Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Browser redirects, URL:Mal2 detected by Avast

  1. #1
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default Browser redirects, URL:Mal2 detected by Avast

    Following a reinstall of Windows Vista, I find that Firefox is now redirecting to an unwanted site and Avast! is returning a URL:Mal2 warning. The site is blocked by Avast!. I also find that Windows does not shut down properly.
    I am yet to install Windows SP2, which I'm not prepared to do until this malware is removed. A full Avast! scan returns no threats, neither does a Spyboat S&D scan.

    DDS.txt:
    DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
    Internet Explorer: 7.0.6001.18639
    Run by ADB49 at 9:18:33 on 2013-10-17
    Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.44.1033.18.764.296 [GMT 1:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [SiSTray] c:\program files\sis vga utilities\SiSTray.exe
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [Skytel] Skytel.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [TouchPadHotKey] c:\program files\fsc\touchpad hotkey utility\TouchPad_HotKey.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
    StartupFolder: c:\users\adb49\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - c:\program files\fsc\wireless utility\WirelessSelector.exe
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07} : DHCPNameServer = 192.168.0.1
    Notify: SDWinLogon - SDWinLogon.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
    FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
    FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
    FF - ExtSQL: 2013-10-11 16:41; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
    FF - ExtSQL: 2013-10-11 22:57; {ab91efd4-6975-4081-8552-1b3922ed79e2}; c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
    FF - ExtSQL: 2013-10-13 23:35; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - ExtSQL: 2013-10-16 16:25; {6005d9b1-d115-485a-a92a-3f6453ca3fe2}; c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
    .
    ============= SERVICES / DRIVERS ===============
    .
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2008-9-9 48128]
    S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-10-11 49376]
    S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-10-11 177864]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-11 770344]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-11 369584]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-11 29816]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-11 66336]
    S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-11 46808]
    S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-10-16 1817560]
    S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-10-16 1033688]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-10-16 171928]
    S3 SiS6350;SiS6350;c:\windows\system32\drivers\SISGRKMD.sys [2013-10-11 456568]
    .
    =============== Created Last 30 ================
    .
    2013-10-16 11:41:55 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b0569338-4286-4c1b-86f5-0911ffda286e}\mpengine.dll
    2013-10-16 11:31:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2013-10-16 11:30:33 15224 ----a-w- c:\windows\system32\sdnclean.exe
    2013-10-16 11:29:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
    2013-10-14 19:40:23 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2013-10-14 19:40:23 297808 ----a-w- c:\windows\system32\mscoree.dll
    2013-10-14 19:40:23 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2013-10-14 19:40:22 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2013-10-14 19:40:22 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2013-10-14 19:25:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
    2013-10-14 19:24:20 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
    2013-10-14 19:24:19 40448 ----a-w- c:\windows\system32\winrs.exe
    2013-10-14 19:24:19 20480 ----a-w- c:\windows\system32\winrshost.exe
    2013-10-14 19:24:16 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
    2013-10-14 19:24:16 10240 ----a-w- c:\windows\system32\winrssrv.dll
    2013-10-14 19:24:10 81408 ----a-w- c:\windows\system32\wevtfwd.dll
    2013-10-14 19:24:10 79872 ----a-w- c:\windows\system32\wecutil.exe
    2013-10-14 19:24:10 56320 ----a-w- c:\windows\system32\wecapi.dll
    2013-10-14 19:24:10 54272 ----a-w- c:\windows\system32\WsmRes.dll
    2013-10-14 19:24:10 146944 ----a-w- c:\windows\system32\wecsvc.dll
    2013-10-14 19:24:08 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
    2013-10-14 19:23:29 201184 ----a-w- c:\windows\system32\winrm.vbs
    2013-10-14 19:23:10 145408 ----a-w- c:\windows\system32\WsmAuto.dll
    2013-10-14 19:23:08 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
    2013-10-14 19:23:07 241152 ----a-w- c:\windows\system32\winrscmd.dll
    2013-10-14 19:23:04 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
    2013-10-14 19:23:03 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
    2013-10-14 19:22:49 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
    2013-10-14 17:18:44 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
    2013-10-14 17:18:38 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2013-10-14 17:18:24 66048 ----a-w- c:\program files\windows mail\wabmig.exe
    2013-10-14 17:18:24 515584 ----a-w- c:\program files\windows mail\wab.exe
    2013-10-14 17:18:24 33280 ----a-w- c:\program files\windows mail\wabfind.dll
    2013-10-14 17:18:21 501760 ----a-w- c:\windows\system32\usp10.dll
    2013-10-14 17:18:14 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2013-10-14 17:18:13 17920 ----a-w- c:\windows\system32\netevent.dll
    2013-10-14 17:18:01 72704 ----a-w- c:\windows\system32\fontsub.dll
    2013-10-14 17:18:01 34304 ----a-w- c:\windows\system32\atmlib.dll
    2013-10-14 17:18:01 292864 ----a-w- c:\windows\system32\atmfd.dll
    2013-10-14 17:16:56 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-10-14 17:15:36 1169408 ----a-w- c:\windows\system32\sdclt.exe
    2013-10-14 17:15:27 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
    2013-10-14 17:15:24 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
    2013-10-14 17:15:20 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
    2013-10-14 17:15:20 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2013-10-14 17:15:16 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
    2013-10-14 17:15:14 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
    2013-10-14 17:15:11 430080 ----a-w- c:\windows\system32\vbscript.dll
    2013-10-14 17:15:06 563200 ----a-w- c:\windows\system32\oleaut32.dll
    2013-10-14 17:12:32 135168 ----a-w- c:\windows\system32\wshom.ocx
    2013-10-14 17:12:31 90112 ----a-w- c:\windows\system32\wshext.dll
    2013-10-14 17:12:31 155648 ----a-w- c:\windows\system32\wscript.exe
    2013-10-14 17:12:30 135168 ----a-w- c:\windows\system32\cscript.exe
    2013-10-14 17:12:29 180224 ----a-w- c:\windows\system32\scrobj.dll
    2013-10-14 17:12:28 172032 ----a-w- c:\windows\system32\scrrun.dll
    2013-10-14 17:12:12 375808 ----a-w- c:\windows\system32\winsrv.dll
    2013-10-14 17:12:11 49152 ----a-w- c:\windows\system32\csrsrv.dll
    2013-10-14 17:12:03 2067456 ----a-w- c:\windows\system32\mstscax.dll
    2013-10-14 17:12:00 677888 ----a-w- c:\windows\system32\mstsc.exe
    2013-10-14 17:11:48 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-10-14 16:42:56 531968 ----a-w- c:\windows\system32\comctl32.dll
    2013-10-14 16:39:40 276992 ----a-w- c:\windows\system32\schannel.dll
    2013-10-14 13:11:27 -------- d-----w- C:\PerfLogs
    2013-10-14 12:35:19 47560 ----a-w- c:\windows\system32\SPReview.exe
    2013-10-14 12:35:13 152576 ----a-w- c:\windows\system32\SPWizUI.dll
    2013-10-14 12:10:15 193024 ----a-w- c:\windows\system32\recdisc.exe
    2013-10-14 12:10:05 6656 ----a-w- c:\windows\system32\sdspres.dll
    2013-10-14 12:08:42 599552 ----a-w- c:\windows\system32\vsp1cln.exe
    2013-10-14 12:08:19 28160 ----a-w- c:\windows\system32\sxproxy.dll
    2013-10-14 12:08:08 142336 ----a-w- c:\windows\system32\spp.dll
    2013-10-14 12:06:54 34816 ----a-w- c:\windows\system32\drivers\npfs.sys
    2013-10-14 12:05:58 391168 ----a-w- c:\windows\system32\mscms.dll
    2013-10-14 12:04:59 146944 ----a-w- c:\windows\system32\RstrtMgr.dll
    2013-10-14 12:03:59 616448 ----a-w- c:\windows\system32\dsuiext.dll
    2013-10-14 12:02:59 83968 ----a-w- c:\windows\system32\hlink.dll
    2013-10-14 12:01:59 533504 ----a-w- c:\windows\system32\wmdrmsdk.dll
    2013-10-14 12:00:59 638976 ----a-w- c:\windows\system32\Utilman.exe
    2013-10-14 11:53:47 44032 ----a-w- c:\windows\system32\cbsra.exe
    2013-10-14 11:47:31 -------- d-----w- C:\03086a4ad6c74b04e539a6d7
    2013-10-14 10:50:42 -------- d-----w- c:\users\adb49\appdata\local\WindowsUpdate
    2013-10-14 10:39:25 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
    2013-10-14 10:39:24 31640 ----a-w- c:\windows\system32\msonpmon.dll
    2013-10-14 10:35:59 -------- d-----w- c:\windows\PCHEALTH
    2013-10-14 10:33:34 -------- d-----w- c:\windows\SHELLNEW
    2013-10-14 10:32:57 -------- d-----w- c:\users\adb49\appdata\local\Microsoft Help
    2013-10-13 22:21:05 97800 ----a-w- c:\windows\system32\infocardapi.dll
    2013-10-13 22:21:01 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2013-10-13 22:20:57 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
    2013-10-13 22:20:56 622080 ----a-w- c:\windows\system32\icardagt.exe
    2013-10-13 22:20:55 11264 ----a-w- c:\windows\system32\icardres.dll
    2013-10-13 22:20:43 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
    2013-10-12 20:47:04 -------- d-----w- c:\users\adb49\appdata\roaming\DigitalSite
    2013-10-12 20:46:45 -------- d-----w- c:\program files\BonanzaDealsLive
    2013-10-12 20:46:44 -------- d-----w- c:\users\adb49\appdata\local\BonanzaDealsLive
    2013-10-12 20:46:44 -------- d-----w- c:\programdata\BonanzaDealsLive
    2013-10-12 20:46:12 -------- d-----w- c:\users\adb49\appdata\local\Google
    2013-10-12 20:46:07 -------- d-----w- c:\program files\BonanzaDeals
    2013-10-12 20:45:50 -------- d-----w- c:\program files\Image Converter
    2013-10-12 20:23:55 -------- d-----w- c:\users\adb49\appdata\roaming\HpUpdate
    2013-10-12 20:23:44 -------- d-----w- c:\windows\Hewlett-Packard
    2013-10-12 18:11:19 378368 ----a-w- c:\windows\system32\winhttp.dll
    2013-10-12 18:09:36 269312 ----a-w- c:\windows\system32\es.dll
    2013-10-12 18:08:56 411136 ----a-w- c:\windows\system32\drivers\http.sys
    2013-10-12 18:08:56 31232 ----a-w- c:\windows\system32\httpapi.dll
    2013-10-12 18:08:56 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2013-10-12 18:07:52 -------- d-----w- c:\program files\MSXML 4.0
    2013-10-12 16:12:44 -------- d-----w- c:\programdata\Canneverbe Limited
    2013-10-12 16:12:32 -------- d-----w- c:\users\adb49\appdata\roaming\Canneverbe Limited
    2013-10-12 16:01:19 -------- d-----w- c:\users\adb49\appdata\local\Macromedia
    2013-10-12 16:00:22 -------- d-----w- c:\users\adb49\appdata\roaming\IrfanView
    2013-10-12 16:00:20 -------- d-----w- c:\program files\IrfanView
    2013-10-12 15:49:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-10-12 15:49:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-10-12 15:36:28 -------- d-----w- c:\users\adb49\appdata\local\Adobe
    2013-10-12 15:32:16 -------- d-----w- c:\users\adb49\appdata\local\Amazon
    2013-10-12 15:28:09 -------- d-----w- c:\program files\EasyGPS
    2013-10-12 15:13:39 -------- d-----w- c:\programdata\CheckPoint
    2013-10-12 14:43:33 -------- d-----w- c:\users\adb49\appdata\local\FlickrNet
    2013-10-12 13:58:39 312832 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
    2013-10-12 13:55:55 -------- d-----w- c:\program files\common files\HP
    2013-10-12 02:10:37 68096 ----a-w- c:\windows\system32\wlanhlp.dll
    2013-10-12 02:10:37 64512 ----a-w- c:\windows\system32\wlanapi.dll
    2013-10-12 02:10:37 127488 ----a-w- c:\windows\system32\L2SecHC.dll
    2013-10-12 02:10:36 513024 ----a-w- c:\windows\system32\wlansvc.dll
    2013-10-12 02:10:36 302592 ----a-w- c:\windows\system32\wlansec.dll
    2013-10-12 02:10:36 293376 ----a-w- c:\windows\system32\wlanmsm.dll
    2013-10-12 02:10:36 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
    2013-10-12 02:09:26 14848 ----a-w- c:\windows\system32\wshrm.dll
    2013-10-12 02:09:26 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
    2013-10-12 02:08:35 43520 ----a-w- c:\windows\system32\msdxm.tlb
    2013-10-12 02:08:35 313344 ----a-w- c:\windows\system32\wmpdxm.dll
    2013-10-12 02:08:35 18432 ----a-w- c:\windows\system32\amcompat.tlb
    2013-10-12 02:07:51 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2013-10-12 02:07:51 329216 ----a-w- c:\windows\system32\msdrm.dll
    2013-10-12 02:07:50 472064 ----a-w- c:\windows\system32\secproc.dll
    2013-10-12 02:07:50 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2013-10-12 02:07:50 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2013-10-12 02:07:50 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
    2013-10-12 02:07:49 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2013-10-12 02:07:49 511488 ----a-w- c:\windows\system32\RMActivate.exe
    2013-10-12 02:07:49 472576 ----a-w- c:\windows\system32\secproc_isv.dll
    2013-10-11 23:16:32 -------- d-sh--w- C:\Boot
    2013-10-11 23:15:52 -------- d-----w- c:\windows\system32\OEM
    2013-10-11 23:15:52 -------- d-----w- c:\windows\PANTHER
    2013-10-11 20:23:29 23552 ----a-w- c:\windows\system32\lpk.dll
    2013-10-11 20:23:29 10240 ----a-w- c:\windows\system32\dciman32.dll
    2013-10-11 20:22:34 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2013-10-11 20:22:14 238872 ------w- c:\windows\system32\MpSigStub.exe
    2013-10-11 20:19:44 72704 ----a-w- c:\windows\system32\admparse.dll
    2013-10-11 20:19:38 48128 ----a-w- c:\windows\system32\mshtmler.dll
    2013-10-11 20:19:32 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll
    2013-10-11 20:17:41 61440 ----a-w- c:\windows\system32\winipsec.dll
    2013-10-11 20:17:41 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
    2013-10-11 20:17:41 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
    2013-10-11 20:17:41 272896 ----a-w- c:\windows\system32\polstore.dll
    2013-10-11 20:15:26 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
    2013-10-11 20:15:26 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
    2013-10-11 20:15:26 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
    2013-10-11 20:13:53 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
    2013-10-11 20:13:53 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
    2013-10-11 20:13:53 11264 ----a-w- c:\windows\system32\MRINFO.EXE
    2013-10-11 20:13:53 104960 ----a-w- c:\windows\system32\netiohlp.dll
    2013-10-11 20:13:52 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
    2013-10-11 20:13:52 19968 ----a-w- c:\windows\system32\ARP.EXE
    2013-10-11 20:13:52 17920 ----a-w- c:\windows\system32\ROUTE.EXE
    2013-10-11 20:13:52 10240 ----a-w- c:\windows\system32\finger.exe
    2013-10-11 20:04:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
    2013-10-11 20:04:47 2048 ----a-w- c:\windows\system32\msxml6r.dll
    2013-10-11 20:04:47 1399296 ----a-w- c:\windows\system32\msxml6.dll
    2013-10-11 19:58:28 213504 ----a-w- c:\windows\system32\msv1_0.dll
    2013-10-11 19:56:04 2868224 ----a-w- c:\windows\system32\mf.dll
    2013-10-11 19:56:03 98816 ----a-w- c:\windows\system32\mfps.dll
    2013-10-11 19:56:03 53248 ----a-w- c:\windows\system32\rrinstaller.exe
    2013-10-11 19:56:03 24576 ----a-w- c:\windows\system32\mfpmp.exe
    2013-10-11 19:56:03 2048 ----a-w- c:\windows\system32\mferror.dll
    2013-10-11 19:50:24 71680 ----a-w- c:\windows\system32\atl.dll
    2013-10-11 19:49:23 296960 ----a-w- c:\windows\system32\gdi32.dll
    2013-10-11 19:44:54 562176 ----a-w- c:\windows\system32\msdtcprx.dll
    2013-10-11 19:44:54 38912 ----a-w- c:\windows\system32\xolehlp.dll
    2013-10-11 19:43:54 160256 ----a-w- c:\windows\system32\wkssvc.dll
    2013-10-11 19:42:49 53248 ----a-w- c:\windows\system32\tsgqec.dll
    2013-10-11 19:42:49 136192 ----a-w- c:\windows\system32\aaclient.dll
    2013-10-11 19:41:45 303616 ----a-w- c:\windows\system32\wmpeffects.dll
    2013-10-11 19:39:44 714240 ----a-w- c:\windows\system32\timedate.cpl
    2013-10-11 19:34:19 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
    2013-10-11 19:34:18 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
    2013-10-11 19:25:14 636928 ----a-w- c:\windows\system32\localspl.dll
    2013-10-11 19:21:53 2927104 ----a-w- c:\windows\explorer.exe
    2013-10-11 19:16:06 -------- d-----w- c:\windows\system32\MRT
    2013-10-11 19:14:42 8704 ----a-w- c:\windows\system32\hccoin.dll
    2013-10-11 19:14:42 15872 ----a-w- c:\windows\system32\hcrstco.dll
    2013-10-11 19:11:26 171520 ----a-w- c:\windows\system32\wintrust.dll
    2013-10-11 19:09:33 499712 ----a-w- c:\windows\system32\kerberos.dll
    2013-10-11 19:09:32 9728 ----a-w- c:\windows\system32\lsass.exe
    2013-10-11 19:09:32 72704 ----a-w- c:\windows\system32\secur32.dll
    2013-10-11 19:09:32 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2013-10-11 19:09:32 175104 ----a-w- c:\windows\system32\wdigest.dll
    2013-10-11 19:09:31 1256448 ----a-w- c:\windows\system32\lsasrv.dll
    2013-10-11 19:04:59 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
    2013-10-11 18:59:47 6656 ----a-w- c:\windows\system32\kbd106n.dll
    2013-10-11 18:59:43 927288 ----a-w- c:\windows\system32\winresume.exe
