Browser redirects, URL:Mal2 detected by Avast

NorthLight · Oct 17, 2013

Following a reinstall of Windows Vista, I find that Firefox is now redirecting to an unwanted site and Avast! is returning a URL:Mal2 warning. The site is blocked by Avast!. I also find that Windows does not shut down properly.
I am yet to install Windows SP2, which I'm not prepared to do until this malware is removed. A full Avast! scan returns no threats, neither does a Spyboat S&D scan.

DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 7.0.6001.18639
Run by ADB49 at 9:18:33 on 2013-10-17
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.44.1033.18.764.296 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [SiSTray] c:\program files\sis vga utilities\SiSTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TouchPadHotKey] c:\program files\fsc\touchpad hotkey utility\TouchPad_HotKey.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
StartupFolder: c:\users\adb49\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - c:\program files\fsc\wireless utility\WirelessSelector.exe
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07} : DHCPNameServer = 192.168.0.1
Notify: SDWinLogon - SDWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-11 16:41; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-10-11 22:57; {ab91efd4-6975-4081-8552-1b3922ed79e2}; c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - ExtSQL: 2013-10-13 23:35; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-10-16 16:25; {6005d9b1-d115-485a-a92a-3f6453ca3fe2}; c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
.
============= SERVICES / DRIVERS ===============
.
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2008-9-9 48128]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-10-11 49376]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-10-11 177864]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-11 770344]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-11 369584]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-11 29816]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-11 66336]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-11 46808]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-10-16 1817560]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-10-16 1033688]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-10-16 171928]
S3 SiS6350;SiS6350;c:\windows\system32\drivers\SISGRKMD.sys [2013-10-11 456568]
.
=============== Created Last 30 ================
.
2013-10-16 11:41:55 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b0569338-4286-4c1b-86f5-0911ffda286e}\mpengine.dll
2013-10-16 11:31:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-16 11:30:33 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-10-16 11:29:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-10-14 19:40:23 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-10-14 19:40:23 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-10-14 19:40:23 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-10-14 19:40:22 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-10-14 19:40:22 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-10-14 19:25:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2013-10-14 19:24:20 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2013-10-14 19:24:19 40448 ----a-w- c:\windows\system32\winrs.exe
2013-10-14 19:24:19 20480 ----a-w- c:\windows\system32\winrshost.exe
2013-10-14 19:24:16 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2013-10-14 19:24:16 10240 ----a-w- c:\windows\system32\winrssrv.dll
2013-10-14 19:24:10 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2013-10-14 19:24:10 79872 ----a-w- c:\windows\system32\wecutil.exe
2013-10-14 19:24:10 56320 ----a-w- c:\windows\system32\wecapi.dll
2013-10-14 19:24:10 54272 ----a-w- c:\windows\system32\WsmRes.dll
2013-10-14 19:24:10 146944 ----a-w- c:\windows\system32\wecsvc.dll
2013-10-14 19:24:08 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2013-10-14 19:23:29 201184 ----a-w- c:\windows\system32\winrm.vbs
2013-10-14 19:23:10 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2013-10-14 19:23:08 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2013-10-14 19:23:07 241152 ----a-w- c:\windows\system32\winrscmd.dll
2013-10-14 19:23:04 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2013-10-14 19:23:03 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2013-10-14 19:22:49 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2013-10-14 17:18:44 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-10-14 17:18:38 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-10-14 17:18:24 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2013-10-14 17:18:24 515584 ----a-w- c:\program files\windows mail\wab.exe
2013-10-14 17:18:24 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2013-10-14 17:18:21 501760 ----a-w- c:\windows\system32\usp10.dll
2013-10-14 17:18:14 125952 ----a-w- c:\windows\system32\srvsvc.dll
2013-10-14 17:18:13 17920 ----a-w- c:\windows\system32\netevent.dll
2013-10-14 17:18:01 72704 ----a-w- c:\windows\system32\fontsub.dll
2013-10-14 17:18:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-14 17:18:01 292864 ----a-w- c:\windows\system32\atmfd.dll
2013-10-14 17:16:56 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-10-14 17:15:36 1169408 ----a-w- c:\windows\system32\sdclt.exe
2013-10-14 17:15:27 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2013-10-14 17:15:24 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2013-10-14 17:15:20 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-10-14 17:15:20 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-10-14 17:15:16 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-10-14 17:15:14 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2013-10-14 17:15:11 430080 ----a-w- c:\windows\system32\vbscript.dll
2013-10-14 17:15:06 563200 ----a-w- c:\windows\system32\oleaut32.dll
2013-10-14 17:12:32 135168 ----a-w- c:\windows\system32\wshom.ocx
2013-10-14 17:12:31 90112 ----a-w- c:\windows\system32\wshext.dll
2013-10-14 17:12:31 155648 ----a-w- c:\windows\system32\wscript.exe
2013-10-14 17:12:30 135168 ----a-w- c:\windows\system32\cscript.exe
2013-10-14 17:12:29 180224 ----a-w- c:\windows\system32\scrobj.dll
2013-10-14 17:12:28 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-10-14 17:12:12 375808 ----a-w- c:\windows\system32\winsrv.dll
2013-10-14 17:12:11 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-10-14 17:12:03 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-10-14 17:12:00 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-10-14 17:11:48 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-14 16:42:56 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-10-14 16:39:40 276992 ----a-w- c:\windows\system32\schannel.dll
2013-10-14 13:11:27 -------- d-----w- C:\PerfLogs
2013-10-14 12:35:19 47560 ----a-w- c:\windows\system32\SPReview.exe
2013-10-14 12:35:13 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2013-10-14 12:10:15 193024 ----a-w- c:\windows\system32\recdisc.exe
2013-10-14 12:10:05 6656 ----a-w- c:\windows\system32\sdspres.dll
2013-10-14 12:08:42 599552 ----a-w- c:\windows\system32\vsp1cln.exe
2013-10-14 12:08:19 28160 ----a-w- c:\windows\system32\sxproxy.dll
2013-10-14 12:08:08 142336 ----a-w- c:\windows\system32\spp.dll
2013-10-14 12:06:54 34816 ----a-w- c:\windows\system32\drivers\npfs.sys
2013-10-14 12:05:58 391168 ----a-w- c:\windows\system32\mscms.dll
2013-10-14 12:04:59 146944 ----a-w- c:\windows\system32\RstrtMgr.dll
2013-10-14 12:03:59 616448 ----a-w- c:\windows\system32\dsuiext.dll
2013-10-14 12:02:59 83968 ----a-w- c:\windows\system32\hlink.dll
2013-10-14 12:01:59 533504 ----a-w- c:\windows\system32\wmdrmsdk.dll
2013-10-14 12:00:59 638976 ----a-w- c:\windows\system32\Utilman.exe
2013-10-14 11:53:47 44032 ----a-w- c:\windows\system32\cbsra.exe
2013-10-14 11:47:31 -------- d-----w- C:\03086a4ad6c74b04e539a6d7
2013-10-14 10:50:42 -------- d-----w- c:\users\adb49\appdata\local\WindowsUpdate
2013-10-14 10:39:25 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2013-10-14 10:39:24 31640 ----a-w- c:\windows\system32\msonpmon.dll
2013-10-14 10:35:59 -------- d-----w- c:\windows\PCHEALTH
2013-10-14 10:33:34 -------- d-----w- c:\windows\SHELLNEW
2013-10-14 10:32:57 -------- d-----w- c:\users\adb49\appdata\local\Microsoft Help
2013-10-13 22:21:05 97800 ----a-w- c:\windows\system32\infocardapi.dll
2013-10-13 22:21:01 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 22:20:57 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2013-10-13 22:20:56 622080 ----a-w- c:\windows\system32\icardagt.exe
2013-10-13 22:20:55 11264 ----a-w- c:\windows\system32\icardres.dll
2013-10-13 22:20:43 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2013-10-12 20:47:04 -------- d-----w- c:\users\adb49\appdata\roaming\DigitalSite
2013-10-12 20:46:45 -------- d-----w- c:\program files\BonanzaDealsLive
2013-10-12 20:46:44 -------- d-----w- c:\users\adb49\appdata\local\BonanzaDealsLive
2013-10-12 20:46:44 -------- d-----w- c:\programdata\BonanzaDealsLive
2013-10-12 20:46:12 -------- d-----w- c:\users\adb49\appdata\local\Google
2013-10-12 20:46:07 -------- d-----w- c:\program files\BonanzaDeals
2013-10-12 20:45:50 -------- d-----w- c:\program files\Image Converter
2013-10-12 20:23:55 -------- d-----w- c:\users\adb49\appdata\roaming\HpUpdate
2013-10-12 20:23:44 -------- d-----w- c:\windows\Hewlett-Packard
2013-10-12 18:11:19 378368 ----a-w- c:\windows\system32\winhttp.dll
2013-10-12 18:09:36 269312 ----a-w- c:\windows\system32\es.dll
2013-10-12 18:08:56 411136 ----a-w- c:\windows\system32\drivers\http.sys
2013-10-12 18:08:56 31232 ----a-w- c:\windows\system32\httpapi.dll
2013-10-12 18:08:56 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-10-12 18:07:52 -------- d-----w- c:\program files\MSXML 4.0
2013-10-12 16:12:44 -------- d-----w- c:\programdata\Canneverbe Limited
2013-10-12 16:12:32 -------- d-----w- c:\users\adb49\appdata\roaming\Canneverbe Limited
2013-10-12 16:01:19 -------- d-----w- c:\users\adb49\appdata\local\Macromedia
2013-10-12 16:00:22 -------- d-----w- c:\users\adb49\appdata\roaming\IrfanView
2013-10-12 16:00:20 -------- d-----w- c:\program files\IrfanView
2013-10-12 15:49:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-12 15:49:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-12 15:36:28 -------- d-----w- c:\users\adb49\appdata\local\Adobe
2013-10-12 15:32:16 -------- d-----w- c:\users\adb49\appdata\local\Amazon
2013-10-12 15:28:09 -------- d-----w- c:\program files\EasyGPS
2013-10-12 15:13:39 -------- d-----w- c:\programdata\CheckPoint
2013-10-12 14:43:33 -------- d-----w- c:\users\adb49\appdata\local\FlickrNet
2013-10-12 13:58:39 312832 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
2013-10-12 13:55:55 -------- d-----w- c:\program files\common files\HP
2013-10-12 02:10:37 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2013-10-12 02:10:37 64512 ----a-w- c:\windows\system32\wlanapi.dll
2013-10-12 02:10:37 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2013-10-12 02:10:36 513024 ----a-w- c:\windows\system32\wlansvc.dll
2013-10-12 02:10:36 302592 ----a-w- c:\windows\system32\wlansec.dll
2013-10-12 02:10:36 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2013-10-12 02:10:36 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2013-10-12 02:09:26 14848 ----a-w- c:\windows\system32\wshrm.dll
2013-10-12 02:09:26 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2013-10-12 02:08:35 43520 ----a-w- c:\windows\system32\msdxm.tlb
2013-10-12 02:08:35 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2013-10-12 02:08:35 18432 ----a-w- c:\windows\system32\amcompat.tlb
2013-10-12 02:07:51 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2013-10-12 02:07:51 329216 ----a-w- c:\windows\system32\msdrm.dll
2013-10-12 02:07:50 472064 ----a-w- c:\windows\system32\secproc.dll
2013-10-12 02:07:50 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2013-10-12 02:07:50 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2013-10-12 02:07:50 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2013-10-12 02:07:49 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2013-10-12 02:07:49 511488 ----a-w- c:\windows\system32\RMActivate.exe
2013-10-12 02:07:49 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2013-10-11 23:16:32 -------- d-sh--w- C:\Boot
2013-10-11 23:15:52 -------- d-----w- c:\windows\system32\OEM
2013-10-11 23:15:52 -------- d-----w- c:\windows\PANTHER
2013-10-11 20:23:29 23552 ----a-w- c:\windows\system32\lpk.dll
2013-10-11 20:23:29 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-10-11 20:22:34 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-10-11 20:22:14 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-10-11 20:19:44 72704 ----a-w- c:\windows\system32\admparse.dll
2013-10-11 20:19:38 48128 ----a-w- c:\windows\system32\mshtmler.dll
2013-10-11 20:19:32 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-10-11 20:17:41 61440 ----a-w- c:\windows\system32\winipsec.dll
2013-10-11 20:17:41 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2013-10-11 20:17:41 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2013-10-11 20:17:41 272896 ----a-w- c:\windows\system32\polstore.dll
2013-10-11 20:15:26 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2013-10-11 20:15:26 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2013-10-11 20:15:26 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2013-10-11 20:13:53 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2013-10-11 20:13:53 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2013-10-11 20:13:53 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2013-10-11 20:13:53 104960 ----a-w- c:\windows\system32\netiohlp.dll
2013-10-11 20:13:52 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2013-10-11 20:13:52 19968 ----a-w- c:\windows\system32\ARP.EXE
2013-10-11 20:13:52 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2013-10-11 20:13:52 10240 ----a-w- c:\windows\system32\finger.exe
2013-10-11 20:04:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-10-11 20:04:47 2048 ----a-w- c:\windows\system32\msxml6r.dll
2013-10-11 20:04:47 1399296 ----a-w- c:\windows\system32\msxml6.dll
2013-10-11 19:58:28 213504 ----a-w- c:\windows\system32\msv1_0.dll
2013-10-11 19:56:04 2868224 ----a-w- c:\windows\system32\mf.dll
2013-10-11 19:56:03 98816 ----a-w- c:\windows\system32\mfps.dll
2013-10-11 19:56:03 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2013-10-11 19:56:03 24576 ----a-w- c:\windows\system32\mfpmp.exe
2013-10-11 19:56:03 2048 ----a-w- c:\windows\system32\mferror.dll
2013-10-11 19:50:24 71680 ----a-w- c:\windows\system32\atl.dll
2013-10-11 19:49:23 296960 ----a-w- c:\windows\system32\gdi32.dll
2013-10-11 19:44:54 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2013-10-11 19:44:54 38912 ----a-w- c:\windows\system32\xolehlp.dll
2013-10-11 19:43:54 160256 ----a-w- c:\windows\system32\wkssvc.dll
2013-10-11 19:42:49 53248 ----a-w- c:\windows\system32\tsgqec.dll
2013-10-11 19:42:49 136192 ----a-w- c:\windows\system32\aaclient.dll
2013-10-11 19:41:45 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2013-10-11 19:39:44 714240 ----a-w- c:\windows\system32\timedate.cpl
2013-10-11 19:34:19 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2013-10-11 19:34:18 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2013-10-11 19:25:14 636928 ----a-w- c:\windows\system32\localspl.dll
2013-10-11 19:21:53 2927104 ----a-w- c:\windows\explorer.exe
2013-10-11 19:16:06 -------- d-----w- c:\windows\system32\MRT
2013-10-11 19:14:42 8704 ----a-w- c:\windows\system32\hccoin.dll
2013-10-11 19:14:42 15872 ----a-w- c:\windows\system32\hcrstco.dll
2013-10-11 19:11:26 171520 ----a-w- c:\windows\system32\wintrust.dll
2013-10-11 19:09:33 499712 ----a-w- c:\windows\system32\kerberos.dll
2013-10-11 19:09:32 9728 ----a-w- c:\windows\system32\lsass.exe
2013-10-11 19:09:32 72704 ----a-w- c:\windows\system32\secur32.dll
2013-10-11 19:09:32 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-10-11 19:09:32 175104 ----a-w- c:\windows\system32\wdigest.dll
2013-10-11 19:09:31 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2013-10-11 19:04:59 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2013-10-11 18:59:47 6656 ----a-w- c:\windows\system32\kbd106n.dll
2013-10-11 18:59:43 927288 ----a-w- c:\windows\system32\winresume.exe
2013-10-11 18:59:42 988216 ----a-w- c:\windows\system32\winload.exe
2013-10-11 18:59:42 40960 ----a-w- c:\windows\system32\srclient.dll
2013-10-11 18:59:42 378368 ----a-w- c:\windows\system32\srcore.dll
2013-10-11 18:59:42 318464 ----a-w- c:\windows\system32\rstrui.exe
2013-10-11 18:59:42 19000 ----a-w- c:\windows\system32\kd1394.dll
2013-10-11 18:59:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
2013-10-11 18:59:41 615992 ----a-w- c:\windows\system32\ci.dll
2013-10-11 18:59:41 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2013-10-11 18:56:48 551424 ----a-w- c:\windows\system32\rpcss.dll
2013-10-11 18:56:47 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2013-10-11 18:56:46 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2013-10-11 18:56:46 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2013-10-11 18:56:46 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2013-10-11 18:56:46 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2013-10-11 18:56:45 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2013-10-11 18:56:45 54784 ----a-w- c:\windows\system32\iasads.dll
2013-10-11 18:56:45 44032 ----a-w- c:\windows\system32\iasdatastore.dll
2013-10-11 18:56:45 17408 ----a-w- c:\windows\system32\iashost.exe
2013-10-11 18:56:44 98304 ----a-w- c:\windows\system32\iasrecst.dll
2013-10-11 18:56:44 183296 ----a-w- c:\windows\system32\sdohlp.dll
2013-10-11 18:54:59 62464 ----a-w- c:\windows\system32\l3codeca.acm
2013-10-11 18:54:59 220672 ----a-w- c:\windows\system32\l3codecp.acm
2013-10-11 18:54:45 -------- d-----w- c:\program files\common files\Hewlett-Packard
2013-10-11 18:51:53 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2013-10-11 18:51:53 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-10-11 18:51:53 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2013-10-11 18:49:55 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2013-10-11 18:46:55 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-10-11 18:45:04 24064 ----a-w- c:\windows\system32\amxread.dll
2013-10-11 18:45:04 13824 ----a-w- c:\windows\system32\apilogen.dll
2013-10-11 18:42:04 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-10-11 18:42:03 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-10-11 18:42:03 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-10-11 18:41:06 966656 ----a-w- c:\windows\system32\hpost_p02c.dll
2013-10-11 18:41:06 315392 ----a-w- c:\windows\system32\hposc_p02a.dll
2013-10-11 18:41:05 712704 ----a-w- c:\windows\system32\hposwia_p02c.dll
2013-10-11 18:41:05 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2013-10-11 18:41:05 309760 ----a-w- c:\windows\system32\difxapi.dll
2013-10-11 18:40:31 98304 ----a-w- c:\windows\system32\cabview.dll
2013-10-11 18:40:28 452408 ----a-w- c:\windows\system32\hpzids01.dll
2013-10-11 18:40:00 123904 ----a-w- c:\windows\system32\hpf3l70v.dll
2013-10-11 18:39:54 -------- d-----w- c:\users\adb49\{ea923793-435b-419d-b4c2-385cf01d320b}
2013-10-11 18:32:11 443392 ----a-w- c:\windows\system32\win32spl.dll
2013-10-11 18:32:11 37888 ----a-w- c:\windows\system32\printcom.dll
2013-10-11 18:23:24 -------- d-----w- c:\program files\HP
2013-10-11 17:48:37 83968 ----a-w- c:\windows\system32\mscories.dll
2013-10-11 17:48:37 158720 ----a-w- c:\windows\system32\mscorier.dll
2013-10-11 17:31:06 1695744 ----a-w- c:\windows\system32\gameux.dll
2013-10-11 17:30:37 94720 ----a-w- c:\windows\system32\logagent.exe
2013-10-11 17:30:36 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2013-10-11 17:29:44 84480 ----a-w- c:\windows\system32\INETRES.dll
2013-10-11 17:29:19 61440 ----a-w- c:\windows\system32\msasn1.dll
2013-10-11 17:28:57 1645568 ----a-w- c:\windows\system32\connect.dll
2013-10-11 17:28:30 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2013-10-11 17:27:45 281600 ----a-w- c:\windows\system32\raschap.dll
2013-10-11 17:27:45 244224 ----a-w- c:\windows\system32\rastls.dll
2013-10-11 17:27:20 351232 ----a-w- c:\windows\system32\WSDApi.dll
2013-10-11 17:26:09 91136 ----a-w- c:\windows\system32\avifil32.dll
2013-10-11 17:26:09 82944 ----a-w- c:\windows\system32\mciavi32.dll
2013-10-11 17:26:09 65024 ----a-w- c:\windows\system32\avicap32.dll
2013-10-11 17:26:09 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2013-10-11 17:26:09 31744 ----a-w- c:\windows\system32\msvidc32.dll
2013-10-11 17:26:09 22528 ----a-w- c:\windows\system32\msyuv.dll
2013-10-11 17:26:09 13312 ----a-w- c:\windows\system32\msrle32.dll
2013-10-11 17:26:09 123904 ----a-w- c:\windows\system32\msvfw32.dll
2013-10-11 17:26:09 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2013-10-11 17:25:26 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-10-11 17:24:25 7680 ----a-w- c:\windows\system32\spwmp.dll
2013-10-11 17:24:25 4096 ----a-w- c:\windows\system32\dxmasf.dll
2013-10-11 17:24:25 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2013-10-11 17:24:24 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-10-11 17:24:24 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2013-10-11 17:24:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2013-10-11 17:24:21 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2013-10-11 15:51:59 91544 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
2013-10-11 15:42:49 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-11 15:42:48 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-11 15:42:47 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-11 15:42:44 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-11 15:41:58 -------- d-sh--w- c:\windows\Installer
2013-10-11 15:41:33 41664 ----a-w- c:\windows\avastSS.scr
2013-10-11 15:40:42 -------- d-----w- c:\program files\AVAST Software
2013-10-11 15:39:10 -------- d-----w- c:\programdata\AVAST Software
2013-10-11 15:10:46 -------- d-----w- c:\program files\Synaptics
2013-10-11 15:07:48 520192 ----a-w- c:\windows\RtlExUpd.dll
2013-10-11 15:07:48 315392 ----a-w- c:\windows\HideWin.exe
2013-10-11 15:07:43 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2013-10-11 15:07:43 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-10-11 15:07:43 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2013-10-11 15:07:43 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2013-10-11 15:07:42 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2013-10-11 15:07:42 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-10-11 15:07:41 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2013-10-11 15:07:40 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2013-10-11 15:07:09 6656 ----a-w- c:\windows\system32\SiSApi.dll
2013-10-11 15:07:06 -------- d-----w- c:\program files\SiS VGA Utilities
2013-10-11 15:06:27 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2013-10-11 15:06:27 187320 ----a-w- c:\windows\system32\drivers\SynTP.sys
2013-10-11 15:06:27 163840 ----a-w- c:\windows\system32\SynCOM.dll
2013-10-11 15:06:27 143360 ----a-w- c:\windows\system32\SynTPAPI.dll
2013-10-11 15:06:27 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2013-10-11 15:06:27 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2013-10-11 15:05:46 6656 ----a-w- c:\windows\system32\SiSCo.dll
2013-10-11 15:05:46 655360 ----a-w- c:\windows\system32\SiSClone.dll
2013-10-11 15:05:46 5632 ----a-w- c:\windows\system32\SiSKrl.dll
2013-10-11 15:05:46 456568 ----a-w- c:\windows\system32\drivers\SISGRKMD.sys
2013-10-11 15:05:46 4078592 ----a-w- c:\windows\system32\SiSGlv.dll
2013-10-11 15:05:46 3625984 ----a-w- c:\windows\system32\SISGRUMD.dll
2013-10-11 15:05:46 212992 ----a-w- c:\windows\system32\SiSFunc.dll
2013-10-11 15:05:45 56184 ----a-w- c:\windows\system32\drivers\SISAGPX.SYS
2013-10-11 15:05:13 22632 ----a-w- c:\windows\system32\streamci.dll
2013-10-11 14:55:25 -------- d-----w- C:\fsc.tmp
2013-10-11 14:46:56 516784 ----a-r- c:\windows\system32\XceedCry.dll
.
==================== Find3M ====================
.
2013-10-14 12:50:57 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2013-10-14 12:50:38 82432 ----a-w- c:\windows\system32\axaltocm.dll
2013-10-12 18:08:56 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2013-10-11 19:04:59 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2013-10-11 18:45:04 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2013-10-11 17:31:08 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2013-10-11 15:08:11 319456 ----a-w- c:\windows\DIFxAPI.dll
.
============= FINISH: 9:20:12.63 ===============

View attachment attach.zip
View attachment aswMBR.txt

ken545 · Oct 22, 2013

:welcome:

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

Ensure all Firefox windows are closed.
To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
When prompted to run the scan, click Yes.
GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Please download Malwarebytes from Here or Here

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

Post the report please

NorthLight · Oct 22, 2013

Logs

Thank you.

Gooredfix log:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 10:36 on 22/10/2013 (ADB49)
Firefox version 24.0 (en-US)

========== GooredScan ==========

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
(none)

C:\Users\ADB49\Application Data\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\
{ab91efd4-6975-4081-8552-1b3922ed79e2} [21:57 11/10/2013]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [15:41 11/10/2013]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [22:34 13/10/2013]

-=E.O.F=-

MBAM log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.22.03

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
ADB49 :: ADB [administrator]

22/10/2013 10:41:07
mbam-log-2013-10-22 (10-41-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 187939
Time elapsed: 11 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0Z1N1J -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 8
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Program Files\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.
C:\Program Files\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.

Files Detected: 7
C:\$Recycle.Bin\S-1-5-21-3740713769-1093254276-2860028584-1000\$RTFYJ6H.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\config.dat (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\prod.dat (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\STTL.DAT (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\TTL.DAT (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\Users\ADB49\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe (PUP.Optional.DigitalSite.A) -> Quarantined and deleted successfully.
C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Quarantined and deleted successfully.

(end)

ken545 · Oct 22, 2013

Lets clean you up a bit more

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

NorthLight · Oct 22, 2013

# AdwCleaner v3.010 - Report created 22/10/2013 at 12:50:03
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# Username : ADB49 - ADB
# Running from : C:\Users\ADB49\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\digitalsite
File Found : C:\Windows\Tasks\digitalsite.job
Folder Found C:\Program Files\BonanzaDeals
Folder Found C:\Users\ADB49\AppData\Roaming\digitalsite

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\digitalsite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\digitalsite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\digitalsite

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18639

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1266 octets] - [22/10/2013 12:50:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1326 octets] ##########

ken545 · Oct 22, 2013

Go ahead and run AdwCleaner again and this time click on Clean, post the log please

NorthLight · Oct 22, 2013

# AdwCleaner v3.010 - Report created 22/10/2013 at 14:40:41
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# Username : ADB49 - ADB
# Running from : C:\Users\ADB49\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\BonanzaDeals
Folder Deleted : C:\Users\ADB49\AppData\Roaming\digitalsite
File Deleted : C:\Windows\Tasks\digitalsite.job
File Deleted : C:\Windows\System32\Tasks\digitalsite

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\digitalsite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48F17925-B968-4C71-9982-79F5C289F5EB}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48F17925-B968-4C71-9982-79F5C289F5EB}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18639

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1406 octets] - [22/10/2013 12:50:03]
AdwCleaner[R1].txt - [1466 octets] - [22/10/2013 14:39:42]
AdwCleaner[S0].txt - [1475 octets] - [22/10/2013 14:40:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1535 octets] ##########

ken545 · Oct 22, 2013

How are the Firefox redirects ? Run this tool first and then run OTL and post the logs please

Download Junkware Removal Tool to your desktop

shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.

OTL by OldTimer

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

NorthLight · Oct 22, 2013

So far today, I have had NO Firefox redirects; since this problem started, there was usually something upon starting the PC from sleep, and one or two attempts through the day.

Please note that the OTL logs needed to be spread over three posts.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows Vista (TM) Home Basic x86
Ran by ADB49 on 22/10/2013 at 15:27:22.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\ADB49\AppData\Roaming\mozilla\firefox\profiles\4vgpos24.default\minidumps [6 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/10/2013 at 15:30:53.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL logfile created on: 22/10/2013 15:37:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ADB49\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

764.46 Mb Total Physical Memory | 307.47 Mb Available Physical Memory | 40.22% Memory free
1.75 Gb Paging File | 1.06 Gb Available in Paging File | 60.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS

Computer Name: ADB | User Name: ADB49 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\ADB49\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe (ITE Tech Inc.)
PRC - C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
PRC - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()

========== Services (SafeList) ==========

SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (SiS6350) -- C:\Windows\System32\drivers\SISGRKMD.sys (Silicon Integrated Systems Corporation)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (SISAGP) -- C:\Windows\System32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-3740713769-1093254276-2860028584-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.28.1
FF - prefs.js..extensions.enabledAddons: %7B6005d9b1-d115-485a-a92a-3f6453ca3fe2%7D:2.4
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/21 11:58:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/10/11 16:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Extensions
[2013/10/16 16:25:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions
[2013/10/11 22:57:41 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2013/10/16 16:25:22 | 000,260,260 | ---- | M] () (No name found) -- C:\Users\ADB49\AppData\Roaming\Mozilla\Firefox\Profiles\4vgpos24.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
[2013/10/11 16:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/11 16:52:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/21 11:58:33 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SiSTray] C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [TouchPadHotKey] C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{78f811bc-329f-11e3-b86e-001e33027fe2}\Shell\AutoRun\command - "" = E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe
O33 - MountPoints2\{78f811c1-329f-11e3-b86e-001e33027fe2}\Shell - "" = AutoRun
O33 - MountPoints2\{78f811c1-329f-11e3-b86e-001e33027fe2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/22 15:34:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ADB49\Desktop\OTL.exe
[2013/10/22 15:27:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/22 15:24:17 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\ADB49\Desktop\JRT.exe
[2013/10/22 12:49:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/22 10:37:56 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Malwarebytes
[2013/10/22 10:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/22 10:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/22 10:37:28 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/10/22 10:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/22 10:36:07 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\GooredFix Backups
[2013/10/22 10:34:17 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ADB49\Desktop\mbam-setup-1.75.0.1300.exe
[2013/10/22 10:32:46 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\ADB49\Desktop\GooredFix.exe
[2013/10/21 12:48:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\AVAST Software
[2013/10/21 11:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/10/20 03:04:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2013/10/18 22:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/10/17 10:00:26 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\Malware
[2013/10/17 09:16:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/10/17 09:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/10/17 09:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/10/16 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/10/16 12:30:33 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/10/16 12:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/10/14 22:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2013/10/14 21:01:22 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2013/10/14 21:01:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2013/10/14 21:01:10 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2013/10/14 21:01:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2013/10/14 21:01:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2013/10/14 21:01:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2013/10/14 21:01:08 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2013/10/14 21:01:08 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2013/10/14 21:01:08 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2013/10/14 21:01:06 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2013/10/14 21:01:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2013/10/14 21:01:06 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2013/10/14 21:01:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2013/10/14 21:01:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2013/10/14 21:01:05 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2013/10/14 21:01:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2013/10/14 21:01:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2013/10/14 21:01:04 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2013/10/14 21:01:02 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013/10/14 21:01:01 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013/10/14 21:01:01 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013/10/14 21:01:00 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013/10/14 21:01:00 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013/10/14 20:40:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2013/10/14 20:40:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2013/10/14 20:40:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013/10/14 20:27:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2013/10/14 20:25:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2013/10/14 20:24:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2013/10/14 20:24:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2013/10/14 20:24:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2013/10/14 20:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2013/10/14 20:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2013/10/14 20:24:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2013/10/14 20:24:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2013/10/14 20:24:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2013/10/14 20:24:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2013/10/14 20:24:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2013/10/14 20:23:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2013/10/14 20:23:08 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2013/10/14 20:23:07 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2013/10/14 20:23:04 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2013/10/14 20:23:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2013/10/14 18:18:38 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/10/14 18:18:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2013/10/14 18:18:01 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/14 18:18:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013/10/14 18:18:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/14 18:17:35 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013/10/14 18:17:33 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/14 18:17:33 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/10/14 18:17:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/10/14 18:17:30 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013/10/14 18:17:30 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/10/14 18:17:29 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/10/14 18:17:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/14 18:17:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2013/10/14 18:17:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/14 18:17:27 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/14 18:16:56 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/10/14 18:16:54 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/10/14 18:16:51 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2013/10/14 18:16:49 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2013/10/14 18:16:41 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2013/10/14 18:16:33 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2013/10/14 18:16:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2013/10/14 18:16:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2013/10/14 18:16:08 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2013/10/14 18:16:04 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/14 18:15:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2013/10/14 18:15:14 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2013/10/14 18:14:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2013/10/14 18:14:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2013/10/14 18:14:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2013/10/14 18:14:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2013/10/14 18:14:33 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2013/10/14 18:14:30 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2013/10/14 18:14:29 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2013/10/14 18:14:28 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2013/10/14 18:14:27 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2013/10/14 18:14:15 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2013/10/14 18:14:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2013/10/14 18:14:12 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2013/10/14 18:13:51 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/10/14 18:13:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013/10/14 18:13:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2013/10/14 18:13:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/14 18:13:20 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2013/10/14 18:13:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/10/14 18:12:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/10/14 18:12:29 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2013/10/14 18:12:12 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/10/14 18:12:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/10/14 17:08:35 | 000,000,000 | --SD | C] -- C:\Users\ADB49\Documents\My Data Sources
[2013/10/14 14:11:27 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2013/10/14 13:35:19 | 000,047,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe
[2013/10/14 13:35:13 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll
[2013/10/14 13:10:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2013/10/14 13:10:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2013/10/14 13:08:42 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2013/10/14 13:08:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2013/10/14 13:07:30 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2013/10/14 13:07:30 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2013/10/14 13:07:30 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2013/10/14 13:07:30 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2013/10/14 13:07:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2013/10/14 13:07:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/10/14 13:07:29 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2013/10/14 13:07:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2013/10/14 13:07:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2013/10/14 13:07:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2013/10/14 13:07:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2013/10/14 13:07:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2013/10/14 13:07:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2013/10/14 13:07:24 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2013/10/14 13:07:24 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2013/10/14 13:07:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2013/10/14 13:07:24 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2013/10/14 13:07:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2013/10/14 13:07:22 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2013/10/14 13:07:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2013/10/14 13:07:21 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2013/10/14 13:07:18 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2013/10/14 13:07:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/10/14 13:07:17 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2013/10/14 13:07:17 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2013/10/14 13:07:17 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2013/10/14 13:07:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2013/10/14 13:07:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/10/14 13:07:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2013/10/14 13:07:12 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2013/10/14 13:07:11 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2013/10/14 13:07:11 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2013/10/14 13:07:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2013/10/14 13:07:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2013/10/14 13:07:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2013/10/14 13:07:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2013/10/14 13:07:09 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2013/10/14 13:07:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2013/10/14 13:07:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2013/10/14 13:07:08 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2013/10/14 13:07:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2013/10/14 13:07:08 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/10/14 13:07:07 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2013/10/14 13:07:07 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2013/10/14 13:07:07 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2013/10/14 13:07:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2013/10/14 13:07:06 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2013/10/14 13:07:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2013/10/14 13:07:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2013/10/14 13:07:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2013/10/14 13:07:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2013/10/14 13:07:05 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2013/10/14 13:07:04 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2013/10/14 13:07:01 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2013/10/14 13:07:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2013/10/14 13:07:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2013/10/14 13:07:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2013/10/14 13:06:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2013/10/14 13:06:48 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2013/10/14 13:06:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2013/10/14 13:06:43 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2013/10/14 13:06:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2013/10/14 13:06:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2013/10/14 13:06:40 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2013/10/14 13:06:40 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2013/10/14 13:06:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2013/10/14 13:06:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2013/10/14 13:06:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2013/10/14 13:06:39 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2013/10/14 13:06:38 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2013/10/14 13:06:37 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2013/10/14 13:06:36 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2013/10/14 13:06:35 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2013/10/14 13:06:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2013/10/14 13:06:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2013/10/14 13:06:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2013/10/14 13:06:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2013/10/14 13:06:34 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/10/14 13:06:34 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2013/10/14 13:06:34 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2013/10/14 13:06:33 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2013/10/14 13:06:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/10/14 13:06:33 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013/10/14 13:06:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2013/10/14 13:06:32 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2013/10/14 13:06:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2013/10/14 13:06:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2013/10/14 13:06:31 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2013/10/14 13:06:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2013/10/14 13:06:31 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2013/10/14 13:06:30 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2013/10/14 13:06:30 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2013/10/14 13:06:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2013/10/14 13:06:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2013/10/14 13:06:28 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2013/10/14 13:06:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2013/10/14 13:06:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2013/10/14 13:06:24 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2013/10/14 13:06:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2013/10/14 13:06:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2013/10/14 13:06:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2013/10/14 13:06:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2013/10/14 13:06:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2013/10/14 13:06:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2013/10/14 13:06:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2013/10/14 13:06:22 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2013/10/14 13:06:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2013/10/14 13:06:21 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2013/10/14 13:06:20 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2013/10/14 13:06:20 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2013/10/14 13:06:19 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2013/10/14 13:06:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2013/10/14 13:06:18 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2013/10/14 13:06:17 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2013/10/14 13:06:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2013/10/14 13:06:16 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2013/10/14 13:06:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2013/10/14 13:06:16 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2013/10/14 13:06:15 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2013/10/14 13:06:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2013/10/14 13:06:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2013/10/14 13:06:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2013/10/14 13:06:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2013/10/14 13:06:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2013/10/14 13:06:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/10/14 13:06:12 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2013/10/14 13:06:11 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2013/10/14 13:06:11 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2013/10/14 13:06:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2013/10/14 13:06:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2013/10/14 13:06:11 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2013/10/14 13:06:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2013/10/14 13:06:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2013/10/14 13:06:10 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2013/10/14 13:06:10 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2013/10/14 13:06:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2013/10/14 13:06:10 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2013/10/14 13:06:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2013/10/14 13:06:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2013/10/14 13:06:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/10/14 13:06:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2013/10/14 13:06:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2013/10/14 13:06:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2013/10/14 13:06:08 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2013/10/14 13:06:06 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2013/10/14 13:06:06 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2013/10/14 13:06:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2013/10/14 13:06:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2013/10/14 13:06:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2013/10/14 13:06:05 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2013/10/14 13:06:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2013/10/14 13:06:02 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2013/10/14 13:06:01 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2013/10/14 13:06:00 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2013/10/14 13:06:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2013/10/14 13:05:58 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2013/10/14 13:05:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2013/10/14 13:05:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2013/10/14 13:05:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2013/10/14 13:05:47 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2013/10/14 13:05:47 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2013/10/14 13:05:46 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2013/10/14 13:05:45 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2013/10/14 13:05:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2013/10/14 13:05:41 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2013/10/14 13:05:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2013/10/14 13:05:40 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2013/10/14 13:05:36 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2013/10/14 13:05:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2013/10/14 13:05:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2013/10/14 13:05:32 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2013/10/14 13:05:31 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2013/10/14 13:05:31 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2013/10/14 13:05:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2013/10/14 13:05:31 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2013/10/14 13:05:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2013/10/14 13:05:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2013/10/14 13:05:29 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2013/10/14 13:05:27 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2013/10/14 13:05:27 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2013/10/14 13:05:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2013/10/14 13:05:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2013/10/14 13:05:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2013/10/14 13:05:26 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2013/10/14 13:05:26 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2013/10/14 13:05:26 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2013/10/14 13:05:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2013/10/14 13:05:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2013/10/14 13:05:25 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013/10/14 13:05:25 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2013/10/14 13:05:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2013/10/14 13:05:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2013/10/14 13:05:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2013/10/14 13:05:24 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2013/10/14 13:05:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2013/10/14 13:05:23 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2013/10/14 13:05:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2013/10/14 13:05:18 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2013/10/14 13:05:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2013/10/14 13:05:18 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2013/10/14 13:05:18 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2013/10/14 13:05:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2013/10/14 13:05:17 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2013/10/14 13:05:17 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2013/10/14 13:05:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2013/10/14 13:05:17 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2013/10/14 13:05:17 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/10/14 13:05:17 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2013/10/14 13:05:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/10/14 13:05:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2013/10/14 13:05:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2013/10/14 13:05:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2013/10/14 13:05:16 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2013/10/14 13:05:15 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2013/10/14 13:05:15 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2013/10/14 13:05:15 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2013/10/14 13:05:15 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2013/10/14 13:05:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2013/10/14 13:05:14 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2013/10/14 13:05:13 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2013/10/14 13:05:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013/10/14 13:05:12 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2013/10/14 13:05:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2013/10/14 13:05:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2013/10/14 13:05:11 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2013/10/14 13:05:11 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2013/10/14 13:05:11 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2013/10/14 13:05:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2013/10/14 13:05:11 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2013/10/14 13:05:10 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2013/10/14 13:05:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2013/10/14 13:05:09 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2013/10/14 13:05:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2013/10/14 13:05:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2013/10/14 13:05:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2013/10/14 13:05:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2013/10/14 13:05:08 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2013/10/14 13:05:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2013/10/14 13:05:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2013/10/14 13:05:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2013/10/14 13:05:06 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2013/10/14 13:05:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2013/10/14 13:05:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2013/10/14 13:05:04 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2013/10/14 13:05:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2013/10/14 13:05:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2013/10/14 13:05:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2013/10/14 13:05:02 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2013/10/14 13:05:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2013/10/14 13:05:00 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2013/10/14 13:05:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2013/10/14 13:05:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2013/10/14 13:05:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll

NorthLight · Oct 22, 2013

OTL log part 2

[2013/10/14 13:04:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2013/10/14 13:04:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2013/10/14 13:04:57 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2013/10/14 13:04:57 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2013/10/14 13:04:57 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2013/10/14 13:04:56 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2013/10/14 13:04:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2013/10/14 13:04:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2013/10/14 13:04:55 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2013/10/14 13:04:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2013/10/14 13:04:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2013/10/14 13:04:54 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2013/10/14 13:04:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2013/10/14 13:04:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2013/10/14 13:04:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2013/10/14 13:04:53 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2013/10/14 13:04:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2013/10/14 13:04:52 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2013/10/14 13:04:49 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2013/10/14 13:04:49 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2013/10/14 13:04:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2013/10/14 13:04:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2013/10/14 13:04:48 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013/10/14 13:04:48 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/10/14 13:04:48 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2013/10/14 13:04:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2013/10/14 13:04:47 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2013/10/14 13:04:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2013/10/14 13:04:47 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2013/10/14 13:04:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2013/10/14 13:04:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2013/10/14 13:04:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2013/10/14 13:04:45 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2013/10/14 13:04:45 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2013/10/14 13:04:45 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2013/10/14 13:04:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2013/10/14 13:04:44 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2013/10/14 13:04:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2013/10/14 13:04:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2013/10/14 13:04:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2013/10/14 13:04:44 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2013/10/14 13:04:43 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2013/10/14 13:04:43 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2013/10/14 13:04:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2013/10/14 13:04:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2013/10/14 13:04:43 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2013/10/14 13:04:42 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2013/10/14 13:04:42 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2013/10/14 13:04:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2013/10/14 13:04:41 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2013/10/14 13:04:41 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2013/10/14 13:04:41 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/14 13:04:41 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/14 13:04:41 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/14 13:04:40 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2013/10/14 13:04:40 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2013/10/14 13:04:39 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/14 13:04:39 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2013/10/14 13:04:39 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2013/10/14 13:04:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2013/10/14 13:04:38 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2013/10/14 13:04:38 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2013/10/14 13:04:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2013/10/14 13:04:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2013/10/14 13:04:36 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2013/10/14 13:04:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2013/10/14 13:04:35 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2013/10/14 13:04:35 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2013/10/14 13:04:35 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2013/10/14 13:04:34 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2013/10/14 13:04:34 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2013/10/14 13:04:34 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2013/10/14 13:04:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2013/10/14 13:04:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2013/10/14 13:04:33 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2013/10/14 13:04:33 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2013/10/14 13:04:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013/10/14 13:04:32 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2013/10/14 13:04:32 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2013/10/14 13:04:32 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2013/10/14 13:04:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2013/10/14 13:04:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2013/10/14 13:04:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2013/10/14 13:04:31 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2013/10/14 13:04:31 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2013/10/14 13:04:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013/10/14 13:04:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2013/10/14 13:04:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2013/10/14 13:04:30 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2013/10/14 13:04:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2013/10/14 13:04:29 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2013/10/14 13:04:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2013/10/14 13:04:29 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2013/10/14 13:04:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2013/10/14 13:04:28 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2013/10/14 13:04:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2013/10/14 13:04:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2013/10/14 13:04:28 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2013/10/14 13:04:27 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2013/10/14 13:04:27 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2013/10/14 13:04:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2013/10/14 13:04:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2013/10/14 13:04:27 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2013/10/14 13:04:26 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2013/10/14 13:04:26 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2013/10/14 13:04:26 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2013/10/14 13:04:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2013/10/14 13:04:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2013/10/14 13:04:25 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2013/10/14 13:04:25 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2013/10/14 13:04:24 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2013/10/14 13:04:24 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2013/10/14 13:04:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2013/10/14 13:04:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2013/10/14 13:04:24 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2013/10/14 13:04:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2013/10/14 13:04:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2013/10/14 13:04:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2013/10/14 13:04:21 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2013/10/14 13:04:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2013/10/14 13:04:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2013/10/14 13:04:18 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2013/10/14 13:04:17 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2013/10/14 13:04:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2013/10/14 13:04:15 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2013/10/14 13:04:15 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2013/10/14 13:04:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2013/10/14 13:04:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2013/10/14 13:04:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2013/10/14 13:04:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2013/10/14 13:04:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2013/10/14 13:04:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2013/10/14 13:04:14 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2013/10/14 13:04:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2013/10/14 13:04:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2013/10/14 13:04:13 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2013/10/14 13:04:13 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2013/10/14 13:04:13 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2013/10/14 13:04:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013/10/14 13:04:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2013/10/14 13:04:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2013/10/14 13:04:11 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2013/10/14 13:04:11 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2013/10/14 13:04:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2013/10/14 13:04:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2013/10/14 13:04:10 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2013/10/14 13:04:08 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2013/10/14 13:04:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/10/14 13:04:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2013/10/14 13:04:08 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2013/10/14 13:04:07 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2013/10/14 13:04:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2013/10/14 13:04:07 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2013/10/14 13:04:07 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2013/10/14 13:04:06 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2013/10/14 13:04:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013/10/14 13:04:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2013/10/14 13:04:06 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2013/10/14 13:04:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2013/10/14 13:04:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2013/10/14 13:04:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2013/10/14 13:04:05 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2013/10/14 13:04:05 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2013/10/14 13:04:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2013/10/14 13:04:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2013/10/14 13:04:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2013/10/14 13:04:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2013/10/14 13:04:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2013/10/14 13:04:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2013/10/14 13:04:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2013/10/14 13:04:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2013/10/14 13:04:03 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2013/10/14 13:04:03 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/10/14 13:04:03 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2013/10/14 13:04:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2013/10/14 13:04:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2013/10/14 13:04:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2013/10/14 13:04:02 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2013/10/14 13:04:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2013/10/14 13:04:02 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2013/10/14 13:04:01 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/10/14 13:04:01 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/10/14 13:04:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2013/10/14 13:04:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2013/10/14 13:04:00 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2013/10/14 13:04:00 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2013/10/14 13:04:00 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2013/10/14 13:04:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2013/10/14 13:04:00 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2013/10/14 13:03:59 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2013/10/14 13:03:59 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2013/10/14 13:03:58 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2013/10/14 13:03:58 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013/10/14 13:03:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2013/10/14 13:03:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2013/10/14 13:03:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2013/10/14 13:03:57 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2013/10/14 13:03:57 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2013/10/14 13:03:57 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2013/10/14 13:03:57 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2013/10/14 13:03:56 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2013/10/14 13:03:56 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2013/10/14 13:03:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2013/10/14 13:03:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2013/10/14 13:03:54 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2013/10/14 13:03:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2013/10/14 13:03:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2013/10/14 13:03:54 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2013/10/14 13:03:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2013/10/14 13:03:53 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2013/10/14 13:03:53 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2013/10/14 13:03:53 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2013/10/14 13:03:53 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2013/10/14 13:03:53 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2013/10/14 13:03:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2013/10/14 13:03:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2013/10/14 13:03:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2013/10/14 13:03:52 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/10/14 13:03:51 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2013/10/14 13:03:51 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2013/10/14 13:03:51 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2013/10/14 13:03:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2013/10/14 13:03:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2013/10/14 13:03:50 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2013/10/14 13:03:50 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2013/10/14 13:03:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2013/10/14 13:03:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2013/10/14 13:03:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2013/10/14 13:03:47 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2013/10/14 13:03:47 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2013/10/14 13:03:47 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2013/10/14 13:03:46 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2013/10/14 13:03:45 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2013/10/14 13:03:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2013/10/14 13:03:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2013/10/14 13:03:44 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2013/10/14 13:03:44 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2013/10/14 13:03:42 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2013/10/14 13:03:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2013/10/14 13:03:41 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2013/10/14 13:03:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2013/10/14 13:03:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2013/10/14 13:03:39 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2013/10/14 13:03:39 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2013/10/14 13:03:39 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2013/10/14 13:03:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2013/10/14 13:03:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2013/10/14 13:03:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2013/10/14 13:03:37 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2013/10/14 13:03:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2013/10/14 13:03:36 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/10/14 13:03:36 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2013/10/14 13:03:36 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2013/10/14 13:03:35 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2013/10/14 13:03:34 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2013/10/14 13:03:34 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2013/10/14 13:03:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2013/10/14 13:03:33 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2013/10/14 13:03:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2013/10/14 13:03:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2013/10/14 13:03:30 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2013/10/14 13:03:23 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2013/10/14 13:03:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2013/10/14 13:03:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/10/14 13:03:18 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2013/10/14 13:03:18 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2013/10/14 13:03:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2013/10/14 13:03:17 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2013/10/14 13:03:16 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/14 13:03:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2013/10/14 13:03:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2013/10/14 13:03:15 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2013/10/14 13:03:14 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2013/10/14 13:03:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2013/10/14 13:03:12 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2013/10/14 13:03:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2013/10/14 13:03:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2013/10/14 13:03:09 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2013/10/14 13:03:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2013/10/14 13:03:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2013/10/14 13:03:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2013/10/14 13:03:08 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2013/10/14 13:03:08 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2013/10/14 13:03:08 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2013/10/14 13:03:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2013/10/14 13:03:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/10/14 13:03:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2013/10/14 13:03:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/10/14 13:03:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/10/14 13:03:04 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2013/10/14 13:03:03 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2013/10/14 13:03:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2013/10/14 13:03:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2013/10/14 13:03:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013/10/14 13:03:02 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2013/10/14 13:03:02 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/10/14 13:03:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2013/10/14 13:03:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2013/10/14 13:03:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2013/10/14 13:02:59 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2013/10/14 13:02:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2013/10/14 13:02:57 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/10/14 13:02:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2013/10/14 13:02:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2013/10/14 13:02:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2013/10/14 13:02:53 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2013/10/14 13:02:53 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2013/10/14 13:02:53 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/10/14 13:02:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2013/10/14 13:02:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2013/10/14 13:02:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2013/10/14 13:02:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2013/10/14 13:02:52 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2013/10/14 13:02:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2013/10/14 13:02:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013/10/14 13:02:51 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013/10/14 13:02:50 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2013/10/14 13:02:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2013/10/14 13:02:50 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/10/14 13:02:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2013/10/14 13:02:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2013/10/14 13:02:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2013/10/14 13:02:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2013/10/14 13:02:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2013/10/14 13:02:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2013/10/14 13:02:46 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2013/10/14 13:02:46 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2013/10/14 13:02:41 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2013/10/14 13:02:41 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2013/10/14 13:02:39 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2013/10/14 13:02:39 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2013/10/14 13:02:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2013/10/14 13:02:39 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2013/10/14 13:02:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2013/10/14 13:02:38 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2013/10/14 13:02:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2013/10/14 13:02:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/10/14 13:02:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2013/10/14 13:02:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2013/10/14 13:02:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2013/10/14 13:02:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2013/10/14 13:02:31 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2013/10/14 13:02:31 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2013/10/14 13:02:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2013/10/14 13:02:30 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2013/10/14 13:02:29 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2013/10/14 13:02:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2013/10/14 13:02:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2013/10/14 13:02:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2013/10/14 13:02:26 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2013/10/14 13:02:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2013/10/14 13:02:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2013/10/14 13:02:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2013/10/14 13:02:25 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2013/10/14 13:02:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2013/10/14 13:02:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2013/10/14 13:02:21 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2013/10/14 13:02:21 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2013/10/14 13:02:21 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2013/10/14 13:02:21 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2013/10/14 13:02:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2013/10/14 13:02:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2013/10/14 13:02:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2013/10/14 13:02:20 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2013/10/14 13:02:20 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2013/10/14 13:02:18 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013/10/14 13:02:17 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2013/10/14 13:02:17 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2013/10/14 13:02:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2013/10/14 13:02:16 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2013/10/14 13:02:16 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2013/10/14 13:02:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2013/10/14 13:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2013/10/14 13:02:15 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2013/10/14 13:02:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2013/10/14 13:02:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/10/14 13:02:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2013/10/14 13:02:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2013/10/14 13:02:13 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2013/10/14 13:02:13 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2013/10/14 13:02:13 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2013/10/14 13:02:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013/10/14 13:02:12 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2013/10/14 13:02:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2013/10/14 13:02:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2013/10/14 13:02:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2013/10/14 13:02:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2013/10/14 13:02:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2013/10/14 13:02:10 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2013/10/14 13:02:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2013/10/14 13:02:09 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2013/10/14 13:02:09 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013/10/14 13:02:09 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013/10/14 13:02:09 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2013/10/14 13:02:09 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2013/10/14 13:02:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013/10/14 13:02:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2013/10/14 13:02:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013/10/14 13:02:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2013/10/14 13:02:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2013/10/14 13:02:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2013/10/14 13:02:07 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013/10/14 13:02:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013/10/14 13:02:06 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2013/10/14 13:02:05 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2013/10/14 13:02:05 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2013/10/14 13:02:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013/10/14 13:02:04 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2013/10/14 13:02:03 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2013/10/14 13:02:02 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2013/10/14 13:02:02 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2013/10/14 13:02:01 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2013/10/14 13:02:01 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2013/10/14 13:02:01 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2013/10/14 13:02:00 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2013/10/14 13:02:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2013/10/14 13:02:00 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2013/10/14 13:02:00 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2013/10/14 13:01:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2013/10/14 13:01:59 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2013/10/14 13:01:58 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2013/10/14 13:01:58 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2013/10/14 13:01:58 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2013/10/14 13:01:57 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2013/10/14 13:01:56 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2013/10/14 13:01:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2013/10/14 13:01:52 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2013/10/14 13:01:51 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2013/10/14 13:01:51 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2013/10/14 13:01:51 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2013/10/14 13:01:50 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2013/10/14 13:01:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2013/10/14 13:01:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/10/14 13:01:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2013/10/14 13:01:46 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2013/10/14 13:01:46 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/10/14 13:01:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2013/10/14 13:01:37 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2013/10/14 13:01:36 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2013/10/14 13:01:36 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2013/10/14 13:01:30 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2013/10/14 13:01:29 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013/10/14 13:01:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2013/10/14 13:01:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2013/10/14 13:01:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2013/10/14 13:01:28 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2013/10/14 13:01:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2013/10/14 13:01:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2013/10/14 13:01:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2013/10/14 13:01:27 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2013/10/14 13:01:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2013/10/14 13:01:26 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2013/10/14 13:01:26 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2013/10/14 13:01:26 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2013/10/14 13:01:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2013/10/14 13:01:25 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2013/10/14 13:01:25 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2013/10/14 13:01:24 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2013/10/14 13:01:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2013/10/14 13:01:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2013/10/14 13:01:19 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2013/10/14 13:01:17 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2013/10/14 13:01:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2013/10/14 13:01:17 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2013/10/14 13:01:16 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2013/10/14 13:01:16 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2013/10/14 13:01:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2013/10/14 13:01:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2013/10/14 13:01:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2013/10/14 13:01:14 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2013/10/14 13:01:14 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/10/14 13:01:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013/10/14 13:01:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2013/10/14 13:01:13 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2013/10/14 13:01:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2013/10/14 13:01:11 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2013/10/14 13:01:10 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2013/10/14 13:01:10 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2013/10/14 13:01:10 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2013/10/14 13:01:10 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2013/10/14 13:01:09 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2013/10/14 13:01:09 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2013/10/14 13:01:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/14 13:01:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2013/10/14 13:01:07 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2013/10/14 13:01:07 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2013/10/14 13:01:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2013/10/14 13:01:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/14 13:01:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2013/10/14 13:01:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2013/10/14 13:01:05 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2013/10/14 13:01:05 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/14 13:01:04 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2013/10/14 13:01:04 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2013/10/14 13:01:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/10/14 13:01:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2013/10/14 13:01:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2013/10/14 13:01:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2013/10/14 13:01:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2013/10/14 13:01:01 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2013/10/14 13:01:00 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2013/10/14 13:01:00 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2013/10/14 13:01:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2013/10/14 13:01:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2013/10/14 13:00:59 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2013/10/14 13:00:59 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2013/10/14 13:00:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2013/10/14 13:00:59 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2013/10/14 13:00:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2013/10/14 13:00:58 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2013/10/14 13:00:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2013/10/14 13:00:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2013/10/14 13:00:58 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2013/10/14 13:00:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2013/10/14 13:00:57 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2013/10/14 13:00:57 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2013/10/14 13:00:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2013/10/14 13:00:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2013/10/14 13:00:56 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2013/10/14 13:00:55 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2013/10/14 13:00:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2013/10/14 13:00:54 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2013/10/14 13:00:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2013/10/14 13:00:53 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2013/10/14 13:00:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2013/10/14 13:00:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2013/10/14 13:00:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2013/10/14 13:00:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2013/10/14 13:00:50 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2013/10/14 13:00:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2013/10/14 13:00:47 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2013/10/14 13:00:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2013/10/14 13:00:46 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2013/10/14 13:00:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2013/10/14 13:00:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2013/10/14 13:00:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2013/10/14 13:00:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2013/10/14 13:00:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2013/10/14 13:00:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2013/10/14 13:00:41 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2013/10/14 13:00:40 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll

NorthLight · Oct 22, 2013

OTL log part 3

[2013/10/14 12:53:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2013/10/14 12:47:31 | 000,000,000 | ---D | C] -- C:\03086a4ad6c74b04e539a6d7
[2013/10/14 11:50:42 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\WindowsUpdate
[2013/10/14 11:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/10/14 11:39:24 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2013/10/14 11:37:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013/10/14 11:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/10/14 11:35:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/10/14 11:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/10/14 11:33:34 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2013/10/14 11:32:57 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Microsoft Help
[2013/10/14 11:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/10/14 11:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/10/14 11:30:57 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/10/13 23:21:05 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2013/10/13 23:21:01 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/13 23:20:57 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2013/10/13 23:20:56 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2013/10/13 23:20:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2013/10/13 23:20:43 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2013/10/13 13:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2013/10/13 13:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2013/10/12 21:46:12 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Google
[2013/10/12 21:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\Image Converter
[2013/10/12 21:23:55 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\HpUpdate
[2013/10/12 21:23:44 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2013/10/12 19:08:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2013/10/12 19:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/10/12 18:56:35 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\Programs
[2013/10/12 17:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013/10/12 17:12:32 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Canneverbe Limited
[2013/10/12 17:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013/10/12 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Macromedia
[2013/10/12 17:00:22 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2013/10/12 17:00:22 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\IrfanView
[2013/10/12 17:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2013/10/12 16:49:30 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/12 16:49:29 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/10/12 16:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/10/12 16:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/10/12 16:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/10/12 16:36:28 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Adobe
[2013/10/12 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Documents\My Kindle Content
[2013/10/12 16:32:58 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/10/12 16:32:16 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Amazon
[2013/10/12 16:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\EasyGPS
[2013/10/12 16:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013/10/12 15:43:33 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\FlickrNet
[2013/10/12 15:19:29 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Macromedia
[2013/10/12 14:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2013/10/12 03:10:37 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2013/10/12 03:10:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2013/10/12 03:10:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2013/10/12 03:10:36 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2013/10/12 03:10:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2013/10/12 03:09:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2013/10/12 03:09:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2013/10/12 03:08:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2013/10/12 03:08:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2013/10/12 03:07:51 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2013/10/12 03:07:51 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2013/10/12 03:07:50 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2013/10/12 03:07:50 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2013/10/12 03:07:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2013/10/12 03:07:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2013/10/12 03:07:49 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2013/10/12 03:07:49 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2013/10/12 03:07:49 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2013/10/12 00:16:32 | 000,000,000 | -HSD | C] -- C:\Boot
[2013/10/12 00:15:52 | 000,000,000 | ---D | C] -- C:\Windows\PANTHER
[2013/10/12 00:15:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2013/10/11 23:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2013/10/11 22:19:22 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Adobe
[2013/10/11 22:19:12 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\HP
[2013/10/11 21:23:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013/10/11 21:22:14 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/10/11 21:20:09 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/10/11 21:19:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013/10/11 21:19:44 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013/10/11 21:19:41 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 21:19:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/10/11 21:17:41 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2013/10/11 21:17:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2013/10/11 21:15:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2013/10/11 21:15:26 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2013/10/11 21:15:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2013/10/11 21:13:53 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2013/10/11 21:13:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2013/10/11 21:13:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2013/10/11 21:13:52 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2013/10/11 21:13:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2013/10/11 21:13:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2013/10/11 21:13:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2013/10/11 21:04:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013/10/11 21:04:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2013/10/11 20:56:04 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2013/10/11 20:56:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2013/10/11 20:56:03 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2013/10/11 20:56:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2013/10/11 20:56:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2013/10/11 20:56:02 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2013/10/11 20:44:54 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2013/10/11 20:44:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2013/10/11 20:42:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/10/11 20:42:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/10/11 20:41:45 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2013/10/11 20:39:44 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013/10/11 20:21:53 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/10/11 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2013/10/11 20:16:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013/10/11 20:14:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2013/10/11 20:14:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2013/10/11 20:10:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013/10/11 20:05:13 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2013/10/11 20:05:13 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2013/10/11 20:05:13 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2013/10/11 20:05:13 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2013/10/11 20:05:12 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2013/10/11 20:05:12 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2013/10/11 20:05:12 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2013/10/11 20:05:12 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2013/10/11 20:05:11 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2013/10/11 20:05:10 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2013/10/11 20:05:09 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2013/10/11 20:05:09 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2013/10/11 20:05:08 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2013/10/11 20:05:08 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2013/10/11 20:05:08 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2013/10/11 20:05:07 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2013/10/11 20:05:06 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2013/10/11 20:05:06 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2013/10/11 20:05:06 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2013/10/11 20:05:05 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2013/10/11 20:05:05 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2013/10/11 20:05:04 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2013/10/11 20:05:04 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2013/10/11 20:05:04 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2013/10/11 20:05:03 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2013/10/11 20:05:03 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2013/10/11 20:05:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2013/10/11 20:05:02 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2013/10/11 20:05:02 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2013/10/11 20:04:59 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2013/10/11 20:04:58 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2013/10/11 20:04:58 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2013/10/11 20:04:58 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2013/10/11 20:04:57 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2013/10/11 20:04:57 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2013/10/11 20:04:57 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2013/10/11 20:04:56 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2013/10/11 20:04:55 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2013/10/11 20:04:55 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2013/10/11 20:04:55 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2013/10/11 20:04:54 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2013/10/11 20:04:52 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2013/10/11 20:04:52 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2013/10/11 20:04:52 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2013/10/11 20:04:51 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2013/10/11 20:04:51 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2013/10/11 20:04:51 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2013/10/11 20:04:51 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2013/10/11 20:04:50 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2013/10/11 20:04:50 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2013/10/11 20:04:50 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2013/10/11 20:04:49 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2013/10/11 20:04:49 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2013/10/11 20:04:49 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2013/10/11 20:04:49 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2013/10/11 20:04:48 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2013/10/11 20:04:47 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2013/10/11 20:04:47 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2013/10/11 20:04:47 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2013/10/11 20:04:47 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2013/10/11 20:04:46 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2013/10/11 20:04:46 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2013/10/11 20:04:46 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2013/10/11 20:04:46 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2013/10/11 20:04:45 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2013/10/11 20:04:45 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2013/10/11 20:04:44 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2013/10/11 20:04:44 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2013/10/11 20:04:44 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2013/10/11 20:04:43 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2013/10/11 20:04:43 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2013/10/11 20:04:42 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2013/10/11 20:04:42 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2013/10/11 20:04:42 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2013/10/11 20:04:42 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2013/10/11 20:04:41 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2013/10/11 20:04:41 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2013/10/11 19:59:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2013/10/11 19:59:43 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2013/10/11 19:59:42 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2013/10/11 19:59:42 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013/10/11 19:59:42 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2013/10/11 19:59:42 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2013/10/11 19:59:42 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2013/10/11 19:59:41 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2013/10/11 19:59:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2013/10/11 19:56:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2013/10/11 19:56:46 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2013/10/11 19:56:45 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2013/10/11 19:56:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2013/10/11 19:56:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2013/10/11 19:56:44 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2013/10/11 19:56:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2013/10/11 19:54:59 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2013/10/11 19:54:59 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2013/10/11 19:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2013/10/11 19:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/10/11 19:46:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013/10/11 19:45:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2013/10/11 19:45:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2013/10/11 19:42:04 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2013/10/11 19:42:03 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/10/11 19:41:06 | 000,966,656 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpost_p02c.dll
[2013/10/11 19:41:06 | 000,315,392 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hposc_p02a.dll
[2013/10/11 19:41:05 | 000,712,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hposwia_p02c.dll
[2013/10/11 19:41:05 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppldcoi.dll
[2013/10/11 19:41:05 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2013/10/11 19:40:28 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2013/10/11 19:40:00 | 000,123,904 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpf3l70v.dll
[2013/10/11 19:39:54 | 000,000,000 | ---D | C] -- C:\Users\ADB49\{ea923793-435b-419d-b4c2-385cf01d320b}
[2013/10/11 19:37:06 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013/10/11 19:32:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013/10/11 19:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/10/11 19:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/10/11 18:48:37 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2013/10/11 18:48:37 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2013/10/11 18:31:06 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/10/11 18:30:37 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2013/10/11 18:30:36 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2013/10/11 18:29:44 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2013/10/11 18:28:57 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2013/10/11 18:27:20 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2013/10/11 18:26:09 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2013/10/11 18:26:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2013/10/11 18:25:26 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2013/10/11 18:24:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2013/10/11 18:24:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2013/10/11 18:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2013/10/11 18:24:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2013/10/11 16:52:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Mozilla
[2013/10/11 16:52:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Mozilla
[2013/10/11 16:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/10/11 16:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/10/11 16:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/10/11 16:42:54 | 000,403,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/10/11 16:42:54 | 000,035,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/10/11 16:42:51 | 000,054,832 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/10/11 16:42:50 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/10/11 16:42:49 | 000,774,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/10/11 16:42:44 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/10/11 16:42:44 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/10/11 16:41:58 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/10/11 16:41:33 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/10/11 16:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/10/11 16:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/10/11 16:12:39 | 000,014,168 | ---- | C] (Zeal SoftStudio) -- C:\Windows\System32\drivers\zntport.sys
[2013/10/11 16:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2013/10/11 16:12:33 | 000,073,728 | ---- | C] (Macrovision Corporation) -- C:\Windows\System32\ISUSPM.cpl
[2013/10/11 16:12:33 | 000,065,536 | ---- | C] (Zeal SoftStudio) -- C:\Windows\System32\NTPORT.DLL
[2013/10/11 16:12:33 | 000,000,000 | ---D | C] -- C:\Program Files\FSC
[2013/10/11 16:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/10/11 16:10:30 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\InstallShield
[2013/10/11 16:08:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013/10/11 16:08:10 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013/10/11 16:08:08 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013/10/11 16:08:08 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013/10/11 16:08:08 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013/10/11 16:08:08 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013/10/11 16:08:04 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2013/10/11 16:08:04 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013/10/11 16:08:03 | 000,563,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013/10/11 16:08:03 | 000,017,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2013/10/11 16:08:02 | 004,702,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2013/10/11 16:08:02 | 002,072,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013/10/11 16:08:02 | 000,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013/10/11 16:08:02 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
[2013/10/11 16:08:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013/10/11 16:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/10/11 16:07:48 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/10/11 16:07:48 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2013/10/11 16:07:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/10/11 16:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiS VGA Utilities
[2013/10/11 16:07:09 | 000,006,656 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSApi.dll
[2013/10/11 16:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\SiS VGA Utilities
[2013/10/11 16:05:46 | 004,078,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSGlv.dll
[2013/10/11 16:05:46 | 003,625,984 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SISGRUMD.dll
[2013/10/11 16:05:46 | 000,655,360 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSClone.dll
[2013/10/11 16:05:46 | 000,456,568 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\drivers\SISGRKMD.sys
[2013/10/11 16:05:46 | 000,212,992 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSFunc.dll
[2013/10/11 16:05:46 | 000,006,656 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSCo.dll
[2013/10/11 16:05:46 | 000,005,632 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSKrl.dll
[2013/10/11 16:05:45 | 000,056,184 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\drivers\SISAGPX.SYS
[2013/10/11 16:05:13 | 000,022,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2013/10/11 15:47:21 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/10/11 15:47:21 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Searches
[2013/10/11 15:47:21 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/10/11 15:47:12 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Identities
[2013/10/11 15:47:11 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Contacts
[2013/10/11 15:47:10 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\VirtualStore
[2013/10/11 15:47:06 | 000,000,000 | --SD | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Videos
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Saved Games
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Pictures
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Music
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Links
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Favorites
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Downloads
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Documents
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Desktop
[2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\AppData\Local\Temporary Internet Files
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Templates
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Start Menu
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\SendTo
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Recent
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\PrintHood
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\NetHood
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Documents\My Videos
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Documents\My Pictures
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Documents\My Music
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\My Documents
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Local Settings
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\AppData\Local\History
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Cookies
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Application Data
[2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\AppData\Local\Application Data
[2013/10/11 15:47:06 | 000,000,000 | -H-D | C] -- C:\Users\ADB49\AppData
[2013/10/11 15:47:06 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Temp
[2013/10/11 15:47:06 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Microsoft
[2013/10/11 15:46:56 | 000,516,784 | R--- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\System32\XceedCry.dll
[2013/10/11 15:21:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/10/11 15:19:55 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2013/10/11 15:18:41 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/10/11 15:18:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========

[2013/10/22 15:34:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ADB49\Desktop\OTL.exe
[2013/10/22 15:24:28 | 001,033,335 | ---- | M] (Thisisu) -- C:\Users\ADB49\Desktop\JRT.exe
[2013/10/22 14:44:21 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 14:44:18 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 14:42:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/22 14:42:47 | 802,340,864 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/22 10:37:39 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/22 10:34:33 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ADB49\Desktop\mbam-setup-1.75.0.1300.exe
[2013/10/22 10:32:44 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\ADB49\Desktop\GooredFix.exe
[2013/10/22 10:29:55 | 000,000,096 | ---- | M] () -- C:\Users\ADB49\AppData\Roaming\WB.CFG
[2013/10/22 10:29:44 | 000,000,006 | ---- | M] () -- C:\Users\ADB49\AppData\Roaming\WBPU-TTL.DAT
[2013/10/21 11:58:30 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/10/21 11:58:30 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/10/21 11:58:30 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/10/21 11:58:30 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/10/21 11:58:30 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/10/21 11:58:30 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/10/21 11:58:29 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/10/21 11:58:29 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/10/21 11:58:26 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/10/21 11:58:26 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/10/21 11:56:03 | 000,002,627 | ---- | M] () -- C:\Users\ADB49\Desktop\Word.lnk
[2013/10/21 11:53:16 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/10/20 18:05:08 | 000,140,848 | ---- | M] () -- C:\Users\ADB49\Documents\Journey North.pdf
[2013/10/19 17:01:38 | 000,002,585 | ---- | M] () -- C:\Users\ADB49\Desktop\Excel.lnk
[2013/10/19 16:12:29 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/19 16:12:28 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/18 22:45:07 | 000,133,062 | ---- | M] () -- C:\Users\ADB49\Documents\From Marvig to Nanaimo.pdf
[2013/10/17 09:15:47 | 000,000,913 | ---- | M] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/10/16 10:24:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2013/10/14 22:01:07 | 000,271,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/14 15:08:43 | 000,000,943 | ---- | M] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/14 13:50:57 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2013/10/14 13:50:38 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2013/10/14 13:38:23 | 000,049,152 | ---- | M] () -- C:\Windows\SPInstall.etl
[2013/10/14 12:47:46 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll
[2013/10/14 12:47:41 | 000,047,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe
[2013/10/13 23:19:57 | 035,373,056 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2013/10/13 23:19:54 | 000,049,152 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2013/10/13 23:19:54 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2013/10/13 16:13:22 | 000,000,355 | ---- | M] () -- C:\Users\ADB49\Desktop\Downloads.lnk
[2013/10/12 19:08:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\http.sys.mui
[2013/10/12 19:08:56 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2013/10/12 18:56:08 | 000,000,104 | ---- | M] () -- C:\Users\ADB49\Desktop\Computer.lnk
[2013/10/12 18:54:59 | 000,000,373 | ---- | M] () -- C:\Users\ADB49\Desktop\Documents.lnk
[2013/10/12 18:54:52 | 000,000,370 | ---- | M] () -- C:\Users\ADB49\Desktop\Pictures.lnk
[2013/10/12 17:00:22 | 000,000,807 | ---- | M] () -- C:\Users\ADB49\Desktop\IrfanView.lnk
[2013/10/12 16:49:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/12 16:49:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/10/12 16:32:58 | 000,002,018 | ---- | M] () -- C:\Users\ADB49\Desktop\Kindle.lnk
[2013/10/12 16:30:03 | 000,000,800 | ---- | M] () -- C:\Users\ADB49\Desktop\EasyGPS.lnk
[2013/10/12 14:59:56 | 000,174,431 | ---- | M] () -- C:\Windows\hpoins43.dat
[2013/10/12 03:10:37 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2013/10/12 03:10:37 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2013/10/12 03:10:37 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2013/10/12 03:10:37 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2013/10/12 03:10:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2013/10/12 03:10:36 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2013/10/12 03:10:36 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2013/10/12 03:09:26 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2013/10/12 03:09:26 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2013/10/12 03:08:35 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2013/10/12 03:08:35 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2013/10/12 03:07:51 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2013/10/12 03:07:51 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2013/10/12 03:07:50 | 000,511,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2013/10/12 03:07:50 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2013/10/12 03:07:50 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2013/10/12 03:07:50 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2013/10/12 03:07:50 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2013/10/12 03:07:49 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2013/10/12 03:07:49 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2013/10/12 00:16:34 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2013/10/11 21:33:13 | 000,201,299 | ---- | M] () -- C:\Windows\hpoins43.dat.temp
[2013/10/11 21:23:29 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013/10/11 21:20:09 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/10/11 21:19:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013/10/11 21:19:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013/10/11 21:19:41 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 21:19:38 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/10/11 21:17:41 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2013/10/11 21:17:41 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2013/10/11 21:15:26 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2013/10/11 21:15:26 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2013/10/11 21:15:26 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2013/10/11 21:13:53 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2013/10/11 21:13:53 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2013/10/11 21:13:53 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2013/10/11 21:13:52 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2013/10/11 21:13:52 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2013/10/11 21:13:52 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2013/10/11 21:13:52 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2013/10/11 21:04:48 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013/10/11 21:04:47 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2013/10/11 20:56:04 | 002,868,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2013/10/11 20:56:03 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2013/10/11 20:56:03 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2013/10/11 20:56:03 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2013/10/11 20:56:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2013/10/11 20:56:02 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2013/10/11 20:44:54 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2013/10/11 20:44:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2013/10/11 20:42:49 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/10/11 20:42:49 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/10/11 20:41:45 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2013/10/11 20:39:44 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013/10/11 20:26:09 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/10/11 20:21:53 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/10/11 20:05:13 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2013/10/11 20:05:13 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2013/10/11 20:05:13 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2013/10/11 20:05:13 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2013/10/11 20:05:12 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2013/10/11 20:05:12 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2013/10/11 20:05:12 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2013/10/11 20:05:12 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2013/10/11 20:05:11 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2013/10/11 20:05:11 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2013/10/11 20:05:10 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2013/10/11 20:05:09 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2013/10/11 20:05:08 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2013/10/11 20:05:08 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2013/10/11 20:05:08 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2013/10/11 20:05:07 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2013/10/11 20:05:07 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2013/10/11 20:05:06 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2013/10/11 20:05:06 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2013/10/11 20:05:05 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2013/10/11 20:05:05 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2013/10/11 20:05:04 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2013/10/11 20:05:04 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2013/10/11 20:05:04 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2013/10/11 20:05:03 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2013/10/11 20:05:03 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2013/10/11 20:05:03 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2013/10/11 20:05:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2013/10/11 20:05:02 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2013/10/11 20:05:01 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2013/10/11 20:04:59 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2013/10/11 20:04:58 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2013/10/11 20:04:58 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2013/10/11 20:04:58 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2013/10/11 20:04:57 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2013/10/11 20:04:57 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2013/10/11 20:04:56 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2013/10/11 20:04:56 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2013/10/11 20:04:55 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2013/10/11 20:04:55 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2013/10/11 20:04:55 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2013/10/11 20:04:54 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2013/10/11 20:04:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2013/10/11 20:04:52 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2013/10/11 20:04:52 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2013/10/11 20:04:52 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2013/10/11 20:04:51 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2013/10/11 20:04:51 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2013/10/11 20:04:51 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2013/10/11 20:04:51 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2013/10/11 20:04:50 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2013/10/11 20:04:50 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2013/10/11 20:04:50 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2013/10/11 20:04:49 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2013/10/11 20:04:49 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2013/10/11 20:04:49 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2013/10/11 20:04:49 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2013/10/11 20:04:48 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2013/10/11 20:04:48 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2013/10/11 20:04:47 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2013/10/11 20:04:47 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2013/10/11 20:04:47 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2013/10/11 20:04:46 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2013/10/11 20:04:46 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2013/10/11 20:04:46 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2013/10/11 20:04:46 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2013/10/11 20:04:45 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2013/10/11 20:04:45 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2013/10/11 20:04:45 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2013/10/11 20:04:44 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2013/10/11 20:04:44 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2013/10/11 20:04:43 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2013/10/11 20:04:43 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2013/10/11 20:04:43 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2013/10/11 20:04:42 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2013/10/11 20:04:42 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2013/10/11 20:04:42 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2013/10/11 20:04:41 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2013/10/11 20:04:41 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2013/10/11 19:59:47 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2013/10/11 19:59:43 | 000,927,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2013/10/11 19:59:42 | 000,988,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2013/10/11 19:59:42 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013/10/11 19:59:42 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2013/10/11 19:59:42 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2013/10/11 19:59:42 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2013/10/11 19:59:41 | 000,615,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2013/10/11 19:59:41 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2013/10/11 19:56:47 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2013/10/11 19:56:46 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2013/10/11 19:56:45 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2013/10/11 19:56:45 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2013/10/11 19:56:45 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2013/10/11 19:56:44 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2013/10/11 19:56:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2013/10/11 19:54:59 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2013/10/11 19:54:59 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2013/10/11 19:46:55 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013/10/11 19:45:04 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2013/10/11 19:45:04 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2013/10/11 19:42:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2013/10/11 19:42:03 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/10/11 19:32:11 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013/10/11 18:48:37 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2013/10/11 18:48:37 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2013/10/11 18:31:06 | 001,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/10/11 18:30:37 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2013/10/11 18:30:36 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2013/10/11 18:29:44 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2013/10/11 18:28:57 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2013/10/11 18:27:20 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2013/10/11 18:26:09 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2013/10/11 18:26:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2013/10/11 18:25:26 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2013/10/11 18:24:25 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2013/10/11 18:24:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2013/10/11 18:24:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2013/10/11 16:52:22 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/10/11 16:37:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2013/10/11 16:12:33 | 000,000,707 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WirelessSelector.lnk
[2013/10/11 16:11:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/10/11 16:08:11 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013/10/11 16:07:48 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2013/10/11 16:07:37 | 000,000,680 | ---- | M] () -- C:\Users\ADB49\AppData\Local\d3d9caps.dat
[2013/10/11 15:22:35 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[1 C:\*.tmp files -> C:\*.tmp -> ]

NorthLight · Oct 22, 2013

OTL log part 4, Extras.txt

========== Files Created - No Company Name ==========

[2013/10/22 10:37:39 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/20 17:39:02 | 000,140,848 | ---- | C] () -- C:\Users\ADB49\Documents\Journey North.pdf
[2013/10/18 22:44:59 | 000,133,062 | ---- | C] () -- C:\Users\ADB49\Documents\From Marvig to Nanaimo.pdf
[2013/10/17 09:45:27 | 802,340,864 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/17 09:15:47 | 000,000,913 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/10/16 12:30:51 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/10/16 10:24:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2013/10/14 21:01:22 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/10/14 21:01:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/10/14 21:01:07 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2013/10/14 20:23:40 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2013/10/14 20:23:29 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2013/10/14 20:23:29 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2013/10/14 13:07:13 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2013/10/14 13:05:27 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2013/10/14 13:05:06 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2013/10/14 13:05:00 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2013/10/14 13:04:50 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2013/10/14 13:04:50 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2013/10/14 13:04:04 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2013/10/14 13:04:02 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2013/10/14 13:02:54 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2013/10/14 13:02:47 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2013/10/14 13:02:39 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/10/14 13:01:37 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013/10/14 12:49:21 | 000,049,152 | ---- | C] () -- C:\Windows\SPInstall.etl
[2013/10/14 12:04:45 | 000,002,627 | ---- | C] () -- C:\Users\ADB49\Desktop\Word.lnk
[2013/10/14 12:04:36 | 000,002,585 | ---- | C] () -- C:\Users\ADB49\Desktop\Excel.lnk
[2013/10/13 16:13:20 | 000,000,355 | ---- | C] () -- C:\Users\ADB49\Desktop\Downloads.lnk
[2013/10/12 22:53:09 | 000,000,006 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\WBPU-TTL.DAT
[2013/10/12 22:53:08 | 000,000,096 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\WB.CFG
[2013/10/12 18:56:08 | 000,000,104 | ---- | C] () -- C:\Users\ADB49\Desktop\Computer.lnk
[2013/10/12 18:54:59 | 000,000,373 | ---- | C] () -- C:\Users\ADB49\Desktop\Documents.lnk
[2013/10/12 18:54:52 | 000,000,370 | ---- | C] () -- C:\Users\ADB49\Desktop\Pictures.lnk
[2013/10/12 17:12:32 | 000,001,684 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013/10/12 17:00:22 | 000,000,807 | ---- | C] () -- C:\Users\ADB49\Desktop\IrfanView.lnk
[2013/10/12 16:41:26 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/10/12 16:32:58 | 000,002,018 | ---- | C] () -- C:\Users\ADB49\Desktop\Kindle.lnk
[2013/10/12 16:30:03 | 000,000,800 | ---- | C] () -- C:\Users\ADB49\Desktop\EasyGPS.lnk
[2013/10/12 16:28:11 | 000,000,800 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyGPS.lnk
[2013/10/12 14:46:58 | 000,201,299 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2013/10/12 14:46:58 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2013/10/12 03:10:37 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2013/10/12 03:10:36 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2013/10/12 00:16:34 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2013/10/12 00:16:32 | 000,333,203 | RHS- | C] () -- C:\bootmgr
[2013/10/12 00:15:52 | 000,057,656 | R--- | C] () -- C:\Windows\System32\OEMLOGO.BMP
[2013/10/12 00:15:52 | 000,057,656 | R--- | C] () -- C:\Windows\FSC_LOGO_POSITIVE_JPG_MIDDLE.BMP
[2013/10/12 00:15:52 | 000,005,658 | R--- | C] () -- C:\Windows\System32\OEMLOGO.PNG
[2013/10/11 20:26:09 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/10/11 19:30:23 | 000,174,431 | ---- | C] () -- C:\Windows\hpoins43.dat
[2013/10/11 19:30:23 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2013/10/11 18:51:47 | 000,049,152 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2013/10/11 18:51:47 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2013/10/11 18:51:46 | 035,373,056 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2013/10/11 16:52:22 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/10/11 16:52:22 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/10/11 16:45:01 | 000,000,943 | ---- | C] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/11 16:42:48 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/10/11 16:42:47 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/10/11 16:12:33 | 000,000,707 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WirelessSelector.lnk
[2013/10/11 16:11:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/10/11 16:06:27 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2013/10/11 15:47:22 | 000,000,949 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/10/11 15:47:20 | 000,000,944 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/10/11 15:47:11 | 000,000,915 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2013/10/11 15:47:08 | 000,000,680 | ---- | C] () -- C:\Users\ADB49\AppData\Local\d3d9caps.dat
[2013/10/11 15:47:06 | 000,000,258 | ---- | C] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/10/11 15:47:06 | 000,000,240 | ---- | C] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/10/11 19:56:46 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/10/21 12:48:47 | 000,000,000 | ---D | M] -- C:\Users\ADB49\AppData\Roaming\AVAST Software
[2013/10/12 17:12:32 | 000,000,000 | ---D | M] -- C:\Users\ADB49\AppData\Roaming\Canneverbe Limited
[2013/10/12 17:00:22 | 000,000,000 | ---D | M] -- C:\Users\ADB49\AppData\Roaming\IrfanView

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 22/10/2013 15:37:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ADB49\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

764.46 Mb Total Physical Memory | 307.47 Mb Available Physical Memory | 40.22% Memory free
1.75 Gb Paging File | 1.06 Gb Available in Paging File | 60.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS

Computer Name: ADB | User Name: ADB49 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7B7253AE-A8C7-4CD4-9000-534D79CADD24}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E05ED4-E1D3-46ED-A032-31C0CBD89C8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{1DA282F0-C3B6-4B02-A1A4-9CA6D1A51B0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{23A62794-8DD8-4921-9888-8D81533D472F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{813D5129-F9B3-44B8-B281-CCD9BA9C745A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{94757533-30ED-4573-922E-8019C2A4A1A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{AAC9D887-158A-46C5-B516-2EE4E2074A5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{BA1D08A3-111F-4832-8799-8CC42DBBC16C}" = dir=in | app=d:\setup\hpznui01.exe |
"{BBCE9B16-2EA8-4E71-9EF8-0C1C99D257C6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{BBF67163-EEA0-429C-81FC-876D6B113F57}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{C84941D4-1F3C-439C-B84B-C02834A700E4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{DD6D1D5E-3769-4648-B98D-205E4F8EFC20}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FAF15AF7-70EB-403E-BF0F-3F05A45F1FA2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{023387D9-363D-4377-9DA8-3C38B4458DE6}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |
"UDP Query User{1955DB26-9037-4190-B5B0-3AA9C205D097}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003CD4FD-DB3E-4D12-9A34-8C00FA8A680F}" = WirelessControl
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3E789BE5-3DE0-498C-8F74-35010DACA2ED}" = Wireless LAN Driver
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8A9FC225-75F6-4B5D-911C-0ED230565643}" = HP Product Detection
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB457913-028D-460E-BB4C-D9A6369752CA}" = TouchPad HotKey Utility
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"EasyGPS_is1" = EasyGPS 4.93.0.0
"ERUNT_is1" = ERUNT 1.1j
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"SiS VGA Utilities" = SiS VGA Utilities
"SynTPDeinstKey" = Synaptics Pointing Device Driver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle

< End of report >

ken545 · Oct 22, 2013

:bigthumb:

Everything running ok ?

NorthLight · Oct 22, 2013

So far so good.
I'll keep the thread open for the time being, just in case anything crops up.

ken545 · Oct 22, 2013

Good.

If you like post back in a few days with an update on how things are running. Threads are closed if no response in 3 days so if its closed send me a PM and i will reopen it for you.

We need to update your Java to keep you more secure

Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 7 Update 45, if not proceed with the instructions.
Go to the update Tab and update it
Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )
Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.

You can verify the installation Here

Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.

Malwarebytes is the free version and yours to keep and will not be removed

How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
WhattheTech
Grinler BleepingComputer
GeeksTo Go
Dslreports

NorthLight · Oct 25, 2013

Everything is running fine, at least no problems with malware. Thank you very much for your help

ken545 · Oct 25, 2013

Wonderful, thanks for getting back to me and letting me know.

Any problems in the future just start a new topic

Ken

Browser redirects, URL:Mal2 detected by Avast

NorthLight

New member

ken545

Emeritus-Security Expert

NorthLight

New member

ken545

Emeritus-Security Expert

NorthLight

New member

ken545

Emeritus-Security Expert

NorthLight

New member

ken545

Emeritus-Security Expert

NorthLight

New member

NorthLight

New member

NorthLight

New member

NorthLight

New member

ken545

Emeritus-Security Expert

NorthLight

New member

ken545

Emeritus-Security Expert

NorthLight

New member

ken545

Emeritus-Security Expert