05-06 04:18 . 2013-05-06 04:18 -------- d-----w- c:\windows\Downloaded Installations2013-05-06 04:18 . 2013-05-06 04:18 40960 ----a-w- c:\windows\SysWow64\ct32O2.dll2013-05-06 04:18 . 2013-05-06 04:18 40960 ----a-w- c:\windows\system32\ct32O2.dll2013-05-06 04:18 . 2013-05-06 04:34 -------- d-----w- c:\programdata\Wave Systems Corp2013-05-06 04:15 . 2011-12-19 14:46 121344 ----a-w- c:\windows\system32\basp.dll2013-05-06 04:15 . 2013-05-06 04:15 -------- d-----w- c:\program files\Broadcom2013-05-06 04:15 . 2013-05-06 04:15 -------- d-----w- c:\windows\Dell2013-05-06 04:14 . 2012-10-16 13:52 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll2013-05-06 04:14 . 2012-10-16 13:53 791608 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys2013-05-06 04:14 . 2012-10-16 13:53 358456 ----a-w- c:\windows\system32\drivers\iusb3hub.sys2013-05-06 04:14 . 2012-10-16 13:53 20024 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys2013-05-06 04:14 . 2012-10-19 21:42 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll2013-05-06 04:14 . 2013-05-23 23:32 -------- d-----w- c:\programdata\Intel..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-05-23 23:26 . 2012-07-17 19:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-05-06 05:42 . 2013-05-06 05:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll2013-05-06 05:42 . 2013-05-06 05:42 561664 ----a-w- c:\windows\apppatch\AcLayers.dll2013-05-06 05:42 . 2013-05-06 05:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2013-05-06 05:42 . 2013-05-06 05:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2013-03-29 07:53 . 2013-03-29 07:53 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys2013-03-21 08:08 . 2013-03-21 08:08 240952 ----a-w- c:\windows\system32\drivers\avgtdia.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 130736 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 130736 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 130736 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-10-23 134176]"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-10-16 291648]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-07 56128]"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2013-04-05 1960448]"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-12-10 527864]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816].c:\users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Donna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-17 28711576]Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2012-8-15 507448].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2012-8-15 507448].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"HideFastUserSwitching"= 1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 WvPCR;WvPCR;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-11-08 254384]R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2012-12-10 112080]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2011-01-03 74984]R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-05-25 1255736]S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-05-14 4937264]S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-12-01 163840]S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-03-13 187912]S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]S2 EmbassyService;EmbassyService;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-11-20 225720]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 828072]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-10-23 166432]S2 PbaDrvSvc_x64;Dell PBA x64 Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2012-11-23 20480]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-10-23 365600]S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-10 479224]S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-11-19 1758720]S3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2013-02-27 342528]S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-10-16 358456]S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-10-16 791608]S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-11-14 84712]S3 ST_ACCEL;STMicroelectronics Accelerometer Service;c:\windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-05-23 23:42 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-06 03:56].2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 23:41].2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 23:41]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-17 14:45 164016 ----a-w- c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]2012-11-09 04:39 135584 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]2012-11-09 04:39 135584 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-12-21 684016]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-20 1664000]"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2012-01-18 7469568]"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2012-11-09 370584]"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2012-08-15 7077432]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-14 172016]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-14 399856]"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-14 442352]"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-11-22 1127592].HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceFontCache.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.commLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\windows\system32\o2flash.exec:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe.**************************************************************************.Completion time: 2013-05-26 08:14:45 - machine was rebootedComboFix-quarantined-files.txt 2013-05-26 12:14.Pre-Run: 276,590,518,272 bytes freePost-Run: 276,370,096,128 bytes free.- - End Of File - - B2AE24D79DC77995A0CFDD29C6C390F6 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 28, 2013 Staff ID:684415 Share Posted May 28, 2013 Hello ghostofunder At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.:Run CFScript:Please start by opening Notepad and copy/paste the text in the box into the window:ClearJavaCache::Save it to your desktop as CFScript.txtReferring to the picture above, drag CFScript.txt into ComboFix.exeThis will let ComboFix run again.Restart if you have to.Save the produced logfile to your desktop.Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stallNote 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingreport from Combofixlet me know of any problems you may have hadHow is the computer doing now after running the script?Gringo Link to post Share on other sites More sharing options...
ghostofunder Posted May 28, 2013 Author ID:684454 Share Posted May 28, 2013 This time around I ran the script starting about an hour ago but it seems to be stuck somehow. The run box contains the following and hasn't changed:Preparing Log Report.Do not run any programs until ComboFix has finished. I'll check back in a few minutes but then will have to get some sleep. If it's still the same in the morning can I close it and shut down before I head off to work? Link to post Share on other sites More sharing options...
Staff gringo_pr Posted May 28, 2013 Staff ID:684458 Share Posted May 28, 2013 Yes you can close it down and let me know and I will give you more instructions Link to post Share on other sites More sharing options...
ghostofunder Posted May 28, 2013 Author ID:684499 Share Posted May 28, 2013 <div>It finished overnight. I'm getting the same error for KeePass but that is the only problem I've encountered.</div><div> </div><div>ComboFix 13-05-25.02 - Donna 05/27/2013 22:28:22.3.4 - x64</div><div>Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3969.1779 [GMT -4:00]</div><div>Running from: c:\users\Donna\Desktop\ComboFix.exe</div><div>Command switches used :: c:\users\Donna\Desktop\CFScript.txt</div><div>AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}</div><div>FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}</div><div>SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}</div><div>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</div><div>.</div><div>.</div><div>((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-28 )))))))))))))))))))))))))))))))</div><div>.</div><div>.</div><div>2013-05-28 02:42 . 2013-05-28 02:42<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Default\AppData\Local\temp</div><div>2013-05-27 13:28 . 2013-05-27 13:28<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\SSH Communications Security</div><div>2013-05-27 13:26 . 2013-05-27 13:26<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Common Files\InstallShield</div><div>2013-05-26 02:13 . 2013-05-26 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Common Files\Java</div><div>2013-05-26 02:13 . 2013-05-26 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>95648<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\WindowsAccessBridge-32.dll</div><div>2013-05-26 02:13 . 2013-05-26 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Java</div><div>2013-05-26 01:57 . 2013-05-26 01:58<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Cisco</div><div>2013-05-26 01:50 . 2013-05-26 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>788896<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\deployJava1.dll</div><div>2013-05-26 01:50 . 2013-05-26 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>866720<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\npDeployJava1.dll</div><div>2013-05-26 01:50 . 2013-05-26 01:50<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\McAfee</div><div>2013-05-26 00:48 . 2013-05-26 00:48<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\ERUNT</div><div>2013-05-26 00:48 . 2013-05-26 00:48<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>C:\JRT</div><div>2013-05-25 14:44 . 2013-05-25 14:56<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Malwarebytes' Anti-Malware (portable)</div><div>2013-05-25 14:06 . 2013-05-25 14:06<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\InCode Solutions</div><div>2013-05-25 13:49 . 2013-05-25 13:49<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\7-Zip</div><div>2013-05-25 10:11 . 2013-05-25 10:11<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\MSXML 4.0</div><div>2013-05-25 10:10 . 2013-05-03 21:15<span class="Apple-tab-span" style="white-space:pre"> </span>75016696<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\MRT.exe</div><div>2013-05-25 08:58 . 2013-05-25 08:58<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\Wat</div><div>2013-05-25 08:58 . 2013-05-25 08:58<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\Wat</div><div>2013-05-25 08:23 . 2013-05-25 08:23<span class="Apple-tab-span" style="white-space:pre"> </span>9728<span class="Apple-tab-span" style="white-space:pre"> </span>---ha-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll</div><div>2013-05-25 08:22 . 2013-05-25 08:22<span class="Apple-tab-span" style="white-space:pre"> </span>363008<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\dxgi.dll</div><div>2013-05-25 04:26 . 2013-05-25 04:26<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Malwarebytes' Anti-Malware</div><div>2013-05-25 04:26 . 2013-05-25 04:26<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Malwarebytes</div><div>2013-05-25 04:26 . 2013-04-04 19:50<span class="Apple-tab-span" style="white-space:pre"> </span>25928<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\mbam.sys</div><div>2013-05-25 00:28 . 2013-05-25 00:28<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Microsoft Games</div><div>2013-05-24 18:57 . 2013-05-24 18:57<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\appmgmt</div><div>2013-05-24 02:58 . 2013-05-24 02:58<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\KeePass Password Safe 2</div><div>2013-05-24 01:04 . 2013-05-24 01:04<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Mozilla Maintenance Service</div><div>2013-05-24 01:04 . 2013-05-24 01:04<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Mozilla Thunderbird</div><div>2013-05-24 00:38 . 2013-05-24 00:38<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\CheckPoint</div><div>2013-05-24 00:38 . 2013-05-24 00:38<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Check Point Software Technologies LTD</div><div>2013-05-24 00:37 . 2013-05-24 00:38<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\CheckPoint</div><div>2013-05-24 00:36 . 2013-05-24 00:36<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\CheckPoint</div><div>2013-05-24 00:05 . 2013-05-24 00:05<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\AVG2013</div><div>2013-05-24 00:05 . 2013-05-24 00:05<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>C:\$AVG</div><div>2013-05-24 00:05 . 2013-05-24 00:05<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\AVG</div><div>2013-05-24 00:02 . 2013-05-27 21:46<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\MFAData</div><div>2013-05-24 00:02 . 2013-05-24 00:02<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d--h--w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Common Files</div><div>2013-05-23 23:51 . 2013-05-23 23:51<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\VS Revo Group</div><div>2013-05-23 23:48 . 2013-05-23 23:48<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Dell Digital Delivery</div><div>2013-05-23 23:41 . 2013-05-27 12:59<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Google</div><div>2013-05-23 23:31 . 2012-02-17 04:57<span class="Apple-tab-span" style="white-space:pre"> </span>23552<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\tdtcp.sys</div><div>2013-05-23 23:28 . 2013-05-23 23:28<span class="Apple-tab-span" style="white-space:pre"> </span>0<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\invcol.tmp</div><div>2013-05-23 23:26 . 2012-06-02 22:19<span class="Apple-tab-span" style="white-space:pre"> </span>2428952<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wuaueng.dll</div><div>2013-05-23 23:26 . 2012-06-02 22:19<span class="Apple-tab-span" style="white-space:pre"> </span>57880<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wuauclt.exe</div><div>2013-05-23 23:26 . 2012-06-02 22:19<span class="Apple-tab-span" style="white-space:pre"> </span>44056<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wups2.dll</div><div>2013-05-23 23:26 . 2012-06-02 22:15<span class="Apple-tab-span" style="white-space:pre"> </span>2622464<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wucltux.dll</div><div>2013-05-23 23:26 . 2012-06-02 22:19<span class="Apple-tab-span" style="white-space:pre"> </span>38424<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wups.dll</div><div>2013-05-23 23:26 . 2012-06-02 22:19<span class="Apple-tab-span" style="white-space:pre"> </span>701976<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wuapi.dll</div><div>2013-05-23 23:26 . 2012-06-02 22:15<span class="Apple-tab-span" style="white-space:pre"> </span>99840<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wudriver.dll</div><div>2013-05-23 23:26 . 2012-06-02 20:19<span class="Apple-tab-span" style="white-space:pre"> </span>186752<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wuwebv.dll</div><div>2013-05-23 23:26 . 2012-06-02 20:15<span class="Apple-tab-span" style="white-space:pre"> </span>36864<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\wuapp.exe</div><div>2013-05-23 23:25 . 2013-05-24 02:36<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Donna</div><div>2013-05-06 05:51 . 2012-09-20 16:56<span class="Apple-tab-span" style="white-space:pre"> </span>6102016<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\stlang64.dll</div><div>2013-05-06 05:51 . 2012-09-20 16:56<span class="Apple-tab-span" style="white-space:pre"> </span>1821184<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\IDTNC64.cpl</div><div>2013-05-06 05:51 . 2013-05-06 05:51<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\IDT</div><div>2013-05-06 05:51 . 2013-05-23 23:32<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Intel</div><div>2013-05-06 05:51 . 2013-05-23 23:30<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>C:\Intel</div><div>2013-05-06 05:51 . 2013-05-06 05:51<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\DIFX</div><div>2013-05-06 05:51 . 2013-05-06 04:28<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>dc----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\DRVSTORE</div><div>2013-05-06 05:51 . 2011-07-16 04:31<span class="Apple-tab-span" style="white-space:pre"> </span>22128<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\stdcfltn.sys</div><div>2013-05-06 05:50 . 2013-05-06 05:50<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\devcon</div><div>2013-05-06 05:46 . 2013-05-06 05:46<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\STMicroelectronics</div><div>2013-05-06 05:43 . 2013-05-06 05:43<span class="Apple-tab-span" style="white-space:pre"> </span>360832<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\vpcvmm.sys</div><div>2013-05-06 05:42 . 2013-05-06 05:42<span class="Apple-tab-span" style="white-space:pre"> </span>503808<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\srcore.dll</div><div>2013-05-06 05:34 . 2013-02-22 19:48<span class="Apple-tab-span" style="white-space:pre"> </span>9007616<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\igfxress.dll</div><div>2013-05-06 05:33 . 2012-05-15 23:31<span class="Apple-tab-span" style="white-space:pre"> </span>440592<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\b57nd60a.sys</div><div>2013-05-06 05:32 . 2011-10-27 07:44<span class="Apple-tab-span" style="white-space:pre"> </span>4746304<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\BCMWL664.SYS</div><div>2013-05-06 05:32 . 2011-10-27 07:44<span class="Apple-tab-span" style="white-space:pre"> </span>95544<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\bcmwlcoi.dll</div><div>2013-05-06 05:32 . 2011-10-27 07:38<span class="Apple-tab-span" style="white-space:pre"> </span>3952640<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\bcmihvsrv64.dll</div><div>2013-05-06 05:32 . 2011-10-27 07:38<span class="Apple-tab-span" style="white-space:pre"> </span>3617792<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\bcmihvui64.dll</div><div>2013-05-06 05:32 . 2012-05-21 06:54<span class="Apple-tab-span" style="white-space:pre"> </span>68208<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\ST_ACCEL.sys</div><div>2013-05-06 05:32 . 2012-05-21 06:54<span class="Apple-tab-span" style="white-space:pre"> </span>65136<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\stdcfltnco02.dll</div><div>2013-05-06 05:32 . 2012-05-21 06:54<span class="Apple-tab-span" style="white-space:pre"> </span>1721576<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\WdfCoInstaller01009.dll</div><div>2013-05-06 05:28 . 2013-05-23 23:35<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\oem</div><div>2013-05-06 05:28 . 2013-05-06 05:34<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>C:\Drivers</div><div>2013-05-06 04:36 . 2013-05-06 04:36<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Common Files\Intel Corporation</div><div>2013-05-06 04:30 . 2013-05-24 00:46<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Trend Micro</div><div>2013-05-06 04:29 . 2013-05-06 04:29<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\{69093D49-3DD1-4FB5-A378-0D4DB4CF86EA}</div><div>2013-05-06 04:29 . 2013-05-06 04:29<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\en</div><div>2013-05-06 04:29 . 2013-05-06 04:29<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Microsoft SQL Server Compact Edition</div><div>2013-05-06 04:28 . 2012-09-12 20:20<span class="Apple-tab-span" style="white-space:pre"> </span>57856<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\fssfltr.sys</div><div>2013-05-06 04:28 . 2013-05-06 04:28<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Windows Live</div><div>2013-05-06 04:28 . 2013-05-06 04:28<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\PCHEALTH</div><div>2013-05-06 04:28 . 2013-05-06 04:28<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Windows Live</div><div>2013-05-06 04:27 . 2010-06-02 09:55<span class="Apple-tab-span" style="white-space:pre"> </span>77656<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\XAPOFX1_5.dll</div><div>2013-05-06 04:27 . 2010-06-02 09:55<span class="Apple-tab-span" style="white-space:pre"> </span>74072<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\XAPOFX1_5.dll</div><div>2013-05-06 04:27 . 2010-06-02 09:55<span class="Apple-tab-span" style="white-space:pre"> </span>527192<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\XAudio2_7.dll</div><div>2013-05-06 04:27 . 2010-06-02 09:55<span class="Apple-tab-span" style="white-space:pre"> </span>518488<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\XAudio2_7.dll</div><div>2013-05-06 04:27 . 2010-05-26 16:41<span class="Apple-tab-span" style="white-space:pre"> </span>276832<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\d3dx11_43.dll</div><div>2013-05-06 04:27 . 2010-05-26 16:41<span class="Apple-tab-span" style="white-space:pre"> </span>2526056<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\D3DCompiler_43.dll</div><div>2013-05-06 04:27 . 2010-05-26 16:41<span class="Apple-tab-span" style="white-space:pre"> </span>248672<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\d3dx11_43.dll</div><div>2013-05-06 04:27 . 2010-05-26 16:41<span class="Apple-tab-span" style="white-space:pre"> </span>2106216<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\D3DCompiler_43.dll</div><div>2013-05-06 04:27 . 2009-09-04 22:29<span class="Apple-tab-span" style="white-space:pre"> </span>453456<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\d3dx10_42.dll</div><div>2013-05-06 04:27 . 2009-09-04 22:29<span class="Apple-tab-span" style="white-space:pre"> </span>523088<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\d3dx10_42.dll</div><div>2013-05-06 04:27 . 2006-11-29 18:06<span class="Apple-tab-span" style="white-space:pre"> </span>4398360<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\d3dx9_32.dll</div><div>2013-05-06 04:27 . 2006-11-29 18:06<span class="Apple-tab-span" style="white-space:pre"> </span>3426072<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\d3dx9_32.dll</div><div>2013-05-06 04:25 . 2013-05-06 04:25<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Common Files\Windows Live</div><div>2013-05-06 04:25 . 2013-05-23 23:30<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Dell</div><div>2013-05-06 04:25 . 2013-05-06 04:25<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\{7197954C-D1BE-4A17-8E69-52FDC4010A30}</div><div>2013-05-06 04:20 . 2012-09-23 08:19<span class="Apple-tab-span" style="white-space:pre"> </span>93288<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\dcmdev64.exe</div><div>2013-05-06 04:20 . 2012-09-23 08:19<span class="Apple-tab-span" style="white-space:pre"> </span>382056<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\hapint.exe</div><div>2013-05-06 04:20 . 2012-09-23 08:19<span class="Apple-tab-span" style="white-space:pre"> </span>335464<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\dchcfg64.exe</div><div>2013-05-06 04:20 . 2012-09-23 08:19<span class="Apple-tab-span" style="white-space:pre"> </span>459880<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\dchbas64.dll</div><div>2013-05-06 04:20 . 2012-09-23 08:19<span class="Apple-tab-span" style="white-space:pre"> </span>322664<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\dchapi64.dll</div><div>2013-05-06 04:20 . 2013-05-06 04:29<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Dell</div><div>2013-05-06 04:20 . 2013-05-06 04:20<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>C:\apps</div><div>2013-05-06 04:20 . 2013-05-06 04:20<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Security Innovation</div><div>2013-05-06 04:20 . 2013-05-06 04:20<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Security Innovation</div><div>2013-05-06 04:19 . 2013-05-06 04:19<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Fingerprint Sensor</div><div>2013-05-06 04:19 . 2013-05-06 04:32<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Common Files\SPBA</div><div>2013-05-06 04:19 . 2013-05-06 04:19<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Common Files\SPBA</div><div>2013-05-06 04:18 . 2013-05-06 04:18<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Gemalto</div><div>2013-05-06 04:18 . 2013-05-06 04:18<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\O2Micro OZ776 SCR Driver</div><div>2013-05-06 04:18 . 2013-05-06 04:18<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\Downloaded Installations</div><div>2013-05-06 04:18 . 2013-05-06 04:18<span class="Apple-tab-span" style="white-space:pre"> </span>40960<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\ct32O2.dll</div><div>2013-05-06 04:18 . 2013-05-06 04:18<span class="Apple-tab-span" style="white-space:pre"> </span>40960<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\ct32O2.dll</div><div>2013-05-06 04:18 . 2013-05-06 04:34<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Wave Systems Corp</div><div>2013-05-06 04:15 . 2011-12-19 14:46<span class="Apple-tab-span" style="white-space:pre"> </span>121344<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\basp.dll</div><div>2013-05-06 04:15 . 2013-05-06 04:15<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Broadcom</div><div>2013-05-06 04:15 . 2013-05-06 04:15<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\Dell</div><div>2013-05-06 04:14 . 2012-10-16 13:52<span class="Apple-tab-span" style="white-space:pre"> </span>41984<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\USB3Ver.dll</div><div>2013-05-06 04:14 . 2012-10-16 13:53<span class="Apple-tab-span" style="white-space:pre"> </span>791608<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\iusb3xhc.sys</div><div>2013-05-06 04:14 . 2012-10-16 13:53<span class="Apple-tab-span" style="white-space:pre"> </span>358456<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\iusb3hub.sys</div><div>2013-05-06 04:14 . 2012-10-16 13:53<span class="Apple-tab-span" style="white-space:pre"> </span>20024<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\iusb3hcs.sys</div><div>.</div><div>.</div><div>(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))</div><div>.</div><div>2013-05-23 23:26 . 2012-07-17 19:37<span class="Apple-tab-span" style="white-space:pre"> </span>22240<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll</div><div>2013-05-06 05:42 . 2013-05-06 05:42<span class="Apple-tab-span" style="white-space:pre"> </span>44032<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\apppatch\acwow64.dll</div><div>2013-05-06 05:42 . 2013-05-06 05:42<span class="Apple-tab-span" style="white-space:pre"> </span>561664<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\apppatch\AcLayers.dll</div><div>2013-05-06 05:42 . 2013-05-06 05:42<span class="Apple-tab-span" style="white-space:pre"> </span>350208<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\apppatch\AppPatch64\AcLayers.dll</div><div>2013-05-06 05:42 . 2013-05-06 05:42<span class="Apple-tab-span" style="white-space:pre"> </span>135168<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\apppatch\AppPatch64\AcXtrnal.dll</div><div>2013-03-29 07:53 . 2013-03-29 07:53<span class="Apple-tab-span" style="white-space:pre"> </span>246072<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgidsdrivera.sys</div><div>2013-03-21 08:08 . 2013-03-21 08:08<span class="Apple-tab-span" style="white-space:pre"> </span>240952<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\avgtdia.sys</div><div>.</div><div>.</div><div>((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))</div><div>.</div><div>.</div><div>*Note* empty entries & legit default entries are not shown </div><div>REGEDIT4</div><div>.</div><div>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]</div><div>@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"</div><div>[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]</div><div>2013-05-17 14:45<span class="Apple-tab-span" style="white-space:pre"> </span>130736<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll</div><div>.</div><div>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]</div><div>@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"</div><div>[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]</div><div>2013-05-17 14:45<span class="Apple-tab-span" style="white-space:pre"> </span>130736<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll</div><div>.</div><div>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]</div><div>@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"</div><div>[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]</div><div>2013-05-17 14:45<span class="Apple-tab-span" style="white-space:pre"> </span>130736<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Donna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll</div><div>.</div><div>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]</div><div>"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-10-23 134176]</div><div>"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-10-16 291648]</div><div>"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-07 56128]</div><div>"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]</div><div>"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]</div><div>"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2013-04-05 1960448]</div><div>"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-12-10 527864]</div><div>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]</div><div>.</div><div>c:\users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\</div><div>Dropbox.lnk - c:\users\Donna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-17 28711576]</div><div>Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2012-8-15 507448]</div><div>.</div><div>c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\</div><div>Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2012-8-15 507448]</div><div>.</div><div>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]</div><div>"ConsentPromptBehaviorAdmin"= 5 (0x5)</div><div>"ConsentPromptBehaviorUser"= 3 (0x3)</div><div>"EnableUIADesktopToggle"= 0 (0x0)</div><div>"HideFastUserSwitching"= 1 (0x1)</div><div>.</div><div>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]</div><div>@="Driver"</div><div>.</div><div>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]</div><div>R2 WvPCR;WvPCR;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-11-08 254384]</div><div>R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2012-12-10 112080]</div><div>R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]</div><div>R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]</div><div>R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]</div><div>R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2011-01-03 74984]</div><div>R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]</div><div>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]</div><div>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]</div><div>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-05-25 1255736]</div><div>S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]</div><div>S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]</div><div>S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]</div><div>S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]</div><div>S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]</div><div>S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]</div><div>S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-03-29 246072]</div><div>S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]</div><div>S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]</div><div>S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-05-14 4937264]</div><div>S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]</div><div>S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-12-01 163840]</div><div>S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-03-13 187912]</div><div>S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]</div><div>S2 EmbassyService;EmbassyService;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-11-20 225720]</div><div>S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]</div><div>S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]</div><div>S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]</div><div>S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 828072]</div><div>S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-10-23 166432]</div><div>S2 PbaDrvSvc_x64;Dell PBA x64 Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2012-11-23 20480]</div><div>S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-10-23 365600]</div><div>S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-10 479224]</div><div>S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-11-19 1758720]</div><div>S3 dcdbas;System Management Driver;c:\windows\syst
Recommended Posts