    2013-10-11 18:59:42 988216 ----a-w- c:\windows\system32\winload.exe
    2013-10-11 18:59:42 40960 ----a-w- c:\windows\system32\srclient.dll
    2013-10-11 18:59:42 378368 ----a-w- c:\windows\system32\srcore.dll
    2013-10-11 18:59:42 318464 ----a-w- c:\windows\system32\rstrui.exe
    2013-10-11 18:59:42 19000 ----a-w- c:\windows\system32\kd1394.dll
    2013-10-11 18:59:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
    2013-10-11 18:59:41 615992 ----a-w- c:\windows\system32\ci.dll
    2013-10-11 18:59:41 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
    2013-10-11 18:56:48 551424 ----a-w- c:\windows\system32\rpcss.dll
    2013-10-11 18:56:47 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
    2013-10-11 18:56:46 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
    2013-10-11 18:56:46 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
    2013-10-11 18:56:46 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
    2013-10-11 18:56:46 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
    2013-10-11 18:56:45 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
    2013-10-11 18:56:45 54784 ----a-w- c:\windows\system32\iasads.dll
    2013-10-11 18:56:45 44032 ----a-w- c:\windows\system32\iasdatastore.dll
    2013-10-11 18:56:45 17408 ----a-w- c:\windows\system32\iashost.exe
    2013-10-11 18:56:44 98304 ----a-w- c:\windows\system32\iasrecst.dll
    2013-10-11 18:56:44 183296 ----a-w- c:\windows\system32\sdohlp.dll
    2013-10-11 18:54:59 62464 ----a-w- c:\windows\system32\l3codeca.acm
    2013-10-11 18:54:59 220672 ----a-w- c:\windows\system32\l3codecp.acm
    2013-10-11 18:54:45 -------- d-----w- c:\program files\common files\Hewlett-Packard
    2013-10-11 18:51:53 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
    2013-10-11 18:51:53 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
    2013-10-11 18:51:53 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
    2013-10-11 18:49:55 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
    2013-10-11 18:46:55 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2013-10-11 18:45:04 24064 ----a-w- c:\windows\system32\amxread.dll
    2013-10-11 18:45:04 13824 ----a-w- c:\windows\system32\apilogen.dll
    2013-10-11 18:42:04 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
    2013-10-11 18:42:03 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2013-10-11 18:42:03 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
    2013-10-11 18:41:06 966656 ----a-w- c:\windows\system32\hpost_p02c.dll
    2013-10-11 18:41:06 315392 ----a-w- c:\windows\system32\hposc_p02a.dll
    2013-10-11 18:41:05 712704 ----a-w- c:\windows\system32\hposwia_p02c.dll
    2013-10-11 18:41:05 372736 ----a-w- c:\windows\system32\hppldcoi.dll
    2013-10-11 18:41:05 309760 ----a-w- c:\windows\system32\difxapi.dll
    2013-10-11 18:40:31 98304 ----a-w- c:\windows\system32\cabview.dll
    2013-10-11 18:40:28 452408 ----a-w- c:\windows\system32\hpzids01.dll
    2013-10-11 18:40:00 123904 ----a-w- c:\windows\system32\hpf3l70v.dll
    2013-10-11 18:39:54 -------- d-----w- c:\users\adb49\{ea923793-435b-419d-b4c2-385cf01d320b}
    2013-10-11 18:32:11 443392 ----a-w- c:\windows\system32\win32spl.dll
    2013-10-11 18:32:11 37888 ----a-w- c:\windows\system32\printcom.dll
    2013-10-11 18:23:24 -------- d-----w- c:\program files\HP
    2013-10-11 17:48:37 83968 ----a-w- c:\windows\system32\mscories.dll
    2013-10-11 17:48:37 158720 ----a-w- c:\windows\system32\mscorier.dll
    2013-10-11 17:31:06 1695744 ----a-w- c:\windows\system32\gameux.dll
    2013-10-11 17:30:37 94720 ----a-w- c:\windows\system32\logagent.exe
    2013-10-11 17:30:36 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
    2013-10-11 17:29:44 84480 ----a-w- c:\windows\system32\INETRES.dll
    2013-10-11 17:29:19 61440 ----a-w- c:\windows\system32\msasn1.dll
    2013-10-11 17:28:57 1645568 ----a-w- c:\windows\system32\connect.dll
    2013-10-11 17:28:30 784896 ----a-w- c:\windows\system32\rpcrt4.dll
    2013-10-11 17:27:45 281600 ----a-w- c:\windows\system32\raschap.dll
    2013-10-11 17:27:45 244224 ----a-w- c:\windows\system32\rastls.dll
    2013-10-11 17:27:20 351232 ----a-w- c:\windows\system32\WSDApi.dll
    2013-10-11 17:26:09 91136 ----a-w- c:\windows\system32\avifil32.dll
    2013-10-11 17:26:09 82944 ----a-w- c:\windows\system32\mciavi32.dll
    2013-10-11 17:26:09 65024 ----a-w- c:\windows\system32\avicap32.dll
    2013-10-11 17:26:09 50176 ----a-w- c:\windows\system32\iyuv_32.dll
    2013-10-11 17:26:09 31744 ----a-w- c:\windows\system32\msvidc32.dll
    2013-10-11 17:26:09 22528 ----a-w- c:\windows\system32\msyuv.dll
    2013-10-11 17:26:09 13312 ----a-w- c:\windows\system32\msrle32.dll
    2013-10-11 17:26:09 123904 ----a-w- c:\windows\system32\msvfw32.dll
    2013-10-11 17:26:09 11776 ----a-w- c:\windows\system32\tsbyuv.dll
    2013-10-11 17:25:26 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
    2013-10-11 17:24:25 7680 ----a-w- c:\windows\system32\spwmp.dll
    2013-10-11 17:24:25 4096 ----a-w- c:\windows\system32\dxmasf.dll
    2013-10-11 17:24:25 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
    2013-10-11 17:24:24 4096 ----a-w- c:\windows\system32\msdxm.ocx
    2013-10-11 17:24:24 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
    2013-10-11 17:24:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
    2013-10-11 17:24:21 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
    2013-10-11 15:51:59 91544 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
    2013-10-11 15:42:49 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-10-11 15:42:48 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-10-11 15:42:47 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2013-10-11 15:42:44 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-10-11 15:41:58 -------- d-sh--w- c:\windows\Installer
    2013-10-11 15:41:33 41664 ----a-w- c:\windows\avastSS.scr
    2013-10-11 15:40:42 -------- d-----w- c:\program files\AVAST Software
    2013-10-11 15:39:10 -------- d-----w- c:\programdata\AVAST Software
    2013-10-11 15:10:46 -------- d-----w- c:\program files\Synaptics
    2013-10-11 15:07:48 520192 ----a-w- c:\windows\RtlExUpd.dll
    2013-10-11 15:07:48 315392 ----a-w- c:\windows\HideWin.exe
    2013-10-11 15:07:43 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
    2013-10-11 15:07:43 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
    2013-10-11 15:07:43 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
    2013-10-11 15:07:43 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
    2013-10-11 15:07:42 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
    2013-10-11 15:07:42 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
    2013-10-11 15:07:41 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
    2013-10-11 15:07:40 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
    2013-10-11 15:07:09 6656 ----a-w- c:\windows\system32\SiSApi.dll
    2013-10-11 15:07:06 -------- d-----w- c:\program files\SiS VGA Utilities
    2013-10-11 15:06:27 196608 ----a-w- c:\windows\system32\SynCtrl.dll
    2013-10-11 15:06:27 187320 ----a-w- c:\windows\system32\drivers\SynTP.sys
    2013-10-11 15:06:27 163840 ----a-w- c:\windows\system32\SynCOM.dll
    2013-10-11 15:06:27 143360 ----a-w- c:\windows\system32\SynTPAPI.dll
    2013-10-11 15:06:27 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
    2013-10-11 15:06:27 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
    2013-10-11 15:05:46 6656 ----a-w- c:\windows\system32\SiSCo.dll
    2013-10-11 15:05:46 655360 ----a-w- c:\windows\system32\SiSClone.dll
    2013-10-11 15:05:46 5632 ----a-w- c:\windows\system32\SiSKrl.dll
    2013-10-11 15:05:46 456568 ----a-w- c:\windows\system32\drivers\SISGRKMD.sys
    2013-10-11 15:05:46 4078592 ----a-w- c:\windows\system32\SiSGlv.dll
    2013-10-11 15:05:46 3625984 ----a-w- c:\windows\system32\SISGRUMD.dll
    2013-10-11 15:05:46 212992 ----a-w- c:\windows\system32\SiSFunc.dll
    2013-10-11 15:05:45 56184 ----a-w- c:\windows\system32\drivers\SISAGPX.SYS
    2013-10-11 15:05:13 22632 ----a-w- c:\windows\system32\streamci.dll
    2013-10-11 14:55:25 -------- d-----w- C:\fsc.tmp
    2013-10-11 14:46:56 516784 ----a-r- c:\windows\system32\XceedCry.dll
    .
    ==================== Find3M ====================
    .
    2013-10-14 12:50:57 101888 ----a-w- c:\windows\system32\ifxcardm.dll
    2013-10-14 12:50:38 82432 ----a-w- c:\windows\system32\axaltocm.dll
    2013-10-12 18:08:56 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
    2013-10-11 19:04:59 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
    2013-10-11 18:45:04 40960 ----a-w- c:\windows\apppatch\apihex86.dll
    2013-10-11 17:31:08 2560 ----a-w- c:\windows\apppatch\AcRes.dll
    2013-10-11 15:08:11 319456 ----a-w- c:\windows\DIFxAPI.dll
    .
    ============= FINISH: 9:20:12.63 ===============

    attach.zip
    aswMBR.txt

  2. #2
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Please download GooredFix from one of the locations below and save it to your Desktop
    Download Mirror #1
    Download Mirror #2
    • Ensure all Firefox windows are closed.
    • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
    • When prompted to run the scan, click Yes.
    • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).





    Please download Malwarebytes from Here or Here

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
    Post the report please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default Logs

    Thank you.

    Gooredfix log:

    GooredFix by jpshortstuff (03.07.10.1)
    Log created at 10:36 on 22/10/2013 (ADB49)
    Firefox version 24.0 (en-US)

    ========== GooredScan ==========


    ========== GooredLog ==========

    C:\Program Files\Mozilla Firefox\extensions\
    (none)

    C:\Users\ADB49\Application Data\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\
    {ab91efd4-6975-4081-8552-1b3922ed79e2} [21:57 11/10/2013]

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [15:41 11/10/2013]
    "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [22:34 13/10/2013]

    -=E.O.F=-

    MBAM log:

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.10.22.03

    Windows Vista Service Pack 1 x86 NTFS
    Internet Explorer 7.0.6001.18000
    ADB49 :: ADB [administrator]

    22/10/2013 10:41:07
    mbam-log-2013-10-22 (10-41-07).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 187939
    Time elapsed: 11 minute(s),

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 6
    HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0Z1N1J -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 8
    C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    C:\Program Files\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
    C:\Program Files\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.

    Files Detected: 7
    C:\$Recycle.Bin\S-1-5-21-3740713769-1093254276-2860028584-1000\$RTFYJ6H.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\config.dat (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\prod.dat (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\STTL.DAT (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\TTL.DAT (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
    C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.

    (end)

  4. #4
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Lets clean you up a bit more


    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #5
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default

    # AdwCleaner v3.010 - Report created 22/10/2013 at 12:50:03
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
    # Username : ADB49 - ADB
    # Running from : C:\Users\ADB49\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Windows\System32\Tasks\digitalsite
    File Found : C:\Windows\Tasks\digitalsite.job
    Folder Found C:\Program Files\BonanzaDeals
    Folder Found C:\Users\ADB49\AppData\Roaming\digitalsite

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\dsiteproducts
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
    Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\digitalsite
    Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\digitalsite
    Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\digitalsite

    ***** [ Browsers ] *****

    -\\ Internet Explorer v7.0.6001.18639


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\prefs.js ]


    *************************

    AdwCleaner[R0].txt - [1266 octets] - [22/10/2013 12:50:03]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1326 octets] ##########

  6. #6
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Go ahead and run AdwCleaner again and this time click on Clean, post the log please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #7
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default

    # AdwCleaner v3.010 - Report created 22/10/2013 at 14:40:41
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
    # Username : ADB49 - ADB
    # Running from : C:\Users\ADB49\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Program Files\BonanzaDeals
    Folder Deleted : C:\Users\ADB49\AppData\Roaming\digitalsite
    File Deleted : C:\Windows\Tasks\digitalsite.job
    File Deleted : C:\Windows\System32\Tasks\digitalsite

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\digitalsite
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48F17925-B968-4C71-9982-79F5C289F5EB}
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48F17925-B968-4C71-9982-79F5C289F5EB}
    Key Deleted : HKCU\Software\dsiteproducts
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam

    ***** [ Browsers ] *****

    -\\ Internet Explorer v7.0.6001.18639


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\prefs.js ]


    *************************

    AdwCleaner[R0].txt - [1406 octets] - [22/10/2013 12:50:03]
    AdwCleaner[R1].txt - [1466 octets] - [22/10/2013 14:39:42]
    AdwCleaner[S0].txt - [1475 octets] - [22/10/2013 14:40:41]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1535 octets] ##########

  8. #8
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    How are the Firefox redirects ? Run this tool first and then run OTL and post the logs please

    Download Junkware Removal Tool to your desktop

    • shut down your protection software now to avoid potential conflicts.
    • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
    • the tool will open and start scanning your system
    • please be patient as this can take a while to complete depending on your system's specifications
    • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
    • post the contents of JRT.txt into your next message.





    OTL by OldTimer
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Click the "Scan All Users" checkbox.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
        Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #9
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default

    So far today, I have had NO Firefox redirects; since this problem started, there was usually something upon starting the PC from sleep, and one or two attempts through the day.

    Please note that the OTL logs needed to be spread over three posts.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.7 (10.15.2013:3)
    OS: Windows Vista (TM) Home Basic x86
    Ran by ADB49 on 22/10/2013 at 15:27:22.45
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Emptied folder: C:\Users\ADB49\AppData\Roaming\mozilla\firefox\profiles\4vgpos24.default\minidumps [6 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 22/10/2013 at 15:30:53.06
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    OTL logfile created on: 22/10/2013 15:37:28 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ADB49\Desktop
    Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6001.18000)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    764.46 Mb Total Physical Memory | 307.47 Mb Available Physical Memory | 40.22% Memory free
    1.75 Gb Paging File | 1.06 Gb Available in Paging File | 60.84% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS

    Computer Name: ADB | User Name: ADB49 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\ADB49\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    PRC - C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe (ITE Tech Inc.)
    PRC - C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
    PRC - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
    MOD - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()


    ========== Services (SafeList) ==========

    SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
    SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
    SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
    DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
    DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
    DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
    DRV - (SiS6350) -- C:\Windows\System32\drivers\SISGRKMD.sys (Silicon Integrated Systems Corporation)
    DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
    DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
    DRV - (SISAGP) -- C:\Windows\System32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
    IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
    FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.28.1
    FF - prefs.js..extensions.enabledAddons: %7B6005d9b1-d115-485a-a92a-3f6453ca3fe2%7D:2.4
    FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/21 11:58:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2013/10/11 16:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Extensions
    [2013/10/16 16:25:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions
    [2013/10/11 22:57:41 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
    [2013/10/16 16:25:22 | 000,260,260 | ---- | M] () (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
    [2013/10/11 16:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
    [2013/10/11 16:52:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/10/21 11:58:33 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

    O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
    O4 - HKLM..\Run: [SiSTray] C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
    O4 - HKLM..\Run: [TouchPadHotKey] C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O4 - Startup: C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07}: DhcpNameServer = 192.168.0.1
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{78f811bc-329f-11e3-b86e-001e33027fe2}\Shell\AutoRun\command - "" = E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe
    O33 - MountPoints2\{78f811c1-329f-11e3-b86e-001e33027fe2}\Shell - "" = AutoRun
    O33 - MountPoints2\{78f811c1-329f-11e3-b86e-001e33027fe2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/10/22 15:34:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ADB49\Desktop\OTL.exe
    [2013/10/22 15:27:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2013/10/22 15:24:17 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\ADB49\Desktop\JRT.exe
    [2013/10/22 12:49:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/10/22 10:37:56 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Malwarebytes
    [2013/10/22 10:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/10/22 10:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/10/22 10:37:28 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2013/10/22 10:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2013/10/22 10:36:07 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\GooredFix Backups
    [2013/10/22 10:34:17 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ADB49\Desktop\mbam-setup-1.75.0.1300.exe
    [2013/10/22 10:32:46 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\ADB49\Desktop\GooredFix.exe
    [2013/10/21 12:48:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\AVAST Software
    [2013/10/21 11:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    [2013/10/20 03:04:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
    [2013/10/18 22:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
    [2013/10/17 10:00:26 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\Malware
    [2013/10/17 09:16:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2013/10/17 09:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    [2013/10/17 09:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2013/10/16 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2013/10/16 12:30:33 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
    [2013/10/16 12:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
    [2013/10/14 22:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
    [2013/10/14 21:01:22 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
    [2013/10/14 21:01:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
    [2013/10/14 21:01:10 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
    [2013/10/14 21:01:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
    [2013/10/14 21:01:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
    [2013/10/14 21:01:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
    [2013/10/14 21:01:08 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
    [2013/10/14 21:01:08 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
    [2013/10/14 21:01:08 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
    [2013/10/14 21:01:06 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
    [2013/10/14 21:01:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
    [2013/10/14 21:01:06 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
    [2013/10/14 21:01:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
    [2013/10/14 21:01:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
    [2013/10/14 21:01:05 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
    [2013/10/14 21:01:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
    [2013/10/14 21:01:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
    [2013/10/14 21:01:04 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
    [2013/10/14 21:01:02 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
    [2013/10/14 21:01:01 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
    [2013/10/14 21:01:01 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
    [2013/10/14 21:01:00 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
    [2013/10/14 21:01:00 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
    [2013/10/14 20:40:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
    [2013/10/14 20:40:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
    [2013/10/14 20:40:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
    [2013/10/14 20:27:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
    [2013/10/14 20:25:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
    [2013/10/14 20:24:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
    [2013/10/14 20:24:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
    [2013/10/14 20:24:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
    [2013/10/14 20:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
    [2013/10/14 20:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
    [2013/10/14 20:24:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
    [2013/10/14 20:24:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
    [2013/10/14 20:24:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
    [2013/10/14 20:24:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
    [2013/10/14 20:24:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
    [2013/10/14 20:23:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
    [2013/10/14 20:23:08 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
    [2013/10/14 20:23:07 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
    [2013/10/14 20:23:04 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
    [2013/10/14 20:23:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
    [2013/10/14 18:18:38 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
    [2013/10/14 18:18:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
    [2013/10/14 18:18:01 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2013/10/14 18:18:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
    [2013/10/14 18:18:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2013/10/14 18:17:35 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2013/10/14 18:17:33 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/10/14 18:17:33 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2013/10/14 18:17:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2013/10/14 18:17:30 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2013/10/14 18:17:30 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2013/10/14 18:17:29 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2013/10/14 18:17:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2013/10/14 18:17:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
    [2013/10/14 18:17:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2013/10/14 18:17:27 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/10/14 18:16:56 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2013/10/14 18:16:54 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2013/10/14 18:16:51 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
    [2013/10/14 18:16:49 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
    [2013/10/14 18:16:41 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
    [2013/10/14 18:16:33 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
    [2013/10/14 18:16:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
    [2013/10/14 18:16:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
    [2013/10/14 18:16:08 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
    [2013/10/14 18:16:04 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2013/10/14 18:15:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
    [2013/10/14 18:15:14 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
    [2013/10/14 18:14:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
    [2013/10/14 18:14:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
    [2013/10/14 18:14:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
    [2013/10/14 18:14:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
    [2013/10/14 18:14:33 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
    [2013/10/14 18:14:30 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
    [2013/10/14 18:14:29 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
    [2013/10/14 18:14:28 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
    [2013/10/14 18:14:27 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
    [2013/10/14 18:14:15 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
    [2013/10/14 18:14:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
    [2013/10/14 18:14:12 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
    [2013/10/14 18:13:51 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2013/10/14 18:13:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
    [2013/10/14 18:13:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
    [2013/10/14 18:13:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
    [2013/10/14 18:13:20 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
    [2013/10/14 18:13:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2013/10/14 18:12:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
    [2013/10/14 18:12:29 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
    [2013/10/14 18:12:12 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
    [2013/10/14 18:12:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
    [2013/10/14 17:08:35 | 000,000,000 | --SD | C] -- C:\Users\ADB49\Documents\My Data Sources
    [2013/10/14 14:11:27 | 000,000,000 | ---D | C] -- C:\PerfLogs
    [2013/10/14 13:35:19 | 000,047,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe
    [2013/10/14 13:35:13 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll
    [2013/10/14 13:10:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
    [2013/10/14 13:10:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
    [2013/10/14 13:08:42 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
    [2013/10/14 13:08:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
    [2013/10/14 13:07:30 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
    [2013/10/14 13:07:30 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
    [2013/10/14 13:07:30 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
    [2013/10/14 13:07:30 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
    [2013/10/14 13:07:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
    [2013/10/14 13:07:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2013/10/14 13:07:29 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
    [2013/10/14 13:07:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
    [2013/10/14 13:07:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
    [2013/10/14 13:07:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
    [2013/10/14 13:07:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
    [2013/10/14 13:07:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
    [2013/10/14 13:07:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
    [2013/10/14 13:07:24 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
    [2013/10/14 13:07:24 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
    [2013/10/14 13:07:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
    [2013/10/14 13:07:24 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
    [2013/10/14 13:07:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
    [2013/10/14 13:07:22 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
    [2013/10/14 13:07:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
    [2013/10/14 13:07:21 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
    [2013/10/14 13:07:18 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
    [2013/10/14 13:07:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2013/10/14 13:07:17 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
    [2013/10/14 13:07:17 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
    [2013/10/14 13:07:17 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
    [2013/10/14 13:07:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
    [2013/10/14 13:07:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2013/10/14 13:07:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
    [2013/10/14 13:07:12 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
    [2013/10/14 13:07:11 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
    [2013/10/14 13:07:11 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
    [2013/10/14 13:07:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
    [2013/10/14 13:07:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
    [2013/10/14 13:07:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
    [2013/10/14 13:07:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
    [2013/10/14 13:07:09 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
    [2013/10/14 13:07:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
    [2013/10/14 13:07:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
    [2013/10/14 13:07:08 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
    [2013/10/14 13:07:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
    [2013/10/14 13:07:08 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2013/10/14 13:07:07 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
    [2013/10/14 13:07:07 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
    [2013/10/14 13:07:07 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
    [2013/10/14 13:07:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
    [2013/10/14 13:07:06 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
    [2013/10/14 13:07:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
    [2013/10/14 13:07:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2013/10/14 13:07:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
    [2013/10/14 13:07:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
    [2013/10/14 13:07:05 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
    [2013/10/14 13:07:04 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
    [2013/10/14 13:07:01 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
    [2013/10/14 13:07:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
    [2013/10/14 13:07:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
    [2013/10/14 13:07:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
    [2013/10/14 13:06:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
    [2013/10/14 13:06:48 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
    [2013/10/14 13:06:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
    [2013/10/14 13:06:43 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
    [2013/10/14 13:06:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
    [2013/10/14 13:06:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
    [2013/10/14 13:06:40 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
    [2013/10/14 13:06:40 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
    [2013/10/14 13:06:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
    [2013/10/14 13:06:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
    [2013/10/14 13:06:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
    [2013/10/14 13:06:39 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
    [2013/10/14 13:06:38 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
    [2013/10/14 13:06:37 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
    [2013/10/14 13:06:36 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
    [2013/10/14 13:06:35 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
    [2013/10/14 13:06:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
    [2013/10/14 13:06:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
    [2013/10/14 13:06:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
    [2013/10/14 13:06:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
    [2013/10/14 13:06:34 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
    [2013/10/14 13:06:34 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
    [2013/10/14 13:06:34 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
    [2013/10/14 13:06:33 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
    [2013/10/14 13:06:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
    [2013/10/14 13:06:33 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
    [2013/10/14 13:06:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
    [2013/10/14 13:06:32 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
    [2013/10/14 13:06:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
    [2013/10/14 13:06:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
    [2013/10/14 13:06:31 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
    [2013/10/14 13:06:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
    [2013/10/14 13:06:31 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
    [2013/10/14 13:06:30 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
    [2013/10/14 13:06:30 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
    [2013/10/14 13:06:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
    [2013/10/14 13:06:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
    [2013/10/14 13:06:28 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
    [2013/10/14 13:06:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
    [2013/10/14 13:06:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
    [2013/10/14 13:06:24 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
    [2013/10/14 13:06:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
    [2013/10/14 13:06:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
    [2013/10/14 13:06:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
    [2013/10/14 13:06:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
    [2013/10/14 13:06:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
    [2013/10/14 13:06:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
    [2013/10/14 13:06:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
    [2013/10/14 13:06:22 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
    [2013/10/14 13:06:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
    [2013/10/14 13:06:21 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
    [2013/10/14 13:06:20 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
    [2013/10/14 13:06:20 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
    [2013/10/14 13:06:19 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
    [2013/10/14 13:06:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
    [2013/10/14 13:06:18 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
    [2013/10/14 13:06:17 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
    [2013/10/14 13:06:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
    [2013/10/14 13:06:16 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
    [2013/10/14 13:06:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
    [2013/10/14 13:06:16 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
    [2013/10/14 13:06:15 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
    [2013/10/14 13:06:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
    [2013/10/14 13:06:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
    [2013/10/14 13:06:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
    [2013/10/14 13:06:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
    [2013/10/14 13:06:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
    [2013/10/14 13:06:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2013/10/14 13:06:12 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
    [2013/10/14 13:06:11 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
    [2013/10/14 13:06:11 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
    [2013/10/14 13:06:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
    [2013/10/14 13:06:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
    [2013/10/14 13:06:11 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
    [2013/10/14 13:06:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
    [2013/10/14 13:06:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
    [2013/10/14 13:06:10 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
    [2013/10/14 13:06:10 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
    [2013/10/14 13:06:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
    [2013/10/14 13:06:10 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
    [2013/10/14 13:06:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
    [2013/10/14 13:06:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
    [2013/10/14 13:06:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2013/10/14 13:06:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
    [2013/10/14 13:06:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
    [2013/10/14 13:06:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
    [2013/10/14 13:06:08 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
    [2013/10/14 13:06:06 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
    [2013/10/14 13:06:06 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
    [2013/10/14 13:06:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
    [2013/10/14 13:06:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
    [2013/10/14 13:06:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
    [2013/10/14 13:06:05 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
    [2013/10/14 13:06:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
    [2013/10/14 13:06:02 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
    [2013/10/14 13:06:01 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
    [2013/10/14 13:06:00 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
    [2013/10/14 13:06:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
    [2013/10/14 13:05:58 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
    [2013/10/14 13:05:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
    [2013/10/14 13:05:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
    [2013/10/14 13:05:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
    [2013/10/14 13:05:47 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
    [2013/10/14 13:05:47 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
    [2013/10/14 13:05:46 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
    [2013/10/14 13:05:45 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
    [2013/10/14 13:05:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
    [2013/10/14 13:05:41 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
    [2013/10/14 13:05:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
    [2013/10/14 13:05:40 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
    [2013/10/14 13:05:36 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
    [2013/10/14 13:05:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
    [2013/10/14 13:05:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
    [2013/10/14 13:05:32 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
    [2013/10/14 13:05:31 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
    [2013/10/14 13:05:31 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
    [2013/10/14 13:05:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
    [2013/10/14 13:05:31 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
    [2013/10/14 13:05:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
    [2013/10/14 13:05:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
    [2013/10/14 13:05:29 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
    [2013/10/14 13:05:27 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
    [2013/10/14 13:05:27 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
    [2013/10/14 13:05:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
    [2013/10/14 13:05:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
    [2013/10/14 13:05:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
    [2013/10/14 13:05:26 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
    [2013/10/14 13:05:26 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
    [2013/10/14 13:05:26 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
    [2013/10/14 13:05:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
    [2013/10/14 13:05:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
    [2013/10/14 13:05:25 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
    [2013/10/14 13:05:25 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
    [2013/10/14 13:05:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
    [2013/10/14 13:05:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
    [2013/10/14 13:05:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
    [2013/10/14 13:05:24 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
    [2013/10/14 13:05:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
    [2013/10/14 13:05:23 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
    [2013/10/14 13:05:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
    [2013/10/14 13:05:18 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
    [2013/10/14 13:05:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
    [2013/10/14 13:05:18 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
    [2013/10/14 13:05:18 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
    [2013/10/14 13:05:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
    [2013/10/14 13:05:17 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
    [2013/10/14 13:05:17 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
    [2013/10/14 13:05:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
    [2013/10/14 13:05:17 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
    [2013/10/14 13:05:17 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
    [2013/10/14 13:05:17 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
    [2013/10/14 13:05:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2013/10/14 13:05:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
    [2013/10/14 13:05:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
    [2013/10/14 13:05:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
    [2013/10/14 13:05:16 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
    [2013/10/14 13:05:15 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
    [2013/10/14 13:05:15 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
    [2013/10/14 13:05:15 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
    [2013/10/14 13:05:15 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
    [2013/10/14 13:05:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2013/10/14 13:05:14 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
    [2013/10/14 13:05:13 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
    [2013/10/14 13:05:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
    [2013/10/14 13:05:12 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
    [2013/10/14 13:05:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
    [2013/10/14 13:05:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
    [2013/10/14 13:05:11 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
    [2013/10/14 13:05:11 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
    [2013/10/14 13:05:11 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
    [2013/10/14 13:05:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
    [2013/10/14 13:05:11 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
    [2013/10/14 13:05:10 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
    [2013/10/14 13:05:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
    [2013/10/14 13:05:09 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
    [2013/10/14 13:05:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
    [2013/10/14 13:05:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
    [2013/10/14 13:05:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
    [2013/10/14 13:05:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
    [2013/10/14 13:05:08 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
    [2013/10/14 13:05:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
    [2013/10/14 13:05:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
    [2013/10/14 13:05:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
    [2013/10/14 13:05:06 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
    [2013/10/14 13:05:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
    [2013/10/14 13:05:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
    [2013/10/14 13:05:04 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
    [2013/10/14 13:05:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
    [2013/10/14 13:05:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
    [2013/10/14 13:05:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
    [2013/10/14 13:05:02 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
    [2013/10/14 13:05:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
    [2013/10/14 13:05:00 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
    [2013/10/14 13:05:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
    [2013/10/14 13:05:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
    [2013/10/14 13:05:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll

  10. #10
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default OTL log part 2

    [2013/10/14 13:04:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
    [2013/10/14 13:04:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
    [2013/10/14 13:04:57 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
    [2013/10/14 13:04:57 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
    [2013/10/14 13:04:57 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
    [2013/10/14 13:04:56 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
    [2013/10/14 13:04:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
    [2013/10/14 13:04:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
    [2013/10/14 13:04:55 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
    [2013/10/14 13:04:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
    [2013/10/14 13:04:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
    [2013/10/14 13:04:54 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
    [2013/10/14 13:04:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
    [2013/10/14 13:04:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
    [2013/10/14 13:04:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
    [2013/10/14 13:04:53 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
    [2013/10/14 13:04:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
    [2013/10/14 13:04:52 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
    [2013/10/14 13:04:49 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
    [2013/10/14 13:04:49 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
    [2013/10/14 13:04:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
    [2013/10/14 13:04:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
    [2013/10/14 13:04:48 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
    [2013/10/14 13:04:48 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
    [2013/10/14 13:04:48 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
    [2013/10/14 13:04:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
    [2013/10/14 13:04:47 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
    [2013/10/14 13:04:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
    [2013/10/14 13:04:47 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
    [2013/10/14 13:04:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
    [2013/10/14 13:04:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
    [2013/10/14 13:04:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
    [2013/10/14 13:04:45 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
    [2013/10/14 13:04:45 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
    [2013/10/14 13:04:45 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
    [2013/10/14 13:04:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
    [2013/10/14 13:04:44 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
    [2013/10/14 13:04:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
    [2013/10/14 13:04:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
    [2013/10/14 13:04:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
    [2013/10/14 13:04:44 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
    [2013/10/14 13:04:43 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
    [2013/10/14 13:04:43 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
    [2013/10/14 13:04:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
    [2013/10/14 13:04:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
    [2013/10/14 13:04:43 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
    [2013/10/14 13:04:42 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
    [2013/10/14 13:04:42 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
    [2013/10/14 13:04:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
    [2013/10/14 13:04:41 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
    [2013/10/14 13:04:41 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
    [2013/10/14 13:04:41 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
    [2013/10/14 13:04:41 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
    [2013/10/14 13:04:41 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
    [2013/10/14 13:04:40 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
    [2013/10/14 13:04:40 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
    [2013/10/14 13:04:39 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
    [2013/10/14 13:04:39 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
    [2013/10/14 13:04:39 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
    [2013/10/14 13:04:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
    [2013/10/14 13:04:38 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
    [2013/10/14 13:04:38 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
    [2013/10/14 13:04:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
    [2013/10/14 13:04:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
    [2013/10/14 13:04:36 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
    [2013/10/14 13:04:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
    [2013/10/14 13:04:35 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
    [2013/10/14 13:04:35 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
    [2013/10/14 13:04:35 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
    [2013/10/14 13:04:34 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
    [2013/10/14 13:04:34 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
    [2013/10/14 13:04:34 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
    [2013/10/14 13:04:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
    [2013/10/14 13:04:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
    [2013/10/14 13:04:33 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
    [2013/10/14 13:04:33 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
    [2013/10/14 13:04:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
    [2013/10/14 13:04:32 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
    [2013/10/14 13:04:32 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
    [2013/10/14 13:04:32 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
    [2013/10/14 13:04:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
    [2013/10/14 13:04:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
    [2013/10/14 13:04:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
    [2013/10/14 13:04:31 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
    [2013/10/14 13:04:31 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
    [2013/10/14 13:04:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
    [2013/10/14 13:04:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
    [2013/10/14 13:04:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
    [2013/10/14 13:04:30 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
    [2013/10/14 13:04:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
    [2013/10/14 13:04:29 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
    [2013/10/14 13:04:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
    [2013/10/14 13:04:29 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
    [2013/10/14 13:04:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
    [2013/10/14 13:04:28 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
    [2013/10/14 13:04:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
    [2013/10/14 13:04:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
    [2013/10/14 13:04:28 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
    [2013/10/14 13:04:27 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
    [2013/10/14 13:04:27 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
    [2013/10/14 13:04:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
    [2013/10/14 13:04:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
    [2013/10/14 13:04:27 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
    [2013/10/14 13:04:26 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
    [2013/10/14 13:04:26 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
    [2013/10/14 13:04:26 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
    [2013/10/14 13:04:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
    [2013/10/14 13:04:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
    [2013/10/14 13:04:25 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
    [2013/10/14 13:04:25 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
    [2013/10/14 13:04:24 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
    [2013/10/14 13:04:24 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
    [2013/10/14 13:04:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
    [2013/10/14 13:04:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
    [2013/10/14 13:04:24 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
    [2013/10/14 13:04:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
    [2013/10/14 13:04:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
    [2013/10/14 13:04:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
    [2013/10/14 13:04:21 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
    [2013/10/14 13:04:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
    [2013/10/14 13:04:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
    [2013/10/14 13:04:18 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
    [2013/10/14 13:04:17 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
    [2013/10/14 13:04:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
    [2013/10/14 13:04:15 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
    [2013/10/14 13:04:15 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
    [2013/10/14 13:04:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
    [2013/10/14 13:04:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
    [2013/10/14 13:04:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
    [2013/10/14 13:04:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
    [2013/10/14 13:04:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
    [2013/10/14 13:04:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
    [2013/10/14 13:04:14 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
    [2013/10/14 13:04:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
    [2013/10/14 13:04:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
    [2013/10/14 13:04:13 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
    [2013/10/14 13:04:13 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
    [2013/10/14 13:04:13 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
    [2013/10/14 13:04:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
    [2013/10/14 13:04:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
    [2013/10/14 13:04:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
    [2013/10/14 13:04:11 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
    [2013/10/14 13:04:11 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
    [2013/10/14 13:04:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
    [2013/10/14 13:04:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
    [2013/10/14 13:04:10 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
    [2013/10/14 13:04:08 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
    [2013/10/14 13:04:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
    [2013/10/14 13:04:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
    [2013/10/14 13:04:08 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
    [2013/10/14 13:04:07 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
    [2013/10/14 13:04:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
    [2013/10/14 13:04:07 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
    [2013/10/14 13:04:07 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
    [2013/10/14 13:04:06 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
    [2013/10/14 13:04:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
    [2013/10/14 13:04:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
    [2013/10/14 13:04:06 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
    [2013/10/14 13:04:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
    [2013/10/14 13:04:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
    [2013/10/14 13:04:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
    [2013/10/14 13:04:05 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
    [2013/10/14 13:04:05 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
    [2013/10/14 13:04:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
    [2013/10/14 13:04:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
    [2013/10/14 13:04:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
    [2013/10/14 13:04:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
    [2013/10/14 13:04:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
    [2013/10/14 13:04:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
    [2013/10/14 13:04:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
    [2013/10/14 13:04:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
    [2013/10/14 13:04:03 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
    [2013/10/14 13:04:03 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
    [2013/10/14 13:04:03 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
    [2013/10/14 13:04:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
    [2013/10/14 13:04:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
    [2013/10/14 13:04:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
    [2013/10/14 13:04:02 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
    [2013/10/14 13:04:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
    [2013/10/14 13:04:02 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
    [2013/10/14 13:04:01 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2013/10/14 13:04:01 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2013/10/14 13:04:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
    [2013/10/14 13:04:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
    [2013/10/14 13:04:00 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
    [2013/10/14 13:04:00 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
    [2013/10/14 13:04:00 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
    [2013/10/14 13:04:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
    [2013/10/14 13:04:00 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
    [2013/10/14 13:03:59 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
    [2013/10/14 13:03:59 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
    [2013/10/14 13:03:58 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
    [2013/10/14 13:03:58 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
    [2013/10/14 13:03:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
    [2013/10/14 13:03:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
    [2013/10/14 13:03:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
    [2013/10/14 13:03:57 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
    [2013/10/14 13:03:57 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
    [2013/10/14 13:03:57 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
    [2013/10/14 13:03:57 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
    [2013/10/14 13:03:56 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
    [2013/10/14 13:03:56 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
    [2013/10/14 13:03:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
    [2013/10/14 13:03:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
    [2013/10/14 13:03:54 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
    [2013/10/14 13:03:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
    [2013/10/14 13:03:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
    [2013/10/14 13:03:54 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
    [2013/10/14 13:03:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
    [2013/10/14 13:03:53 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
    [2013/10/14 13:03:53 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
    [2013/10/14 13:03:53 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
    [2013/10/14 13:03:53 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
    [2013/10/14 13:03:53 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
    [2013/10/14 13:03:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
    [2013/10/14 13:03:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
    [2013/10/14 13:03:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
    [2013/10/14 13:03:52 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
    [2013/10/14 13:03:51 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
    [2013/10/14 13:03:51 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
    [2013/10/14 13:03:51 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
    [2013/10/14 13:03:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
    [2013/10/14 13:03:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
    [2013/10/14 13:03:50 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
    [2013/10/14 13:03:50 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
    [2013/10/14 13:03:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
    [2013/10/14 13:03:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
    [2013/10/14 13:03:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
    [2013/10/14 13:03:47 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
    [2013/10/14 13:03:47 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
    [2013/10/14 13:03:47 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
    [2013/10/14 13:03:46 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
    [2013/10/14 13:03:45 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
    [2013/10/14 13:03:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
    [2013/10/14 13:03:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
    [2013/10/14 13:03:44 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
    [2013/10/14 13:03:44 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
    [2013/10/14 13:03:42 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
    [2013/10/14 13:03:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
    [2013/10/14 13:03:41 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
    [2013/10/14 13:03:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
    [2013/10/14 13:03:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
    [2013/10/14 13:03:39 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
    [2013/10/14 13:03:39 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
    [2013/10/14 13:03:39 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
    [2013/10/14 13:03:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
    [2013/10/14 13:03:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
    [2013/10/14 13:03:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
    [2013/10/14 13:03:37 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
    [2013/10/14 13:03:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
    [2013/10/14 13:03:36 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
    [2013/10/14 13:03:36 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
    [2013/10/14 13:03:36 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
    [2013/10/14 13:03:35 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
    [2013/10/14 13:03:34 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
    [2013/10/14 13:03:34 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
    [2013/10/14 13:03:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
    [2013/10/14 13:03:33 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
    [2013/10/14 13:03:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
    [2013/10/14 13:03:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
    [2013/10/14 13:03:30 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
    [2013/10/14 13:03:23 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
    [2013/10/14 13:03:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
    [2013/10/14 13:03:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2013/10/14 13:03:18 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
    [2013/10/14 13:03:18 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
    [2013/10/14 13:03:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
    [2013/10/14 13:03:17 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
    [2013/10/14 13:03:16 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2013/10/14 13:03:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
    [2013/10/14 13:03:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
    [2013/10/14 13:03:15 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
    [2013/10/14 13:03:14 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
    [2013/10/14 13:03:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
    [2013/10/14 13:03:12 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
    [2013/10/14 13:03:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
    [2013/10/14 13:03:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
    [2013/10/14 13:03:09 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
    [2013/10/14 13:03:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
    [2013/10/14 13:03:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
    [2013/10/14 13:03:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
    [2013/10/14 13:03:08 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
    [2013/10/14 13:03:08 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
    [2013/10/14 13:03:08 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
    [2013/10/14 13:03:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
    [2013/10/14 13:03:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2013/10/14 13:03:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
    [2013/10/14 13:03:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2013/10/14 13:03:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2013/10/14 13:03:04 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
    [2013/10/14 13:03:03 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
    [2013/10/14 13:03:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
    [2013/10/14 13:03:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
    [2013/10/14 13:03:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2013/10/14 13:03:02 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
    [2013/10/14 13:03:02 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2013/10/14 13:03:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
    [2013/10/14 13:03:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
    [2013/10/14 13:03:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
    [2013/10/14 13:02:59 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
    [2013/10/14 13:02:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
    [2013/10/14 13:02:57 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
    [2013/10/14 13:02:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
    [2013/10/14 13:02:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
    [2013/10/14 13:02:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
    [2013/10/14 13:02:53 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
    [2013/10/14 13:02:53 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
    [2013/10/14 13:02:53 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
    [2013/10/14 13:02:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
    [2013/10/14 13:02:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
    [2013/10/14 13:02:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
    [2013/10/14 13:02:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
    [2013/10/14 13:02:52 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
    [2013/10/14 13:02:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
    [2013/10/14 13:02:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
    [2013/10/14 13:02:51 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
    [2013/10/14 13:02:50 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
    [2013/10/14 13:02:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
    [2013/10/14 13:02:50 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
    [2013/10/14 13:02:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
    [2013/10/14 13:02:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
    [2013/10/14 13:02:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
    [2013/10/14 13:02:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
    [2013/10/14 13:02:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
    [2013/10/14 13:02:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
    [2013/10/14 13:02:46 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
    [2013/10/14 13:02:46 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
    [2013/10/14 13:02:41 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
    [2013/10/14 13:02:41 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
    [2013/10/14 13:02:39 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
    [2013/10/14 13:02:39 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
    [2013/10/14 13:02:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
    [2013/10/14 13:02:39 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
    [2013/10/14 13:02:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
    [2013/10/14 13:02:38 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
    [2013/10/14 13:02:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
    [2013/10/14 13:02:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2013/10/14 13:02:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
    [2013/10/14 13:02:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
    [2013/10/14 13:02:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
    [2013/10/14 13:02:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
    [2013/10/14 13:02:31 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
    [2013/10/14 13:02:31 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
    [2013/10/14 13:02:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
    [2013/10/14 13:02:30 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
    [2013/10/14 13:02:29 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
    [2013/10/14 13:02:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
    [2013/10/14 13:02:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
    [2013/10/14 13:02:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
    [2013/10/14 13:02:26 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
    [2013/10/14 13:02:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
    [2013/10/14 13:02:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
    [2013/10/14 13:02:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
    [2013/10/14 13:02:25 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
    [2013/10/14 13:02:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
    [2013/10/14 13:02:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
    [2013/10/14 13:02:21 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
    [2013/10/14 13:02:21 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
    [2013/10/14 13:02:21 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
    [2013/10/14 13:02:21 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
    [2013/10/14 13:02:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
    [2013/10/14 13:02:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
    [2013/10/14 13:02:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
    [2013/10/14 13:02:20 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
    [2013/10/14 13:02:20 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
    [2013/10/14 13:02:18 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
    [2013/10/14 13:02:17 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
    [2013/10/14 13:02:17 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
    [2013/10/14 13:02:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
    [2013/10/14 13:02:16 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
    [2013/10/14 13:02:16 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
    [2013/10/14 13:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
    [2013/10/14 13:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
    [2013/10/14 13:02:15 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
    [2013/10/14 13:02:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
    [2013/10/14 13:02:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
    [2013/10/14 13:02:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
    [2013/10/14 13:02:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
    [2013/10/14 13:02:13 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
    [2013/10/14 13:02:13 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
    [2013/10/14 13:02:13 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
    [2013/10/14 13:02:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
    [2013/10/14 13:02:12 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
    [2013/10/14 13:02:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
    [2013/10/14 13:02:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
    [2013/10/14 13:02:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
    [2013/10/14 13:02:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
    [2013/10/14 13:02:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
    [2013/10/14 13:02:10 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
    [2013/10/14 13:02:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
    [2013/10/14 13:02:09 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
    [2013/10/14 13:02:09 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
    [2013/10/14 13:02:09 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
    [2013/10/14 13:02:09 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
    [2013/10/14 13:02:09 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
    [2013/10/14 13:02:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
    [2013/10/14 13:02:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
    [2013/10/14 13:02:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
    [2013/10/14 13:02:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
    [2013/10/14 13:02:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
    [2013/10/14 13:02:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
    [2013/10/14 13:02:07 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
    [2013/10/14 13:02:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
    [2013/10/14 13:02:06 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
    [2013/10/14 13:02:05 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
    [2013/10/14 13:02:05 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
    [2013/10/14 13:02:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
    [2013/10/14 13:02:04 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
    [2013/10/14 13:02:03 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
    [2013/10/14 13:02:02 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
    [2013/10/14 13:02:02 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
    [2013/10/14 13:02:01 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
    [2013/10/14 13:02:01 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
    [2013/10/14 13:02:01 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
    [2013/10/14 13:02:00 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
    [2013/10/14 13:02:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
    [2013/10/14 13:02:00 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
    [2013/10/14 13:02:00 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
    [2013/10/14 13:01:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
    [2013/10/14 13:01:59 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
    [2013/10/14 13:01:58 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
    [2013/10/14 13:01:58 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
    [2013/10/14 13:01:58 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
    [2013/10/14 13:01:57 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
    [2013/10/14 13:01:56 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
    [2013/10/14 13:01:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
    [2013/10/14 13:01:52 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
    [2013/10/14 13:01:51 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
    [2013/10/14 13:01:51 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
    [2013/10/14 13:01:51 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
    [2013/10/14 13:01:50 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
    [2013/10/14 13:01:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
    [2013/10/14 13:01:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
    [2013/10/14 13:01:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
    [2013/10/14 13:01:46 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
    [2013/10/14 13:01:46 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
    [2013/10/14 13:01:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
    [2013/10/14 13:01:37 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
    [2013/10/14 13:01:36 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
    [2013/10/14 13:01:36 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
    [2013/10/14 13:01:30 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
    [2013/10/14 13:01:29 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
    [2013/10/14 13:01:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
    [2013/10/14 13:01:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
    [2013/10/14 13:01:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
    [2013/10/14 13:01:28 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
    [2013/10/14 13:01:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
    [2013/10/14 13:01:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
    [2013/10/14 13:01:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
    [2013/10/14 13:01:27 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
    [2013/10/14 13:01:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
    [2013/10/14 13:01:26 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
    [2013/10/14 13:01:26 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
    [2013/10/14 13:01:26 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
    [2013/10/14 13:01:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
    [2013/10/14 13:01:25 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
    [2013/10/14 13:01:25 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
    [2013/10/14 13:01:24 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
    [2013/10/14 13:01:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
    [2013/10/14 13:01:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
    [2013/10/14 13:01:19 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
    [2013/10/14 13:01:17 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
    [2013/10/14 13:01:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
    [2013/10/14 13:01:17 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
    [2013/10/14 13:01:16 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
    [2013/10/14 13:01:16 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
    [2013/10/14 13:01:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
    [2013/10/14 13:01:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
    [2013/10/14 13:01:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
    [2013/10/14 13:01:14 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
    [2013/10/14 13:01:14 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
    [2013/10/14 13:01:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
    [2013/10/14 13:01:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
    [2013/10/14 13:01:13 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
    [2013/10/14 13:01:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
    [2013/10/14 13:01:11 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
    [2013/10/14 13:01:10 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
    [2013/10/14 13:01:10 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
    [2013/10/14 13:01:10 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
    [2013/10/14 13:01:10 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
    [2013/10/14 13:01:09 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
    [2013/10/14 13:01:09 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
    [2013/10/14 13:01:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
    [2013/10/14 13:01:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
    [2013/10/14 13:01:07 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
    [2013/10/14 13:01:07 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
    [2013/10/14 13:01:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
    [2013/10/14 13:01:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2013/10/14 13:01:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
    [2013/10/14 13:01:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
    [2013/10/14 13:01:05 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
    [2013/10/14 13:01:05 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
    [2013/10/14 13:01:04 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
    [2013/10/14 13:01:04 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
    [2013/10/14 13:01:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
    [2013/10/14 13:01:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
    [2013/10/14 13:01:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
    [2013/10/14 13:01:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
    [2013/10/14 13:01:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
    [2013/10/14 13:01:01 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
    [2013/10/14 13:01:00 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
    [2013/10/14 13:01:00 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
    [2013/10/14 13:01:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
    [2013/10/14 13:01:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
    [2013/10/14 13:00:59 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
    [2013/10/14 13:00:59 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
    [2013/10/14 13:00:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
    [2013/10/14 13:00:59 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
    [2013/10/14 13:00:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
    [2013/10/14 13:00:58 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
    [2013/10/14 13:00:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
    [2013/10/14 13:00:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
    [2013/10/14 13:00:58 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
    [2013/10/14 13:00:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
    [2013/10/14 13:00:57 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
    [2013/10/14 13:00:57 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
    [2013/10/14 13:00:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
    [2013/10/14 13:00:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
    [2013/10/14 13:00:56 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
    [2013/10/14 13:00:55 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
    [2013/10/14 13:00:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
    [2013/10/14 13:00:54 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
    [2013/10/14 13:00:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
    [2013/10/14 13:00:53 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
    [2013/10/14 13:00:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
    [2013/10/14 13:00:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
    [2013/10/14 13:00:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
    [2013/10/14 13:00:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
    [2013/10/14 13:00:50 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
    [2013/10/14 13:00:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
    [2013/10/14 13:00:47 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
    [2013/10/14 13:00:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
    [2013/10/14 13:00:46 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
    [2013/10/14 13:00:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
    [2013/10/14 13:00:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
    [2013/10/14 13:00:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
    [2013/10/14 13:00:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
    [2013/10/14 13:00:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
    [2013/10/14 13:00:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
    [2013/10/14 13:00:41 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
    [2013/10/14 13:00:40 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •