-
Browser redirects, URL:Mal2 detected by Avast
Following a reinstall of Windows Vista, I find that Firefox is now redirecting to an unwanted site and Avast! is returning a URL:Mal2 warning. The site is blocked by Avast!. I also find that Windows does not shut down properly.
I am yet to install Windows SP2, which I'm not prepared to do until this malware is removed. A full Avast! scan returns no threats, neither does a Spyboat S&D scan.
DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 7.0.6001.18639
Run by ADB49 at 9:18:33 on 2013-10-17
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.44.1033.18.764.296 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [SiSTray] c:\program files\sis vga utilities\SiSTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TouchPadHotKey] c:\program files\fsc\touchpad hotkey utility\TouchPad_HotKey.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
StartupFolder: c:\users\adb49\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - c:\program files\fsc\wireless utility\WirelessSelector.exe
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07} : DHCPNameServer = 192.168.0.1
Notify: SDWinLogon - SDWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-11 16:41; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-10-11 22:57; {ab91efd4-6975-4081-8552-1b3922ed79e2}; c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - ExtSQL: 2013-10-13 23:35; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-10-16 16:25; {6005d9b1-d115-485a-a92a-3f6453ca3fe2}; c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
.
============= SERVICES / DRIVERS ===============
.
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2008-9-9 48128]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-10-11 49376]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-10-11 177864]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-11 770344]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-11 369584]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-11 29816]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-11 66336]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-11 46808]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-10-16 1817560]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-10-16 1033688]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-10-16 171928]
S3 SiS6350;SiS6350;c:\windows\system32\drivers\SISGRKMD.sys [2013-10-11 456568]
.
=============== Created Last 30 ================
.
2013-10-16 11:41:55 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b0569338-4286-4c1b-86f5-0911ffda286e}\mpengine.dll
2013-10-16 11:31:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-16 11:30:33 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-10-16 11:29:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-10-14 19:40:23 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-10-14 19:40:23 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-10-14 19:40:23 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-10-14 19:40:22 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-10-14 19:40:22 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-10-14 19:25:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2013-10-14 19:24:20 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2013-10-14 19:24:19 40448 ----a-w- c:\windows\system32\winrs.exe
2013-10-14 19:24:19 20480 ----a-w- c:\windows\system32\winrshost.exe
2013-10-14 19:24:16 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2013-10-14 19:24:16 10240 ----a-w- c:\windows\system32\winrssrv.dll
2013-10-14 19:24:10 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2013-10-14 19:24:10 79872 ----a-w- c:\windows\system32\wecutil.exe
2013-10-14 19:24:10 56320 ----a-w- c:\windows\system32\wecapi.dll
2013-10-14 19:24:10 54272 ----a-w- c:\windows\system32\WsmRes.dll
2013-10-14 19:24:10 146944 ----a-w- c:\windows\system32\wecsvc.dll
2013-10-14 19:24:08 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2013-10-14 19:23:29 201184 ----a-w- c:\windows\system32\winrm.vbs
2013-10-14 19:23:10 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2013-10-14 19:23:08 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2013-10-14 19:23:07 241152 ----a-w- c:\windows\system32\winrscmd.dll
2013-10-14 19:23:04 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2013-10-14 19:23:03 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2013-10-14 19:22:49 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2013-10-14 17:18:44 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-10-14 17:18:38 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-10-14 17:18:24 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2013-10-14 17:18:24 515584 ----a-w- c:\program files\windows mail\wab.exe
2013-10-14 17:18:24 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2013-10-14 17:18:21 501760 ----a-w- c:\windows\system32\usp10.dll
2013-10-14 17:18:14 125952 ----a-w- c:\windows\system32\srvsvc.dll
2013-10-14 17:18:13 17920 ----a-w- c:\windows\system32\netevent.dll
2013-10-14 17:18:01 72704 ----a-w- c:\windows\system32\fontsub.dll
2013-10-14 17:18:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-14 17:18:01 292864 ----a-w- c:\windows\system32\atmfd.dll
2013-10-14 17:16:56 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-10-14 17:15:36 1169408 ----a-w- c:\windows\system32\sdclt.exe
2013-10-14 17:15:27 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2013-10-14 17:15:24 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2013-10-14 17:15:20 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-10-14 17:15:20 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-10-14 17:15:16 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-10-14 17:15:14 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2013-10-14 17:15:11 430080 ----a-w- c:\windows\system32\vbscript.dll
2013-10-14 17:15:06 563200 ----a-w- c:\windows\system32\oleaut32.dll
2013-10-14 17:12:32 135168 ----a-w- c:\windows\system32\wshom.ocx
2013-10-14 17:12:31 90112 ----a-w- c:\windows\system32\wshext.dll
2013-10-14 17:12:31 155648 ----a-w- c:\windows\system32\wscript.exe
2013-10-14 17:12:30 135168 ----a-w- c:\windows\system32\cscript.exe
2013-10-14 17:12:29 180224 ----a-w- c:\windows\system32\scrobj.dll
2013-10-14 17:12:28 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-10-14 17:12:12 375808 ----a-w- c:\windows\system32\winsrv.dll
2013-10-14 17:12:11 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-10-14 17:12:03 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-10-14 17:12:00 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-10-14 17:11:48 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-14 16:42:56 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-10-14 16:39:40 276992 ----a-w- c:\windows\system32\schannel.dll
2013-10-14 13:11:27 -------- d-----w- C:\PerfLogs
2013-10-14 12:35:19 47560 ----a-w- c:\windows\system32\SPReview.exe
2013-10-14 12:35:13 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2013-10-14 12:10:15 193024 ----a-w- c:\windows\system32\recdisc.exe
2013-10-14 12:10:05 6656 ----a-w- c:\windows\system32\sdspres.dll
2013-10-14 12:08:42 599552 ----a-w- c:\windows\system32\vsp1cln.exe
2013-10-14 12:08:19 28160 ----a-w- c:\windows\system32\sxproxy.dll
2013-10-14 12:08:08 142336 ----a-w- c:\windows\system32\spp.dll
2013-10-14 12:06:54 34816 ----a-w- c:\windows\system32\drivers\npfs.sys
2013-10-14 12:05:58 391168 ----a-w- c:\windows\system32\mscms.dll
2013-10-14 12:04:59 146944 ----a-w- c:\windows\system32\RstrtMgr.dll
2013-10-14 12:03:59 616448 ----a-w- c:\windows\system32\dsuiext.dll
2013-10-14 12:02:59 83968 ----a-w- c:\windows\system32\hlink.dll
2013-10-14 12:01:59 533504 ----a-w- c:\windows\system32\wmdrmsdk.dll
2013-10-14 12:00:59 638976 ----a-w- c:\windows\system32\Utilman.exe
2013-10-14 11:53:47 44032 ----a-w- c:\windows\system32\cbsra.exe
2013-10-14 11:47:31 -------- d-----w- C:\03086a4ad6c74b04e539a6d7
2013-10-14 10:50:42 -------- d-----w- c:\users\adb49\appdata\local\WindowsUpdate
2013-10-14 10:39:25 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2013-10-14 10:39:24 31640 ----a-w- c:\windows\system32\msonpmon.dll
2013-10-14 10:35:59 -------- d-----w- c:\windows\PCHEALTH
2013-10-14 10:33:34 -------- d-----w- c:\windows\SHELLNEW
2013-10-14 10:32:57 -------- d-----w- c:\users\adb49\appdata\local\Microsoft Help
2013-10-13 22:21:05 97800 ----a-w- c:\windows\system32\infocardapi.dll
2013-10-13 22:21:01 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 22:20:57 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2013-10-13 22:20:56 622080 ----a-w- c:\windows\system32\icardagt.exe
2013-10-13 22:20:55 11264 ----a-w- c:\windows\system32\icardres.dll
2013-10-13 22:20:43 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2013-10-12 20:47:04 -------- d-----w- c:\users\adb49\appdata\roaming\DigitalSite
2013-10-12 20:46:45 -------- d-----w- c:\program files\BonanzaDealsLive
2013-10-12 20:46:44 -------- d-----w- c:\users\adb49\appdata\local\BonanzaDealsLive
2013-10-12 20:46:44 -------- d-----w- c:\programdata\BonanzaDealsLive
2013-10-12 20:46:12 -------- d-----w- c:\users\adb49\appdata\local\Google
2013-10-12 20:46:07 -------- d-----w- c:\program files\BonanzaDeals
2013-10-12 20:45:50 -------- d-----w- c:\program files\Image Converter
2013-10-12 20:23:55 -------- d-----w- c:\users\adb49\appdata\roaming\HpUpdate
2013-10-12 20:23:44 -------- d-----w- c:\windows\Hewlett-Packard
2013-10-12 18:11:19 378368 ----a-w- c:\windows\system32\winhttp.dll
2013-10-12 18:09:36 269312 ----a-w- c:\windows\system32\es.dll
2013-10-12 18:08:56 411136 ----a-w- c:\windows\system32\drivers\http.sys
2013-10-12 18:08:56 31232 ----a-w- c:\windows\system32\httpapi.dll
2013-10-12 18:08:56 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-10-12 18:07:52 -------- d-----w- c:\program files\MSXML 4.0
2013-10-12 16:12:44 -------- d-----w- c:\programdata\Canneverbe Limited
2013-10-12 16:12:32 -------- d-----w- c:\users\adb49\appdata\roaming\Canneverbe Limited
2013-10-12 16:01:19 -------- d-----w- c:\users\adb49\appdata\local\Macromedia
2013-10-12 16:00:22 -------- d-----w- c:\users\adb49\appdata\roaming\IrfanView
2013-10-12 16:00:20 -------- d-----w- c:\program files\IrfanView
2013-10-12 15:49:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-12 15:49:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-12 15:36:28 -------- d-----w- c:\users\adb49\appdata\local\Adobe
2013-10-12 15:32:16 -------- d-----w- c:\users\adb49\appdata\local\Amazon
2013-10-12 15:28:09 -------- d-----w- c:\program files\EasyGPS
2013-10-12 15:13:39 -------- d-----w- c:\programdata\CheckPoint
2013-10-12 14:43:33 -------- d-----w- c:\users\adb49\appdata\local\FlickrNet
2013-10-12 13:58:39 312832 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
2013-10-12 13:55:55 -------- d-----w- c:\program files\common files\HP
2013-10-12 02:10:37 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2013-10-12 02:10:37 64512 ----a-w- c:\windows\system32\wlanapi.dll
2013-10-12 02:10:37 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2013-10-12 02:10:36 513024 ----a-w- c:\windows\system32\wlansvc.dll
2013-10-12 02:10:36 302592 ----a-w- c:\windows\system32\wlansec.dll
2013-10-12 02:10:36 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2013-10-12 02:10:36 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2013-10-12 02:09:26 14848 ----a-w- c:\windows\system32\wshrm.dll
2013-10-12 02:09:26 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2013-10-12 02:08:35 43520 ----a-w- c:\windows\system32\msdxm.tlb
2013-10-12 02:08:35 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2013-10-12 02:08:35 18432 ----a-w- c:\windows\system32\amcompat.tlb
2013-10-12 02:07:51 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2013-10-12 02:07:51 329216 ----a-w- c:\windows\system32\msdrm.dll
2013-10-12 02:07:50 472064 ----a-w- c:\windows\system32\secproc.dll
2013-10-12 02:07:50 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2013-10-12 02:07:50 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2013-10-12 02:07:50 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2013-10-12 02:07:49 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2013-10-12 02:07:49 511488 ----a-w- c:\windows\system32\RMActivate.exe
2013-10-12 02:07:49 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2013-10-11 23:16:32 -------- d-sh--w- C:\Boot
2013-10-11 23:15:52 -------- d-----w- c:\windows\system32\OEM
2013-10-11 23:15:52 -------- d-----w- c:\windows\PANTHER
2013-10-11 20:23:29 23552 ----a-w- c:\windows\system32\lpk.dll
2013-10-11 20:23:29 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-10-11 20:22:34 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-10-11 20:22:14 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-10-11 20:19:44 72704 ----a-w- c:\windows\system32\admparse.dll
2013-10-11 20:19:38 48128 ----a-w- c:\windows\system32\mshtmler.dll
2013-10-11 20:19:32 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-10-11 20:17:41 61440 ----a-w- c:\windows\system32\winipsec.dll
2013-10-11 20:17:41 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2013-10-11 20:17:41 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2013-10-11 20:17:41 272896 ----a-w- c:\windows\system32\polstore.dll
2013-10-11 20:15:26 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2013-10-11 20:15:26 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2013-10-11 20:15:26 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2013-10-11 20:13:53 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2013-10-11 20:13:53 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2013-10-11 20:13:53 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2013-10-11 20:13:53 104960 ----a-w- c:\windows\system32\netiohlp.dll
2013-10-11 20:13:52 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2013-10-11 20:13:52 19968 ----a-w- c:\windows\system32\ARP.EXE
2013-10-11 20:13:52 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2013-10-11 20:13:52 10240 ----a-w- c:\windows\system32\finger.exe
2013-10-11 20:04:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-10-11 20:04:47 2048 ----a-w- c:\windows\system32\msxml6r.dll
2013-10-11 20:04:47 1399296 ----a-w- c:\windows\system32\msxml6.dll
2013-10-11 19:58:28 213504 ----a-w- c:\windows\system32\msv1_0.dll
2013-10-11 19:56:04 2868224 ----a-w- c:\windows\system32\mf.dll
2013-10-11 19:56:03 98816 ----a-w- c:\windows\system32\mfps.dll
2013-10-11 19:56:03 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2013-10-11 19:56:03 24576 ----a-w- c:\windows\system32\mfpmp.exe
2013-10-11 19:56:03 2048 ----a-w- c:\windows\system32\mferror.dll
2013-10-11 19:50:24 71680 ----a-w- c:\windows\system32\atl.dll
2013-10-11 19:49:23 296960 ----a-w- c:\windows\system32\gdi32.dll
2013-10-11 19:44:54 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2013-10-11 19:44:54 38912 ----a-w- c:\windows\system32\xolehlp.dll
2013-10-11 19:43:54 160256 ----a-w- c:\windows\system32\wkssvc.dll
2013-10-11 19:42:49 53248 ----a-w- c:\windows\system32\tsgqec.dll
2013-10-11 19:42:49 136192 ----a-w- c:\windows\system32\aaclient.dll
2013-10-11 19:41:45 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2013-10-11 19:39:44 714240 ----a-w- c:\windows\system32\timedate.cpl
2013-10-11 19:34:19 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2013-10-11 19:34:18 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2013-10-11 19:25:14 636928 ----a-w- c:\windows\system32\localspl.dll
2013-10-11 19:21:53 2927104 ----a-w- c:\windows\explorer.exe
2013-10-11 19:16:06 -------- d-----w- c:\windows\system32\MRT
2013-10-11 19:14:42 8704 ----a-w- c:\windows\system32\hccoin.dll
2013-10-11 19:14:42 15872 ----a-w- c:\windows\system32\hcrstco.dll
2013-10-11 19:11:26 171520 ----a-w- c:\windows\system32\wintrust.dll
2013-10-11 19:09:33 499712 ----a-w- c:\windows\system32\kerberos.dll
2013-10-11 19:09:32 9728 ----a-w- c:\windows\system32\lsass.exe
2013-10-11 19:09:32 72704 ----a-w- c:\windows\system32\secur32.dll
2013-10-11 19:09:32 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-10-11 19:09:32 175104 ----a-w- c:\windows\system32\wdigest.dll
2013-10-11 19:09:31 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2013-10-11 19:04:59 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2013-10-11 18:59:47 6656 ----a-w- c:\windows\system32\kbd106n.dll
2013-10-11 18:59:43 927288 ----a-w- c:\windows\system32\winresume.exe
2013-10-11 18:59:42 988216 ----a-w- c:\windows\system32\winload.exe
2013-10-11 18:59:42 40960 ----a-w- c:\windows\system32\srclient.dll
2013-10-11 18:59:42 378368 ----a-w- c:\windows\system32\srcore.dll
2013-10-11 18:59:42 318464 ----a-w- c:\windows\system32\rstrui.exe
2013-10-11 18:59:42 19000 ----a-w- c:\windows\system32\kd1394.dll
2013-10-11 18:59:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
2013-10-11 18:59:41 615992 ----a-w- c:\windows\system32\ci.dll
2013-10-11 18:59:41 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2013-10-11 18:56:48 551424 ----a-w- c:\windows\system32\rpcss.dll
2013-10-11 18:56:47 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2013-10-11 18:56:46 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2013-10-11 18:56:46 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2013-10-11 18:56:46 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2013-10-11 18:56:46 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2013-10-11 18:56:45 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2013-10-11 18:56:45 54784 ----a-w- c:\windows\system32\iasads.dll
2013-10-11 18:56:45 44032 ----a-w- c:\windows\system32\iasdatastore.dll
2013-10-11 18:56:45 17408 ----a-w- c:\windows\system32\iashost.exe
2013-10-11 18:56:44 98304 ----a-w- c:\windows\system32\iasrecst.dll
2013-10-11 18:56:44 183296 ----a-w- c:\windows\system32\sdohlp.dll
2013-10-11 18:54:59 62464 ----a-w- c:\windows\system32\l3codeca.acm
2013-10-11 18:54:59 220672 ----a-w- c:\windows\system32\l3codecp.acm
2013-10-11 18:54:45 -------- d-----w- c:\program files\common files\Hewlett-Packard
2013-10-11 18:51:53 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2013-10-11 18:51:53 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-10-11 18:51:53 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2013-10-11 18:49:55 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2013-10-11 18:46:55 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-10-11 18:45:04 24064 ----a-w- c:\windows\system32\amxread.dll
2013-10-11 18:45:04 13824 ----a-w- c:\windows\system32\apilogen.dll
2013-10-11 18:42:04 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-10-11 18:42:03 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-10-11 18:42:03 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-10-11 18:41:06 966656 ----a-w- c:\windows\system32\hpost_p02c.dll
2013-10-11 18:41:06 315392 ----a-w- c:\windows\system32\hposc_p02a.dll
2013-10-11 18:41:05 712704 ----a-w- c:\windows\system32\hposwia_p02c.dll
2013-10-11 18:41:05 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2013-10-11 18:41:05 309760 ----a-w- c:\windows\system32\difxapi.dll
2013-10-11 18:40:31 98304 ----a-w- c:\windows\system32\cabview.dll
2013-10-11 18:40:28 452408 ----a-w- c:\windows\system32\hpzids01.dll
2013-10-11 18:40:00 123904 ----a-w- c:\windows\system32\hpf3l70v.dll
2013-10-11 18:39:54 -------- d-----w- c:\users\adb49\{ea923793-435b-419d-b4c2-385cf01d320b}
2013-10-11 18:32:11 443392 ----a-w- c:\windows\system32\win32spl.dll
2013-10-11 18:32:11 37888 ----a-w- c:\windows\system32\printcom.dll
2013-10-11 18:23:24 -------- d-----w- c:\program files\HP
2013-10-11 17:48:37 83968 ----a-w- c:\windows\system32\mscories.dll
2013-10-11 17:48:37 158720 ----a-w- c:\windows\system32\mscorier.dll
2013-10-11 17:31:06 1695744 ----a-w- c:\windows\system32\gameux.dll
2013-10-11 17:30:37 94720 ----a-w- c:\windows\system32\logagent.exe
2013-10-11 17:30:36 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2013-10-11 17:29:44 84480 ----a-w- c:\windows\system32\INETRES.dll
2013-10-11 17:29:19 61440 ----a-w- c:\windows\system32\msasn1.dll
2013-10-11 17:28:57 1645568 ----a-w- c:\windows\system32\connect.dll
2013-10-11 17:28:30 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2013-10-11 17:27:45 281600 ----a-w- c:\windows\system32\raschap.dll
2013-10-11 17:27:45 244224 ----a-w- c:\windows\system32\rastls.dll
2013-10-11 17:27:20 351232 ----a-w- c:\windows\system32\WSDApi.dll
2013-10-11 17:26:09 91136 ----a-w- c:\windows\system32\avifil32.dll
2013-10-11 17:26:09 82944 ----a-w- c:\windows\system32\mciavi32.dll
2013-10-11 17:26:09 65024 ----a-w- c:\windows\system32\avicap32.dll
2013-10-11 17:26:09 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2013-10-11 17:26:09 31744 ----a-w- c:\windows\system32\msvidc32.dll
2013-10-11 17:26:09 22528 ----a-w- c:\windows\system32\msyuv.dll
2013-10-11 17:26:09 13312 ----a-w- c:\windows\system32\msrle32.dll
2013-10-11 17:26:09 123904 ----a-w- c:\windows\system32\msvfw32.dll
2013-10-11 17:26:09 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2013-10-11 17:25:26 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-10-11 17:24:25 7680 ----a-w- c:\windows\system32\spwmp.dll
2013-10-11 17:24:25 4096 ----a-w- c:\windows\system32\dxmasf.dll
2013-10-11 17:24:25 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2013-10-11 17:24:24 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-10-11 17:24:24 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2013-10-11 17:24:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2013-10-11 17:24:21 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2013-10-11 15:51:59 91544 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
2013-10-11 15:42:49 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-11 15:42:48 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-11 15:42:47 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-11 15:42:44 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-11 15:41:58 -------- d-sh--w- c:\windows\Installer
2013-10-11 15:41:33 41664 ----a-w- c:\windows\avastSS.scr
2013-10-11 15:40:42 -------- d-----w- c:\program files\AVAST Software
2013-10-11 15:39:10 -------- d-----w- c:\programdata\AVAST Software
2013-10-11 15:10:46 -------- d-----w- c:\program files\Synaptics
2013-10-11 15:07:48 520192 ----a-w- c:\windows\RtlExUpd.dll
2013-10-11 15:07:48 315392 ----a-w- c:\windows\HideWin.exe
2013-10-11 15:07:43 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2013-10-11 15:07:43 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-10-11 15:07:43 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2013-10-11 15:07:43 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2013-10-11 15:07:42 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2013-10-11 15:07:42 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-10-11 15:07:41 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2013-10-11 15:07:40 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2013-10-11 15:07:09 6656 ----a-w- c:\windows\system32\SiSApi.dll
2013-10-11 15:07:06 -------- d-----w- c:\program files\SiS VGA Utilities
2013-10-11 15:06:27 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2013-10-11 15:06:27 187320 ----a-w- c:\windows\system32\drivers\SynTP.sys
2013-10-11 15:06:27 163840 ----a-w- c:\windows\system32\SynCOM.dll
2013-10-11 15:06:27 143360 ----a-w- c:\windows\system32\SynTPAPI.dll
2013-10-11 15:06:27 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2013-10-11 15:06:27 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2013-10-11 15:05:46 6656 ----a-w- c:\windows\system32\SiSCo.dll
2013-10-11 15:05:46 655360 ----a-w- c:\windows\system32\SiSClone.dll
2013-10-11 15:05:46 5632 ----a-w- c:\windows\system32\SiSKrl.dll
2013-10-11 15:05:46 456568 ----a-w- c:\windows\system32\drivers\SISGRKMD.sys
2013-10-11 15:05:46 4078592 ----a-w- c:\windows\system32\SiSGlv.dll
2013-10-11 15:05:46 3625984 ----a-w- c:\windows\system32\SISGRUMD.dll
2013-10-11 15:05:46 212992 ----a-w- c:\windows\system32\SiSFunc.dll
2013-10-11 15:05:45 56184 ----a-w- c:\windows\system32\drivers\SISAGPX.SYS
2013-10-11 15:05:13 22632 ----a-w- c:\windows\system32\streamci.dll
2013-10-11 14:55:25 -------- d-----w- C:\fsc.tmp
2013-10-11 14:46:56 516784 ----a-r- c:\windows\system32\XceedCry.dll
.
==================== Find3M ====================
.
2013-10-14 12:50:57 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2013-10-14 12:50:38 82432 ----a-w- c:\windows\system32\axaltocm.dll
2013-10-12 18:08:56 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2013-10-11 19:04:59 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2013-10-11 18:45:04 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2013-10-11 17:31:08 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2013-10-11 15:08:11 319456 ----a-w- c:\windows\DIFxAPI.dll
.
============= FINISH: 9:20:12.63 ===============
attach.zip
aswMBR.txt
-
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
- Ensure all Firefox windows are closed.
- To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
- When prompted to run the scan, click Yes.
- GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
Please download Malwarebytes from Here or Here
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected .
- When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
- Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
-
Logs
Thank you.
Gooredfix log:
GooredFix by jpshortstuff (03.07.10.1)
Log created at 10:36 on 22/10/2013 (ADB49)
Firefox version 24.0 (en-US)
========== GooredScan ==========
========== GooredLog ==========
C:\Program Files\Mozilla Firefox\extensions\
(none)
C:\Users\ADB49\Application Data\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\
{ab91efd4-6975-4081-8552-1b3922ed79e2} [21:57 11/10/2013]
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [15:41 11/10/2013]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [22:34 13/10/2013]
-=E.O.F=-
MBAM log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.10.22.03
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
ADB49 :: ADB [administrator]
22/10/2013 10:41:07
mbam-log-2013-10-22 (10-41-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 187939
Time elapsed: 11 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0Z1N1J -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 8
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Program Files\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Program Files\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
Files Detected: 7
C:\$Recycle.Bin\S-1-5-21-3740713769-1093254276-2860028584-1000\$RTFYJ6H.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\config.dat (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\prod.dat (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\STTL.DAT (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\TTL.DAT (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
(end)
-
Lets clean you up a bit more
Please download AdwCleaner by Xplode and save to your Desktop.
- Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator. - Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
- The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
- Copy and paste the contents of that logfile in your next reply.
- A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
-
# AdwCleaner v3.010 - Report created 22/10/2013 at 12:50:03
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# Username : ADB49 - ADB
# Running from : C:\Users\ADB49\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Windows\System32\Tasks\digitalsite
File Found : C:\Windows\Tasks\digitalsite.job
Folder Found C:\Program Files\BonanzaDeals
Folder Found C:\Users\ADB49\AppData\Roaming\digitalsite
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\digitalsite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\digitalsite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\digitalsite
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6001.18639
-\\ Mozilla Firefox v24.0 (en-US)
[ File : C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1266 octets] - [22/10/2013 12:50:03]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1326 octets] ##########
-
Go ahead and run AdwCleaner again and this time click on Clean, post the log please
-
# AdwCleaner v3.010 - Report created 22/10/2013 at 14:40:41
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# Username : ADB49 - ADB
# Running from : C:\Users\ADB49\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\BonanzaDeals
Folder Deleted : C:\Users\ADB49\AppData\Roaming\digitalsite
File Deleted : C:\Windows\Tasks\digitalsite.job
File Deleted : C:\Windows\System32\Tasks\digitalsite
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\digitalsite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48F17925-B968-4C71-9982-79F5C289F5EB}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48F17925-B968-4C71-9982-79F5C289F5EB}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6001.18639
-\\ Mozilla Firefox v24.0 (en-US)
[ File : C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1406 octets] - [22/10/2013 12:50:03]
AdwCleaner[R1].txt - [1466 octets] - [22/10/2013 14:39:42]
AdwCleaner[S0].txt - [1475 octets] - [22/10/2013 14:40:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1535 octets] ##########
-
How are the Firefox redirects ? Run this tool first and then run OTL and post the logs please
Download Junkware Removal Tool to your desktop
- shut down your protection software now to avoid potential conflicts.
- run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
- the tool will open and start scanning your system
- please be patient as this can take a while to complete depending on your system's specifications
- on completion, a log (JRT.txt) is saved to your desktop and will automatically open
- post the contents of JRT.txt into your next message.
OTL by OldTimer
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Click the "Scan All Users" checkbox.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. - Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
-
So far today, I have had NO Firefox redirects; since this problem started, there was usually something upon starting the PC from sleep, and one or two attempts through the day.
Please note that the OTL logs needed to be spread over three posts.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows Vista (TM) Home Basic x86
Ran by ADB49 on 22/10/2013 at 15:27:22.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\ADB49\AppData\Roaming\mozilla\firefox\profiles\4vgpos24.default\minidumps [6 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/10/2013 at 15:30:53.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OTL logfile created on: 22/10/2013 15:37:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ADB49\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
764.46 Mb Total Physical Memory | 307.47 Mb Available Physical Memory | 40.22% Memory free
1.75 Gb Paging File | 1.06 Gb Available in Paging File | 60.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS
Computer Name: ADB | User Name: ADB49 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ADB49\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe (ITE Tech Inc.)
PRC - C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
PRC - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
========== Services (SafeList) ==========
SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (SiS6350) -- C:\Windows\System32\drivers\SISGRKMD.sys (Silicon Integrated Systems Corporation)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (SISAGP) -- C:\Windows\System32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.28.1
FF - prefs.js..extensions.enabledAddons: %7B6005d9b1-d115-485a-a92a-3f6453ca3fe2%7D:2.4
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/21 11:58:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/10/11 16:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Extensions
[2013/10/16 16:25:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions
[2013/10/11 22:57:41 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2013/10/16 16:25:22 | 000,260,260 | ---- | M] () (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
[2013/10/11 16:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/11 16:52:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/21 11:58:33 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SiSTray] C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [TouchPadHotKey] C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{78f811bc-329f-11e3-b86e-001e33027fe2}\Shell\AutoRun\command - "" = E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe
O33 - MountPoints2\{78f811c1-329f-11e3-b86e-001e33027fe2}\Shell - "" = AutoRun
O33 - MountPoints2\{78f811c1-329f-11e3-b86e-001e33027fe2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/22 15:34:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ADB49\Desktop\OTL.exe
[2013/10/22 15:27:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/22 15:24:17 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\ADB49\Desktop\JRT.exe
[2013/10/22 12:49:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/22 10:37:56 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Malwarebytes
[2013/10/22 10:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/22 10:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/22 10:37:28 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/10/22 10:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/22 10:36:07 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\GooredFix Backups
[2013/10/22 10:34:17 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ADB49\Desktop\mbam-setup-1.75.0.1300.exe
[2013/10/22 10:32:46 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\ADB49\Desktop\GooredFix.exe
[2013/10/21 12:48:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\AVAST Software
[2013/10/21 11:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/10/20 03:04:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2013/10/18 22:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/10/17 10:00:26 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\Malware
[2013/10/17 09:16:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/10/17 09:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/10/17 09:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/10/16 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/10/16 12:30:33 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/10/16 12:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/10/14 22:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2013/10/14 21:01:22 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2013/10/14 21:01:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2013/10/14 21:01:10 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2013/10/14 21:01:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2013/10/14 21:01:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2013/10/14 21:01:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2013/10/14 21:01:08 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2013/10/14 21:01:08 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2013/10/14 21:01:08 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2013/10/14 21:01:06 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2013/10/14 21:01:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2013/10/14 21:01:06 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2013/10/14 21:01:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2013/10/14 21:01:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2013/10/14 21:01:05 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2013/10/14 21:01:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2013/10/14 21:01:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2013/10/14 21:01:04 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2013/10/14 21:01:02 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013/10/14 21:01:01 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013/10/14 21:01:01 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013/10/14 21:01:00 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013/10/14 21:01:00 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013/10/14 20:40:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2013/10/14 20:40:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2013/10/14 20:40:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013/10/14 20:27:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2013/10/14 20:25:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2013/10/14 20:24:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2013/10/14 20:24:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2013/10/14 20:24:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2013/10/14 20:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2013/10/14 20:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2013/10/14 20:24:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2013/10/14 20:24:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2013/10/14 20:24:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2013/10/14 20:24:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2013/10/14 20:24:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2013/10/14 20:23:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2013/10/14 20:23:08 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2013/10/14 20:23:07 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2013/10/14 20:23:04 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2013/10/14 20:23:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2013/10/14 18:18:38 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/10/14 18:18:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2013/10/14 18:18:01 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/14 18:18:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013/10/14 18:18:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/14 18:17:35 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013/10/14 18:17:33 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/14 18:17:33 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/10/14 18:17:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/10/14 18:17:30 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013/10/14 18:17:30 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/10/14 18:17:29 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/10/14 18:17:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/14 18:17:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2013/10/14 18:17:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/14 18:17:27 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/14 18:16:56 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/10/14 18:16:54 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/10/14 18:16:51 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2013/10/14 18:16:49 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2013/10/14 18:16:41 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2013/10/14 18:16:33 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2013/10/14 18:16:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2013/10/14 18:16:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2013/10/14 18:16:08 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2013/10/14 18:16:04 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/14 18:15:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2013/10/14 18:15:14 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2013/10/14 18:14:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2013/10/14 18:14:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2013/10/14 18:14:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2013/10/14 18:14:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2013/10/14 18:14:33 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2013/10/14 18:14:30 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2013/10/14 18:14:29 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2013/10/14 18:14:28 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2013/10/14 18:14:27 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2013/10/14 18:14:15 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2013/10/14 18:14:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2013/10/14 18:14:12 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2013/10/14 18:13:51 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/10/14 18:13:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013/10/14 18:13:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2013/10/14 18:13:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/14 18:13:20 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2013/10/14 18:13:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/10/14 18:12:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/10/14 18:12:29 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2013/10/14 18:12:12 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/10/14 18:12:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/10/14 17:08:35 | 000,000,000 | --SD | C] -- C:\Users\ADB49\Documents\My Data Sources
[2013/10/14 14:11:27 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2013/10/14 13:35:19 | 000,047,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe
[2013/10/14 13:35:13 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll
[2013/10/14 13:10:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2013/10/14 13:10:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2013/10/14 13:08:42 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2013/10/14 13:08:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2013/10/14 13:07:30 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2013/10/14 13:07:30 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2013/10/14 13:07:30 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2013/10/14 13:07:30 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2013/10/14 13:07:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2013/10/14 13:07:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/10/14 13:07:29 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2013/10/14 13:07:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2013/10/14 13:07:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2013/10/14 13:07:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2013/10/14 13:07:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2013/10/14 13:07:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2013/10/14 13:07:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2013/10/14 13:07:24 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2013/10/14 13:07:24 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2013/10/14 13:07:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2013/10/14 13:07:24 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2013/10/14 13:07:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2013/10/14 13:07:22 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2013/10/14 13:07:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2013/10/14 13:07:21 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2013/10/14 13:07:18 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2013/10/14 13:07:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/10/14 13:07:17 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2013/10/14 13:07:17 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2013/10/14 13:07:17 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2013/10/14 13:07:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2013/10/14 13:07:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/10/14 13:07:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2013/10/14 13:07:12 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2013/10/14 13:07:11 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2013/10/14 13:07:11 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2013/10/14 13:07:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2013/10/14 13:07:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2013/10/14 13:07:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2013/10/14 13:07:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2013/10/14 13:07:09 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2013/10/14 13:07:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2013/10/14 13:07:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2013/10/14 13:07:08 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2013/10/14 13:07:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2013/10/14 13:07:08 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/10/14 13:07:07 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2013/10/14 13:07:07 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2013/10/14 13:07:07 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2013/10/14 13:07:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2013/10/14 13:07:06 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2013/10/14 13:07:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2013/10/14 13:07:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2013/10/14 13:07:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2013/10/14 13:07:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2013/10/14 13:07:05 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2013/10/14 13:07:04 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2013/10/14 13:07:01 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2013/10/14 13:07:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2013/10/14 13:07:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2013/10/14 13:07:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2013/10/14 13:06:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2013/10/14 13:06:48 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2013/10/14 13:06:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2013/10/14 13:06:43 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2013/10/14 13:06:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2013/10/14 13:06:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2013/10/14 13:06:40 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2013/10/14 13:06:40 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2013/10/14 13:06:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2013/10/14 13:06:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2013/10/14 13:06:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2013/10/14 13:06:39 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2013/10/14 13:06:38 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2013/10/14 13:06:37 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2013/10/14 13:06:36 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2013/10/14 13:06:35 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2013/10/14 13:06:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2013/10/14 13:06:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2013/10/14 13:06:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2013/10/14 13:06:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2013/10/14 13:06:34 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/10/14 13:06:34 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2013/10/14 13:06:34 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2013/10/14 13:06:33 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2013/10/14 13:06:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/10/14 13:06:33 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013/10/14 13:06:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2013/10/14 13:06:32 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2013/10/14 13:06:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2013/10/14 13:06:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2013/10/14 13:06:31 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2013/10/14 13:06:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2013/10/14 13:06:31 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2013/10/14 13:06:30 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2013/10/14 13:06:30 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2013/10/14 13:06:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2013/10/14 13:06:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2013/10/14 13:06:28 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2013/10/14 13:06:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2013/10/14 13:06:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2013/10/14 13:06:24 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2013/10/14 13:06:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2013/10/14 13:06:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2013/10/14 13:06:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2013/10/14 13:06:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2013/10/14 13:06:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2013/10/14 13:06:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2013/10/14 13:06:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2013/10/14 13:06:22 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2013/10/14 13:06:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2013/10/14 13:06:21 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2013/10/14 13:06:20 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2013/10/14 13:06:20 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2013/10/14 13:06:19 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2013/10/14 13:06:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2013/10/14 13:06:18 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2013/10/14 13:06:17 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2013/10/14 13:06:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2013/10/14 13:06:16 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2013/10/14 13:06:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2013/10/14 13:06:16 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2013/10/14 13:06:15 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2013/10/14 13:06:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2013/10/14 13:06:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2013/10/14 13:06:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2013/10/14 13:06:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2013/10/14 13:06:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2013/10/14 13:06:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/10/14 13:06:12 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2013/10/14 13:06:11 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2013/10/14 13:06:11 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2013/10/14 13:06:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2013/10/14 13:06:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2013/10/14 13:06:11 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2013/10/14 13:06:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2013/10/14 13:06:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2013/10/14 13:06:10 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2013/10/14 13:06:10 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2013/10/14 13:06:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2013/10/14 13:06:10 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2013/10/14 13:06:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2013/10/14 13:06:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2013/10/14 13:06:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/10/14 13:06:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2013/10/14 13:06:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2013/10/14 13:06:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2013/10/14 13:06:08 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2013/10/14 13:06:06 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2013/10/14 13:06:06 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2013/10/14 13:06:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2013/10/14 13:06:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2013/10/14 13:06:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2013/10/14 13:06:05 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2013/10/14 13:06:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2013/10/14 13:06:02 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2013/10/14 13:06:01 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2013/10/14 13:06:00 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2013/10/14 13:06:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2013/10/14 13:05:58 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2013/10/14 13:05:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2013/10/14 13:05:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2013/10/14 13:05:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2013/10/14 13:05:47 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2013/10/14 13:05:47 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2013/10/14 13:05:46 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2013/10/14 13:05:45 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2013/10/14 13:05:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2013/10/14 13:05:41 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2013/10/14 13:05:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2013/10/14 13:05:40 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2013/10/14 13:05:36 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2013/10/14 13:05:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2013/10/14 13:05:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2013/10/14 13:05:32 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2013/10/14 13:05:31 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2013/10/14 13:05:31 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2013/10/14 13:05:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2013/10/14 13:05:31 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2013/10/14 13:05:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2013/10/14 13:05:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2013/10/14 13:05:29 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2013/10/14 13:05:27 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2013/10/14 13:05:27 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2013/10/14 13:05:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2013/10/14 13:05:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2013/10/14 13:05:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2013/10/14 13:05:26 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2013/10/14 13:05:26 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2013/10/14 13:05:26 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2013/10/14 13:05:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2013/10/14 13:05:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2013/10/14 13:05:25 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013/10/14 13:05:25 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2013/10/14 13:05:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2013/10/14 13:05:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2013/10/14 13:05:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2013/10/14 13:05:24 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2013/10/14 13:05:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2013/10/14 13:05:23 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2013/10/14 13:05:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2013/10/14 13:05:18 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2013/10/14 13:05:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2013/10/14 13:05:18 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2013/10/14 13:05:18 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2013/10/14 13:05:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2013/10/14 13:05:17 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2013/10/14 13:05:17 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2013/10/14 13:05:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2013/10/14 13:05:17 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2013/10/14 13:05:17 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/10/14 13:05:17 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2013/10/14 13:05:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/10/14 13:05:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2013/10/14 13:05:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2013/10/14 13:05:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2013/10/14 13:05:16 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2013/10/14 13:05:15 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2013/10/14 13:05:15 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2013/10/14 13:05:15 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2013/10/14 13:05:15 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2013/10/14 13:05:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2013/10/14 13:05:14 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2013/10/14 13:05:13 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2013/10/14 13:05:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013/10/14 13:05:12 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2013/10/14 13:05:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2013/10/14 13:05:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2013/10/14 13:05:11 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2013/10/14 13:05:11 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2013/10/14 13:05:11 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2013/10/14 13:05:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2013/10/14 13:05:11 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2013/10/14 13:05:10 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2013/10/14 13:05:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2013/10/14 13:05:09 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2013/10/14 13:05:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2013/10/14 13:05:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2013/10/14 13:05:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2013/10/14 13:05:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2013/10/14 13:05:08 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2013/10/14 13:05:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2013/10/14 13:05:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2013/10/14 13:05:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2013/10/14 13:05:06 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2013/10/14 13:05:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2013/10/14 13:05:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2013/10/14 13:05:04 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2013/10/14 13:05:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2013/10/14 13:05:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2013/10/14 13:05:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2013/10/14 13:05:02 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2013/10/14 13:05:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2013/10/14 13:05:00 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2013/10/14 13:05:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2013/10/14 13:05:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2013/10/14 13:05:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
-
OTL log part 2
[2013/10/14 13:04:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2013/10/14 13:04:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2013/10/14 13:04:57 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2013/10/14 13:04:57 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2013/10/14 13:04:57 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2013/10/14 13:04:56 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2013/10/14 13:04:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2013/10/14 13:04:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2013/10/14 13:04:55 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2013/10/14 13:04:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2013/10/14 13:04:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2013/10/14 13:04:54 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2013/10/14 13:04:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2013/10/14 13:04:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2013/10/14 13:04:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2013/10/14 13:04:53 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2013/10/14 13:04:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2013/10/14 13:04:52 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2013/10/14 13:04:49 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2013/10/14 13:04:49 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2013/10/14 13:04:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2013/10/14 13:04:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2013/10/14 13:04:48 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013/10/14 13:04:48 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/10/14 13:04:48 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2013/10/14 13:04:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2013/10/14 13:04:47 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2013/10/14 13:04:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2013/10/14 13:04:47 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2013/10/14 13:04:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2013/10/14 13:04:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2013/10/14 13:04:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2013/10/14 13:04:45 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2013/10/14 13:04:45 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2013/10/14 13:04:45 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2013/10/14 13:04:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2013/10/14 13:04:44 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2013/10/14 13:04:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2013/10/14 13:04:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2013/10/14 13:04:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2013/10/14 13:04:44 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2013/10/14 13:04:43 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2013/10/14 13:04:43 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2013/10/14 13:04:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2013/10/14 13:04:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2013/10/14 13:04:43 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2013/10/14 13:04:42 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2013/10/14 13:04:42 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2013/10/14 13:04:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2013/10/14 13:04:41 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2013/10/14 13:04:41 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2013/10/14 13:04:41 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/14 13:04:41 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/14 13:04:41 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/14 13:04:40 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2013/10/14 13:04:40 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2013/10/14 13:04:39 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/14 13:04:39 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2013/10/14 13:04:39 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2013/10/14 13:04:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2013/10/14 13:04:38 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2013/10/14 13:04:38 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2013/10/14 13:04:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2013/10/14 13:04:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2013/10/14 13:04:36 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2013/10/14 13:04:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2013/10/14 13:04:35 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2013/10/14 13:04:35 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2013/10/14 13:04:35 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2013/10/14 13:04:34 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2013/10/14 13:04:34 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2013/10/14 13:04:34 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2013/10/14 13:04:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2013/10/14 13:04:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2013/10/14 13:04:33 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2013/10/14 13:04:33 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2013/10/14 13:04:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013/10/14 13:04:32 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2013/10/14 13:04:32 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2013/10/14 13:04:32 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2013/10/14 13:04:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2013/10/14 13:04:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2013/10/14 13:04:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2013/10/14 13:04:31 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2013/10/14 13:04:31 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2013/10/14 13:04:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013/10/14 13:04:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2013/10/14 13:04:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2013/10/14 13:04:30 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2013/10/14 13:04:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2013/10/14 13:04:29 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2013/10/14 13:04:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2013/10/14 13:04:29 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2013/10/14 13:04:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2013/10/14 13:04:28 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2013/10/14 13:04:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2013/10/14 13:04:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2013/10/14 13:04:28 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2013/10/14 13:04:27 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2013/10/14 13:04:27 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2013/10/14 13:04:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2013/10/14 13:04:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2013/10/14 13:04:27 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2013/10/14 13:04:26 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2013/10/14 13:04:26 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2013/10/14 13:04:26 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2013/10/14 13:04:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2013/10/14 13:04:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2013/10/14 13:04:25 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2013/10/14 13:04:25 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2013/10/14 13:04:24 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2013/10/14 13:04:24 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2013/10/14 13:04:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2013/10/14 13:04:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2013/10/14 13:04:24 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2013/10/14 13:04:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2013/10/14 13:04:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2013/10/14 13:04:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2013/10/14 13:04:21 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2013/10/14 13:04:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2013/10/14 13:04:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2013/10/14 13:04:18 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2013/10/14 13:04:17 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2013/10/14 13:04:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2013/10/14 13:04:15 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2013/10/14 13:04:15 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2013/10/14 13:04:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2013/10/14 13:04:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2013/10/14 13:04:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2013/10/14 13:04:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2013/10/14 13:04:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2013/10/14 13:04:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2013/10/14 13:04:14 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2013/10/14 13:04:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2013/10/14 13:04:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2013/10/14 13:04:13 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2013/10/14 13:04:13 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2013/10/14 13:04:13 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2013/10/14 13:04:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013/10/14 13:04:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2013/10/14 13:04:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2013/10/14 13:04:11 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2013/10/14 13:04:11 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2013/10/14 13:04:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2013/10/14 13:04:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2013/10/14 13:04:10 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2013/10/14 13:04:08 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2013/10/14 13:04:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/10/14 13:04:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2013/10/14 13:04:08 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2013/10/14 13:04:07 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2013/10/14 13:04:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2013/10/14 13:04:07 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2013/10/14 13:04:07 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2013/10/14 13:04:06 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2013/10/14 13:04:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013/10/14 13:04:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2013/10/14 13:04:06 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2013/10/14 13:04:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2013/10/14 13:04:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2013/10/14 13:04:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2013/10/14 13:04:05 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2013/10/14 13:04:05 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2013/10/14 13:04:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2013/10/14 13:04:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2013/10/14 13:04:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2013/10/14 13:04:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2013/10/14 13:04:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2013/10/14 13:04:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2013/10/14 13:04:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2013/10/14 13:04:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2013/10/14 13:04:03 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2013/10/14 13:04:03 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/10/14 13:04:03 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2013/10/14 13:04:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2013/10/14 13:04:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2013/10/14 13:04:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2013/10/14 13:04:02 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2013/10/14 13:04:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2013/10/14 13:04:02 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2013/10/14 13:04:01 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/10/14 13:04:01 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/10/14 13:04:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2013/10/14 13:04:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2013/10/14 13:04:00 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2013/10/14 13:04:00 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2013/10/14 13:04:00 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2013/10/14 13:04:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2013/10/14 13:04:00 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2013/10/14 13:03:59 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2013/10/14 13:03:59 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2013/10/14 13:03:58 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2013/10/14 13:03:58 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013/10/14 13:03:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2013/10/14 13:03:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2013/10/14 13:03:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2013/10/14 13:03:57 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2013/10/14 13:03:57 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2013/10/14 13:03:57 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2013/10/14 13:03:57 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2013/10/14 13:03:56 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2013/10/14 13:03:56 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2013/10/14 13:03:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2013/10/14 13:03:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2013/10/14 13:03:54 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2013/10/14 13:03:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2013/10/14 13:03:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2013/10/14 13:03:54 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2013/10/14 13:03:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2013/10/14 13:03:53 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2013/10/14 13:03:53 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2013/10/14 13:03:53 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2013/10/14 13:03:53 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2013/10/14 13:03:53 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2013/10/14 13:03:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2013/10/14 13:03:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2013/10/14 13:03:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2013/10/14 13:03:52 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/10/14 13:03:51 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2013/10/14 13:03:51 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2013/10/14 13:03:51 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2013/10/14 13:03:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2013/10/14 13:03:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2013/10/14 13:03:50 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2013/10/14 13:03:50 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2013/10/14 13:03:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2013/10/14 13:03:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2013/10/14 13:03:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2013/10/14 13:03:47 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2013/10/14 13:03:47 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2013/10/14 13:03:47 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2013/10/14 13:03:46 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2013/10/14 13:03:45 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2013/10/14 13:03:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2013/10/14 13:03:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2013/10/14 13:03:44 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2013/10/14 13:03:44 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2013/10/14 13:03:42 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2013/10/14 13:03:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2013/10/14 13:03:41 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2013/10/14 13:03:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2013/10/14 13:03:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2013/10/14 13:03:39 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2013/10/14 13:03:39 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2013/10/14 13:03:39 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2013/10/14 13:03:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2013/10/14 13:03:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2013/10/14 13:03:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2013/10/14 13:03:37 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2013/10/14 13:03:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2013/10/14 13:03:36 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/10/14 13:03:36 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2013/10/14 13:03:36 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2013/10/14 13:03:35 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2013/10/14 13:03:34 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2013/10/14 13:03:34 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2013/10/14 13:03:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2013/10/14 13:03:33 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2013/10/14 13:03:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2013/10/14 13:03:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2013/10/14 13:03:30 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2013/10/14 13:03:23 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2013/10/14 13:03:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2013/10/14 13:03:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/10/14 13:03:18 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2013/10/14 13:03:18 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2013/10/14 13:03:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2013/10/14 13:03:17 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2013/10/14 13:03:16 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/14 13:03:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2013/10/14 13:03:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2013/10/14 13:03:15 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2013/10/14 13:03:14 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2013/10/14 13:03:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2013/10/14 13:03:12 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2013/10/14 13:03:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2013/10/14 13:03:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2013/10/14 13:03:09 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2013/10/14 13:03:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2013/10/14 13:03:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2013/10/14 13:03:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2013/10/14 13:03:08 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2013/10/14 13:03:08 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2013/10/14 13:03:08 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2013/10/14 13:03:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2013/10/14 13:03:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/10/14 13:03:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2013/10/14 13:03:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/10/14 13:03:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/10/14 13:03:04 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2013/10/14 13:03:03 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2013/10/14 13:03:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2013/10/14 13:03:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2013/10/14 13:03:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013/10/14 13:03:02 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2013/10/14 13:03:02 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/10/14 13:03:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2013/10/14 13:03:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2013/10/14 13:03:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2013/10/14 13:02:59 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2013/10/14 13:02:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2013/10/14 13:02:57 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/10/14 13:02:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2013/10/14 13:02:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2013/10/14 13:02:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2013/10/14 13:02:53 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2013/10/14 13:02:53 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2013/10/14 13:02:53 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/10/14 13:02:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2013/10/14 13:02:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2013/10/14 13:02:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2013/10/14 13:02:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2013/10/14 13:02:52 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2013/10/14 13:02:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2013/10/14 13:02:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013/10/14 13:02:51 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013/10/14 13:02:50 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2013/10/14 13:02:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2013/10/14 13:02:50 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/10/14 13:02:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2013/10/14 13:02:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2013/10/14 13:02:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2013/10/14 13:02:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2013/10/14 13:02:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2013/10/14 13:02:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2013/10/14 13:02:46 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2013/10/14 13:02:46 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2013/10/14 13:02:41 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2013/10/14 13:02:41 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2013/10/14 13:02:39 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2013/10/14 13:02:39 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2013/10/14 13:02:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2013/10/14 13:02:39 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2013/10/14 13:02:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2013/10/14 13:02:38 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2013/10/14 13:02:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2013/10/14 13:02:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/10/14 13:02:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2013/10/14 13:02:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2013/10/14 13:02:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2013/10/14 13:02:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2013/10/14 13:02:31 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2013/10/14 13:02:31 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2013/10/14 13:02:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2013/10/14 13:02:30 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2013/10/14 13:02:29 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2013/10/14 13:02:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2013/10/14 13:02:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2013/10/14 13:02:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2013/10/14 13:02:26 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2013/10/14 13:02:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2013/10/14 13:02:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2013/10/14 13:02:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2013/10/14 13:02:25 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2013/10/14 13:02:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2013/10/14 13:02:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2013/10/14 13:02:21 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2013/10/14 13:02:21 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2013/10/14 13:02:21 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2013/10/14 13:02:21 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2013/10/14 13:02:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2013/10/14 13:02:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2013/10/14 13:02:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2013/10/14 13:02:20 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2013/10/14 13:02:20 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2013/10/14 13:02:18 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013/10/14 13:02:17 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2013/10/14 13:02:17 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2013/10/14 13:02:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2013/10/14 13:02:16 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2013/10/14 13:02:16 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2013/10/14 13:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2013/10/14 13:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2013/10/14 13:02:15 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2013/10/14 13:02:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2013/10/14 13:02:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/10/14 13:02:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2013/10/14 13:02:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2013/10/14 13:02:13 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2013/10/14 13:02:13 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2013/10/14 13:02:13 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2013/10/14 13:02:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013/10/14 13:02:12 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2013/10/14 13:02:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2013/10/14 13:02:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2013/10/14 13:02:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2013/10/14 13:02:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2013/10/14 13:02:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2013/10/14 13:02:10 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2013/10/14 13:02:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2013/10/14 13:02:09 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2013/10/14 13:02:09 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013/10/14 13:02:09 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013/10/14 13:02:09 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2013/10/14 13:02:09 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2013/10/14 13:02:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013/10/14 13:02:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2013/10/14 13:02:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013/10/14 13:02:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2013/10/14 13:02:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2013/10/14 13:02:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2013/10/14 13:02:07 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013/10/14 13:02:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013/10/14 13:02:06 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2013/10/14 13:02:05 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2013/10/14 13:02:05 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2013/10/14 13:02:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013/10/14 13:02:04 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2013/10/14 13:02:03 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2013/10/14 13:02:02 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2013/10/14 13:02:02 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2013/10/14 13:02:01 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2013/10/14 13:02:01 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2013/10/14 13:02:01 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2013/10/14 13:02:00 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2013/10/14 13:02:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2013/10/14 13:02:00 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2013/10/14 13:02:00 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2013/10/14 13:01:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2013/10/14 13:01:59 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2013/10/14 13:01:58 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2013/10/14 13:01:58 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2013/10/14 13:01:58 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2013/10/14 13:01:57 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2013/10/14 13:01:56 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2013/10/14 13:01:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2013/10/14 13:01:52 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2013/10/14 13:01:51 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2013/10/14 13:01:51 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2013/10/14 13:01:51 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2013/10/14 13:01:50 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2013/10/14 13:01:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2013/10/14 13:01:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/10/14 13:01:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2013/10/14 13:01:46 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2013/10/14 13:01:46 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/10/14 13:01:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2013/10/14 13:01:37 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2013/10/14 13:01:36 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2013/10/14 13:01:36 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2013/10/14 13:01:30 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2013/10/14 13:01:29 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013/10/14 13:01:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2013/10/14 13:01:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2013/10/14 13:01:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2013/10/14 13:01:28 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2013/10/14 13:01:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2013/10/14 13:01:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2013/10/14 13:01:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2013/10/14 13:01:27 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2013/10/14 13:01:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2013/10/14 13:01:26 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2013/10/14 13:01:26 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2013/10/14 13:01:26 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2013/10/14 13:01:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2013/10/14 13:01:25 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2013/10/14 13:01:25 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2013/10/14 13:01:24 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2013/10/14 13:01:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2013/10/14 13:01:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2013/10/14 13:01:19 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2013/10/14 13:01:17 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2013/10/14 13:01:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2013/10/14 13:01:17 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2013/10/14 13:01:16 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2013/10/14 13:01:16 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2013/10/14 13:01:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2013/10/14 13:01:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2013/10/14 13:01:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2013/10/14 13:01:14 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2013/10/14 13:01:14 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/10/14 13:01:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013/10/14 13:01:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2013/10/14 13:01:13 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2013/10/14 13:01:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2013/10/14 13:01:11 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2013/10/14 13:01:10 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2013/10/14 13:01:10 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2013/10/14 13:01:10 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2013/10/14 13:01:10 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2013/10/14 13:01:09 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2013/10/14 13:01:09 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2013/10/14 13:01:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/14 13:01:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2013/10/14 13:01:07 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2013/10/14 13:01:07 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2013/10/14 13:01:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2013/10/14 13:01:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/14 13:01:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2013/10/14 13:01:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2013/10/14 13:01:05 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2013/10/14 13:01:05 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/14 13:01:04 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2013/10/14 13:01:04 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2013/10/14 13:01:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/10/14 13:01:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2013/10/14 13:01:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2013/10/14 13:01:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2013/10/14 13:01:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2013/10/14 13:01:01 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2013/10/14 13:01:00 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2013/10/14 13:01:00 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2013/10/14 13:01:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2013/10/14 13:01:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2013/10/14 13:00:59 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2013/10/14 13:00:59 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2013/10/14 13:00:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2013/10/14 13:00:59 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2013/10/14 13:00:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2013/10/14 13:00:58 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2013/10/14 13:00:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2013/10/14 13:00:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2013/10/14 13:00:58 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2013/10/14 13:00:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2013/10/14 13:00:57 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2013/10/14 13:00:57 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2013/10/14 13:00:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2013/10/14 13:00:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2013/10/14 13:00:56 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2013/10/14 13:00:55 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2013/10/14 13:00:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2013/10/14 13:00:54 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2013/10/14 13:00:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2013/10/14 13:00:53 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2013/10/14 13:00:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2013/10/14 13:00:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2013/10/14 13:00:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2013/10/14 13:00:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2013/10/14 13:00:50 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2013/10/14 13:00:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2013/10/14 13:00:47 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2013/10/14 13:00:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2013/10/14 13:00:46 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2013/10/14 13:00:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2013/10/14 13:00:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2013/10/14 13:00:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2013/10/14 13:00:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2013/10/14 13:00:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2013/10/14 13:00:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2013/10/14 13:00:41 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2013/10/14 13:00:40 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules