Something hijacked my network and pc, thank you for looking

[maddmaverick]

Hello, on june 11th around 8 pm EST my computers ( desktop and laptop, we will focus on the desktop first) could no longer access the internet but were still accessing the local network, at the time I was using the laptop and the wife was on the desktop. messed around with the laptop all evening with no results, I had unknowingly cut the power to the desktop when powercycling the modem and router. Thursday evening I fired up the desktop thinking it was just the laptop's wireless being stupid and discovered that Microsoft security essentials was turned off and all parts of it disabled. Still no internet. Got MSE running again, ran a scan and found nothing. Also ran a scan with Spybot free edition and found nothing as well. So I tried reinstalling the router with the disk, at which point I discovered that someone or something had changed my routers Network ID and Network password as well as the routers password and all security settings were changed. I put everything back to what it was supposed to be and can now access the internet. But the desktop is taking way longer to boot now, and programs are taking longer to load. Internet is slower. Speedtest is showing slower speeds. Also am getting messages from different pages saying that I need Java and Flash installed. They were previously installed, and I tried updating them to no avail, re-installing to no avail. I looked into the control panel and it is showing they are there and up to date. And they are enabled in the internet options and tools menu. I then purchased the Spybot +AV and installed it and still have found nothing. Sooo here I am, hoping someone with way more knowledge than I can help. Thank you in advance!

ERUNT has been run as per requirements.

DDS:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16555 BrowserJavaVersion: 10.60.2
Run by maverick at 19:36:22 on 2014-06-13
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.657 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\E_TATIHVA.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Windows\system32\vssvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
uProxyServer = localhost:21320
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - c:\program files\epson software\e-web print\ewps_tb.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - c:\program files\epson software\e-web print\ewps_tb.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - c:\program files\epson software\e-web print\ewps_tb.dll
uRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe"
uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_tatihva.exe /ept "epltarget\P0000000000000000" /M "WorkForce 645"
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Plantronics MyHeadset Updater] c:\program files\plantronics\myheadsetupdater\MyHeadsetUpdater.exe
mRun: [BingDesktop] c:\program files\microsoft\bingdesktop\BingDesktop.exe /fromkey
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A799E5BB-EBF4-4344-8FFB-4B9EA72D1D04} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
IFEO: bingdesktop.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"
IFEO: bonus.screenshotreader.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"
IFEO: display.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"
IFEO: excel.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"
IFEO: lightscribecontrolpanel.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R1 SDHookDriver;Hook Test Driver;c:\program files\spybot - search & destroy 2\SDHookDrv32.sys [2014-6-12 46336]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2011-7-5 133944]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-6-9 435032]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 104264]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2014-6-12 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2014-6-12 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2014-6-12 171928]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2014-1-28 1731896]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2011-8-1 45288]
R3 HSXHWBS3;HSXHWBS3;c:\windows\system32\drivers\HSXHWBS3.sys [2008-8-8 207360]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-9-18 10088]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2010-2-5 28048]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
S4 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S4 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-6-27 173192]
S4 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]
S4 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S4 MotoHelper.exe;Motorola Helper;c:\program files\motorola\moto helper service\MotoHelper.exe [2010-9-14 6656]
S4 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]
.
=============== Created Last 30 ================
.
2014-06-13 23:34:21 765968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d0ec69ee-0ebc-4903-a5eb-d4fd85d9bdfa}\gapaengine.dll
2014-06-13 23:33:39 8073384 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8420fc02-181b-4dc0-b702-42bc3d884c39}\mpengine.dll
2014-06-13 00:16:19 -------- d-----w- c:\users\maverick\appdata\local\Adobe
2014-06-12 22:30:02 18968 ----a-w- c:\windows\system32\sdnclean.exe
2014-06-12 22:29:19 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2014-06-12 21:10:54 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{60e3d34c-6ffe-46bf-87b8-26f34a45cbd6}\gapaengine.dll
2014-06-12 21:08:31 8073384 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-05-16 12:56:24 1619632 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
.
==================== Find3M ====================
.
2014-06-12 20:32:35 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-12 20:32:35 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-28 16:39:36 1810432 ----a-w- c:\windows\system32\jscript9.dll
2014-05-28 16:32:59 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-05-28 16:32:25 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-05-28 16:30:53 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-05-28 16:30:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-05-28 16:29:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-28 16:29:27 11776 ----a-w- c:\windows\system32\mshta.exe
2014-05-07 19:02:46 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-26 16:01:22 502784 ----a-w- c:\windows\system32\usp10.dll
2014-04-15 06:34:10 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-04-05 03:23:10 915392 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-04-05 01:49:23 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
============= FINISH: 19:39:10.93 ===============


attach.txt:

View attachment attach (zipped).zipView attachment 11566



aswMBR:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-06-13 19:39:41
-----------------------------
19:39:41.242 OS Version: Windows 6.0.6002 Service Pack 2
19:39:41.242 Number of processors: 2 586 0xF0D
19:39:41.242 ComputerName: NONAME UserName:
19:39:42.833 Initialize success
19:40:54.509 AVAST engine defs: 14061301
19:49:09.700 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:49:09.700 Disk 0 Vendor: Hitachi_HDP725032GLA380 GM3OA57A Size: 305245MB BusType: 3
19:49:09.809 Disk 0 MBR read successfully
19:49:09.809 Disk 0 MBR scan
19:49:09.934 Disk 0 unknown MBR code
19:49:09.934 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294027 MB offset 63
19:49:10.012 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11214 MB offset 602169120
19:49:10.027 Disk 0 scanning sectors +625136400
19:49:10.214 Disk 0 scanning C:\Windows\system32\drivers
19:49:40.260 Service scanning
19:50:07.248 Service MpKsl2bc468c3 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8420FC02-181B-4DC0-B702-42BC3D884C39}\MpKsl2bc468c3.sys **LOCKED** 32
19:50:32.177 Modules scanning
19:50:44.563 Disk 0 trace - called modules:
19:50:44.594 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
19:50:44.594 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85594a90]
19:50:44.594 3 CLASSPNP.SYS[87da88b3] -> nt!IofCallDriver -> [0x84060830]
19:50:44.594 5 acpi.sys[8069b6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84e0b8a0]
19:50:45.952 AVAST engine scan C:\Windows
19:50:50.538 AVAST engine scan C:\Windows\system32
19:56:49.650 AVAST engine scan C:\Windows\system32\drivers
19:57:18.011 AVAST engine scan C:\Users\maverick
20:02:16.907 AVAST engine scan C:\ProgramData
20:08:25.980 Scan finished successfully
20:09:27.085 Disk 0 MBR has been saved successfully to "C:\Users\maverick\Desktop\MBR.dat"
20:09:27.085 The log file has been saved successfully to "C:\Users\maverick\Desktop\aswMBR.txt"


Hopefully I attached the attach.txt correctly, if not please let me know, Thank you again.

 

[shelf life]

hi maddmaverick,

Please download and run Malwarebytes. You can keep and us the free version as a antimalware app. The GUI has changed recently so these directions could be slightly off. Do you know if you use a proxy to access the internet? could be a requirement of your ISP. Lets see what MBAM can dig up:

Please download the free version of Malwarebytes to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

 

[maddmaverick]

Hello shelf life, and thank you very much for taking the time to help us. A little more info has come to light while running the MBAM scan. The wife was taking online college classes thru Franklin University out of Ohio and they required a program called myitlab. It was very problematic and required me disable a lot of security measures inorder to install and run it. I had many security breaches because of it and when she graduated last may I did a complete Factory System Restore on my machine to get rid of it. Now when I was running the MBAM scan I saw many files from the myitlab which really seems strange considering I did a wipe of the system. This was the first time since the restore that I saw any sign of that hateful program.

Anyhow here is the requested log and thank you again for your help!

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/14/2014
Scan Time: 7:35:21 PM
Logfile: MBAM log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.14.07
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: maverick

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 255244
Time Elapsed: 10 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

[maddmaverick]

Forgot to answer your proxy question. I have comcast broadband 105mbs, and no proxy is required.

 

[shelf life]

That log is a good start. The restore option you did must have preserved all the current files. We will get another download to use:

Download RogueKiller.exe
Please disconnect any USB or external drives from the computer before you run this scan
Right-click on icon and select "Run as Admin"
A Prescan will start automatically. When the prescan is done:
Click on the "Scan" button.
Wait until the Status box shows "Scan Finished"
click on Report button. Save the report and Copy/Paste the Report in your next reply.
File>Quit to exit RogueKiller

 

[maddmaverick]

New problem, was going thru all programs with the Secunia psi program and making sure everything was up to date and updated adobe reader x. During the restart after update the pc refused to start again. Held power button to force stop and then restarted. After it took me to a startup repair screen, it took about an hour before pc started again. Which happened while I was typing this on my phone. Pc is running so I will post this and then log in and follow the roguekiller instructions and post back. Thank you.

 

[maddmaverick]

rogue killer log

RogueKiller V9.0.2.0 [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : maverick [Admin rights]
Mode : Scan -- Date : 06/14/2014 23:42:00

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[PUM.Proxy] HKEY_USERS\S-1-5-21-2530652802-1507838073-1352350225-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND
[PUM.Proxy] HKEY_USERS\S-1-5-21-2530652802-1507838073-1352350225-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:21320 -> FOUND
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> FOUND
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2530652802-1507838073-1352350225-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

¤¤¤ Scheduled tasks : 3 ¤¤¤
[Suspicious.Path] \\IHUninstallTrackingTASK -- CMD (/C DEL C:\Users\maverick\AppData\Local\Temp\IHUB193.tmp.exe) -> FOUND
[Suspicious.Path] \\Registration -- "C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe" (Registration ShowMessageTask2D) -> FOUND
[Suspicious.Path] \\{6A06A425-CFD5-42D5-B743-6D727C323EBE} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\maverick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B869A8FB\trilogyii[1].exe" -d C:\Users\maverick\Desktop) -> FOUND

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725032GLA380 ATA Device +++++
--- User ---
[MBR] 3f6d12a8cd38b18f3ddf6aa05f8a6332
[BSP] cbe1a3892920c024e3e7b9efc684338e : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 294027 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 602169120 | Size: 11214 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic USB xD/SM Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

 

[shelf life]

With IE open go to Internet options>connections tab>LAN settings< Under Proxy server, make sure Use a Proxy... is not checked. You have two active antivirus installed: Spybot AV and MSSE, only need one active AV on a machine. More is not better in this case. I would remove one via the add/remove programs panel.
Open IE once more: Internet options>Advanced tab, and at the bottom click on Reset to reset IE back to its defaults.

 

[maddmaverick]

Good call on the proxy setting, for some reason it was turned on. Uninstalled MSE, turned windows defender back on. I had disabled user account management to run erunt is it safe to turn it back on yet? And IE was restored to default. I turned back on delete history on exit though. Internet speeds are back up in the 90's mbps. Restarted pc, still booting very slow and programs very sluggish. Alrighty whats next? Thank you.

 

[shelf life]

You can turn User account control back on.
Not seeing anything that appears to be malware related. Slow startups can be caused by other issues like software, drivers etc.
Lets see if we can drag anything else up with this:

Please download and install highjackhunter. Right click and "run as admin." Click the Scan button. When the scan is done it will generate a text file on your desktop. Please post the log in your reply. To exit hijackhunter: Menu>Exit

 

[maddmaverick]

pg 1 of hijack hunter log

Here is the hijackhunter log, I did not include the hosts file list as it was huge and appeared to be the sites blacklisted by spybot. If it is something you need to see I can add it in another post.

Hijack Hunter 1.8.4.1
http://www.novirusthanks.org
Log created on 6/15/2014 at 1:19:24 PM

[+] Generic system info

Operating System: Windows Vista (TM) Home Premium Service Pack 2 32-bit
Build Version: 6002.vistasp2_gdr.130707-1535
Internet Explorer: 9.0.8112.16421
System Folder: C:\Windows\system32

[+] Running processes

[System Process] (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
System (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
audiodg.exe (0 bytes) (Microsoft Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (65432 bytes) (Adobe Systems Incorporated) (5/8/2014 7:20:58 AM) (--A-) (b362181ed3771dc03b4141927c80f801)
C:\Windows\system32\atashost.exe (133944 bytes) (Cisco WebEx LLC) (7/5/2011 11:48:35 PM) (--A-) (e77ccb62d96a218d62dd4b3b8a385395)
C:\Program Files\Bonjour\mDNSResponder.exe (345376 bytes) (Apple Inc.) (5/18/2010 4:35:14 PM) (--A-) (5ab58c337ac65837fe404462ad6265ab)
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (1809720 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:05 PM) (--A-) (d84aea3f3329d622dfc1297dddf6163b)
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (860472 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:05 PM) (--A-) (4f45ed469906494f9bf754e476390dbd)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (1738200 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:01 PM) (--A-) (11d94599270aa1603f75cb5acbbd266f)
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (2081752 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:05 PM) (--A-) (d91d8344e73283999777083bf17d54e2)
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (1731896 bytes) (TuneUp Software) (1/28/2014 2:08:38 PM) (--A-) (084e60950b0b13f5b078dee75b1046ef)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1710464 bytes) (Microsoft Corp.) (9/21/2010 2:03:14 PM) (--A-) (0a70f4022ec2e14c159efc4f69aa2477)
C:\Windows\system32\DRIVERS\xaudio.exe (386560 bytes) (Conexant Systems, Inc.) (8/8/2008 3:04:29 AM) (--A-) (cd5f291a1161f15896d1a4d63daff5df)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (193408 bytes) (Microsoft Corp.) (9/21/2010 2:03:14 PM) (--A-) (9c879e1c3b27085fb46efeccd7120d51)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (171928 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:12 PM) (--A-) (9b9b368a8ff5caf91d7a333cf62cd2cc)
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (6970168 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:04 PM) (--A-) (4fbc630768570e6ac35c3de8f6ec79f5)
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (1927480 bytes) (TuneUp Software) (1/28/2014 2:08:40 PM) (--A-) (3e30c17939f541125f61ae5abfa6079f)
C:\hp\support\hpsysdrv.exe (65536 bytes) (Hewlett-Packard Company) (8/8/2008 2:15:12 AM) (--A-) (9a4322ee420d6facd4d4b1ff6cb856b1)
C:\Windows\system32\igfxsrvc.exe (252952 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (c5c241a18788eed88e6c276d04b7d6ab)
C:\WINDOWS\System32\hkcmd.exe (173592 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (63ffa18e782debbe8cc62195ad3783ca)
C:\WINDOWS\System32\igfxpers.exe (150552 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (bbf84f08a343374bed5687aa6c5797b8)
C:\Program Files\Microsoft IntelliPoint\ipoint.exe (1821576 bytes) (Microsoft Corporation) (8/1/2011 3:56:42 PM) (--A-) (e774f875819dee4a312a921a88f779fe)
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (4101584 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:00 PM) (--A-) (f336ad03be347dd5b585ad36ac78751b)
C:\WINDOWS\System32\spool\drivers\w32x86\3\E_TATIHVA.EXE (220800 bytes) (SEIKO EPSON CORPORATION) (4/28/2014 8:52:07 PM) (--A-) (4d01e4a61f3a9a01498a79bcac1fe738)
C:\Program Files\Google\Update\GoogleUpdate.exe (136176 bytes) (Google Inc.) (7/18/2011 3:26:34 PM) (--A-) (f02a533f517eb38333cb12a9e8963773)
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (94208 bytes) (Hewlett-Packard) (6/2/2008 6:09:18 PM) (--A-) (a3a30438c48d2d71556e120c9c7ba7a0)
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (412552 bytes) (Microsoft Corporation) (8/1/2011 3:56:42 PM) (--A-) (bf8650d4fefb972a4a6a5ffc1f41c38c)
C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_125_ActiveX.exe (851120 bytes) (Adobe Systems Incorporated) (6/12/2014 4:29:51 PM) (--A-) (1c3f8d315c8b16c24a460831ab729bea)
C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (6/15/2014 1:18:54 PM) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c)

[+] Loaded Modules

C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (1686016 bytes) (Microsoft Corporation) (10/13/2010 11:38:22 AM) (--A-) (be3c082837866c4c291adaf163c10ea6)
C:\Windows\system32\RtkAPO.dll (2898464 bytes) (Realtek Semiconductor Corp.) (8/8/2008 3:04:36 AM) (--A-) (c102de14cd1cc1e2e0205290473a81c4)
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\gdiplus.dll (1748992 bytes) (Microsoft Corporation) (6/10/2014 10:11:00 PM) (--A-) (33f571d9f4b0b4107e60323075f64980)
C:\Windows\System32\E_TLBHVA.DLL (95232 bytes) (SEIKO EPSON CORPORATION) (9/14/2012 2:04:52 PM) (--A-) (2d4744ff25906c84e47ed702a14cceb5)
C:\Windows\System32\enppmon.dll (475410 bytes) (SEIKO EPSON CORPORATION) (9/14/2012 2:09:05 PM) (--A-) (336b96830ac7a93800a76bd4adfa1b9f)
C:\Windows\System32\enpres.dll (249344 bytes) (SEIKO EPSON CORPORATION) (9/14/2012 2:09:05 PM) (--A-) (bed7741c3668517b13a1d15600ca60dc)
C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll (653136 bytes) (Microsoft Corporation) (6/15/2011 12:43:22 PM) (--A-) (cdbe9690cf2b8409facad94fac9479c9)
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll (532480 bytes) (Microsoft Corporation) (10/15/2013 7:12:36 AM) (--A-) (9474ad3584430d24da87517f9db0cbb2)
C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll (569680 bytes) (Microsoft Corporation) (6/15/2011 12:43:22 PM) (--A-) (4c39358ebdd2ffcd9132a30e1ec31e16)
C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL (159048 bytes) (Microsoft Corporation) (6/15/2011 12:43:07 PM) (--A-) (58a14c45a5cd2528f10a889e7b0c3fc2)
C:\Windows\system32\igfxsrvc.dll (51712 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (96a309796ee5a2382c78fd9eafaaaec1)
C:\Windows\system32\igfxrENU.lrc (275968 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (01d0b2391ac4b24a4e973fde37c9132f)
C:\Windows\system32\igfxTMM.dll (257536 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (40104ffe9d38e05ca836814cfc47d258)
C:\Windows\system32\igfxdev.dll (210432 bytes) (Intel Corporation) (8/8/2008 3:04:05 AM) (--A-) (f4c2a48c1f8b76217b2b6bffe52ef695)
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TAUDHVA.DLL (100864 bytes) (SEIKO EPSON CORPORATION) (4/28/2014 8:52:13 PM) (--A-) (9e03d1217cdf1a1ab083e79124802588)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll (505424 bytes) (Microsoft Corporation) (9/11/2013 9:21:54 PM) (--A-) (5e3c0e5ffda48c5da35bbfb8efff8066)
C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll (632656 bytes) (Microsoft Corporation) (6/15/2011 12:32:57 PM) (--A-) (c9564cf4976e7e96b4052737aa2492b4)
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll (11497984 bytes) (Microsoft Corporation) (3/10/2014 11:45:25 AM) (--A-) (b7c0ce3738920ba0df1667e470add3d8)
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll (7977984 bytes) (Microsoft Corporation) (3/10/2014 11:45:42 AM) (--A-) (c3fea503a4e6e7d46567557e4d42f2ea)
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\73726634ae4a00a21279a6a66b081301\System.ServiceProcess.ni.dll (212992 bytes) (Microsoft Corporation) (3/10/2014 12:18:33 PM) (--A-) (5026911e5b9f6e8ec52d036b78a05ae5)
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fbf434299b068c463296945c12845734\System.Runtime.Remoting.ni.dll (774656 bytes) (Microsoft Corporation) (5/27/2014 8:13:39 PM) (--A-) (b9c462f4e2393eb29fd33090054f79f5)
C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll (98304 bytes) (Hewlett-Packard) (8/8/2008 2:22:44 AM) (--A-) (d49a6966cb902a09dd46ce0218da4327)
C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_125_ActiveX.dll (512688 bytes) (Adobe Systems, Inc.) (6/12/2014 4:29:52 PM) (--A-) (ed971520839c0918cf4224d92fbe3e59)

[+] Registry startups

Value: hpsysdrv
Data: c:\hp\support\hpsysdrv.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: IgfxTray
Data: C:\Windows\system32\igfxtray.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: HotKeysCmds
Data: C:\Windows\system32\hkcmd.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: Persistence
Data: C:\Windows\system32\igfxpers.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: IntelliPoint
Data: "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: BCSSync
Data: "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: Plantronics MyHeadset Updater
Data: C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: BingDesktop
Data: C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: SDTray
Data: "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value:
Data:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: Windows Defender
Data: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: EPLTarget\P0000000000000000
Data: C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 645"
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: GarminExpressTrayApp
Data: "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
Key: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run

Value: StubPath
Data: C:\Windows\system32\unregmp2.exe /ShowWMP
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}

Value: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE}
Data: C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}

Value: {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Data: C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}

Value: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Data: C:\Program Files\Java\jre7\bin\ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

Value: {9030D464-4C02-4ABF-8ECC-5164760863C6}
Data: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}

Value: {B4F3A835-0E21-4959-BA22-42B3008E02FF}
Data: C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}

Value: {DBC80044-A445-435b-BC74-9C25C1C588A9}
Data: C:\Program Files\Java\jre7\bin\jp2ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}


[+] Other Startups Methods

Value:
Data: %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L
Key: HKEY_CLASSES_ROOT\Folder\shell\explore\command\

Value: DLLName
Data: igfxdev.dll
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui

Value: DllName
Data: SDWinLogon.dll
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon

Value: Groove GFS Stub Execution Hook
Data: C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
CLSID: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bingdesktop.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bonus.screenshotreader.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\display.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\misc.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ois.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerchute.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pptview.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\printerwizard.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sprint.exe

Value: Debugger
Data: "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe


[+] Startup folders

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk (962 bytes) (Unknown) (9/4/2009 6:48:05 PM) (H-A-) (ffd871f2760d1e7f7ea0f6ba40d26987)

[+] TCPIP nameservers


[+] Internet Explorer settings

Value: ProxyOverride
Data: 192.168.*.*;*.local
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

Value: ProxyServer
Data: localhost:21320
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings


[+] Internet Explorer Trusted Sites


[+] Windows Firewall allowed programs

Value: C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
Data: C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
Data: C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Data: C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
Data: C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List


[+] Windows Firewall allowed ports


[+] System Hijack

Value: ShowSuperHidden
Data: 0
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Value: EnableDCOM
Data: Y
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole

Value: Start
Data: 4
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess


[+] Executables in Temp folders

C:\Users\maverick\AppData\Local\Temp\Set5F6F.tmp (171568 bytes) (InstallShield Software Corporation) (6/14/2014 9:21:49 PM) (--A-) (97ca2704abad6c28fac5d60f82613f29)
C:\Users\maverick\AppData\Local\Temp\SetE1C8.tmp (171568 bytes) (InstallShield Software Corporation) (6/14/2014 9:21:16 PM) (--A-) (97ca2704abad6c28fac5d60f82613f29)
C:\Users\maverick\AppData\Local\Temp\_iu14D2N.tmp (696200 bytes) (Unknown) (6/13/2014 3:59:17 PM) (----) (0ba1acfee0532249412f53ee6374ee93)

[+] Executables in suspicious folders

C:\Windows\system32\drivers\SCTray.exe (40960 bytes) (Socket Communications Inc.) (11/9/2011 9:20:50 PM) (--A-) (5957fb8e1fd27e4b58e8fbab3f128bb1)
C:\Windows\Temp\tmpDD15.tmp.exe (34558352 bytes) (G) (6/12/2014 5:06:39 PM) (--A-) (d4fe513d2e087254f0f6c690ea57d369)

[+] Autorun.ini


[+] Unknown .SYS files

C:\Windows\system32\drivers\adp94xx.sys (422968 bytes) (Adaptec, Inc.) (11/2/2006 3:36:43 AM) (--A-) (04f0fcac69c7c71a3ac4eb97fafc8303)
C:\Windows\system32\drivers\adpahci.sys (300600 bytes) (Adaptec, Inc.) (11/2/2006 3:36:43 AM) (--A-) (60505e0041f7751bdbb80f88bf45c2ce)
C:\Windows\system32\drivers\adpu160m.sys (101432 bytes) (Adaptec, Inc.) (11/2/2006 3:36:43 AM) (--A-) (8a42779b02aec986eab64ecfc98f8bd7)
C:\Windows\system32\drivers\adpu320.sys (149560 bytes) (Adaptec, Inc.) (11/2/2006 3:36:43 AM) (--A-) (241c9e37f8ce45ef51c3de27515ca4e5)
C:\Windows\system32\drivers\aliide.sys (17464 bytes) (Acer Laboratories Inc.) (11/2/2006 4:51:35 AM) (--A-) (9eaef5fc9b8e351afa7e78a6fae91f91)
C:\Windows\system32\drivers\arc.sys (79416 bytes) (Adaptec, Inc.) (11/2/2006 3:36:44 AM) (--A-) (5d2888182fb46632511acee92fdad522)
C:\Windows\system32\drivers\arcsas.sys (79928 bytes) (Adaptec, Inc.) (11/2/2006 3:36:44 AM) (--A-) (5e2a321bd7c8b3624e41fdec3e244945)
C:\Windows\system32\drivers\BrFiltLo.sys (13568 bytes) (Brother Industries, Ltd.) (11/2/2006 5:38:56 AM) (--A-) (9f9acc7f7ccde8a15c282d3f88b43309)
C:\Windows\system32\drivers\BrFiltUp.sys (5248 bytes) (Brother Industries, Ltd.) (11/2/2006 5:37:24 AM) (--A-) (56801ad62213a41f6497f96dee83755a)
C:\Windows\system32\drivers\BrSerId.sys (71808 bytes) (Brother Industries Ltd.) (11/2/2006 5:22:06 AM) (--A-) (b304e75cff293029eddf094246747113)
C:\Windows\system32\drivers\BrSerWdm.sys (62336 bytes) (Brother Industries Ltd.) (11/2/2006 5:36:51 AM) (--A-) (203f0b1e73adadbbb7b7b1fabd901f6b)
C:\Windows\system32\drivers\BrUsbMdm.sys (12160 bytes) (Brother Industries Ltd.) (11/2/2006 5:37:31 AM) (--A-) (bd456606156ba17e60a04e18016ae54b)
C:\Windows\system32\drivers\BrUsbSer.sys (11904 bytes) (Brother Industries Ltd.) (11/2/2006 5:38:00 AM) (--A-) (af72ed54503f717a43268b3cc5faec2e)
C:\Windows\system32\drivers\BthAvrcp.sys (28048 bytes) (CSR, plc) (2/5/2010 6:16:10 AM) (--A-) (3472331b9d460212965b51a8d38e8bec)
C:\Windows\system32\drivers\cmdide.sys (19000 bytes) (CMD Technology, Inc.) (11/2/2006 4:51:35 AM) (--A-) (0ca25e686a4928484e9fdabd168ab629)
C:\Windows\system32\drivers\csrbcx86.sys (31744 bytes) (CSR plc.) (4/4/2013 2:10:32 AM) (--A-) (b2b3b745800cff7f3739b00754ee34da)
C:\Windows\system32\drivers\djsvs.sys (71272 bytes) (Adaptec, Inc.) (11/2/2006 3:36:49 AM) (--A-) (ae1fdf7bf7bb6c6a70f67699d880592a)
C:\Windows\system32\drivers\dvd43llh.sys (18816 bytes) (RIF) (2/24/2011 12:49:26 AM) (--A-) (1fc1eed3ea0c3a0ecf8a95b97e1b4831)
C:\Windows\system32\drivers\E1G60I32.sys (118784 bytes) (Intel Corporation) (1/20/2008 10:23:24 PM) (--A-) (5425f74ac0c1dbd96a1e04f17d63f94c)
C:\Windows\system32\drivers\elxstor.sys (342584 bytes) (Emulex) (11/2/2006 3:36:44 AM) (--A-) (23b62471681a124889978f6295b3f4c6)
C:\Windows\system32\drivers\HpCISSs.sys (40504 bytes) (Hewlett-Packard Company) (11/2/2006 3:36:44 AM) (--A-) (16ee7b23a009e00d835cdb79574a91a6)
C:\Windows\system32\drivers\HSXHWBS3.sys (207360 bytes) (Conexant Systems, Inc.) (8/8/2008 3:04:29 AM) (--A-) (b1322e002bc4a556f83e4edde8e2f30f)
C:\Windows\system32\drivers\HSX_CNXT.sys (661504 bytes) (Conexant Systems, Inc.) (8/8/2008 3:04:29 AM) (--A-) (f1265727c078406299ff4b3b033e3132)
C:\Windows\system32\drivers\HSX_DP.sys (985600 bytes) (Conexant Systems, Inc.) (8/8/2008 3:04:29 AM) (--A-) (617732f6c0f86df3757b1d39211c15e5)
C:\Windows\system32\drivers\iaStorV.sys (235064 bytes) (Intel Corporation) (11/2/2006 3:36:44 AM) (--A-) (54155ea1b0df185878e0fc9ec3ac3a14)
C:\Windows\system32\drivers\igdkmd32.sys (4569088 bytes) (Intel Corporation) (2/26/2009 7:39:50 PM) (--A-) (a9221d13d8f1f772010ee293ba9baeb7)
C:\Windows\system32\drivers\iirsp.sys (41576 bytes) (Intel Corp./ICP vortex GmbH) (11/2/2006 3:36:44 AM) (--A-) (2d077bf86e843f901d8db709c95b49a5)
C:\Windows\system32\drivers\iteatapi.sys (35944 bytes) (Integrated Technology Express, Inc.) (11/2/2006 3:36:45 AM) (--A-) (bced60d16156e428f8df8cf27b0df150)
C:\Windows\system32\drivers\iteraid.sys (35944 bytes) (Integrated Technology Express, Inc.) (11/2/2006 3:36:44 AM) (--A-) (06fa654504a498c30adca8bec4e87e7e)
C:\Windows\system32\drivers\lgusbbus.sys (13056 bytes) (LG Electronics Inc.) (11/8/2009 11:50:20 AM) (--A-) (9419faac6552a51542dbba02971c841c)
C:\Windows\system32\drivers\lgusbdiag.sys (19968 bytes) (LG Electronics Inc.) (11/8/2009 11:50:20 AM) (--A-) (c0a466fa4ffec464320e159bc1bbdc0c)
C:\Windows\system32\drivers\lgusbmodem.sys (24832 bytes) (LG Electronics Inc.) (11/8/2009 11:50:20 AM) (--A-) (f74a54774a9b0afeb3c40adec68aa600)
C:\Windows\system32\drivers\lsi_fc.sys (96312 bytes) (LSI Logic) (11/2/2006 3:36:47 AM) (--A-) (c7e15e82879bf3235b559563d4185365)
C:\Windows\system32\drivers\lsi_sas.sys (89656 bytes) (LSI Logic) (11/2/2006 3:36:46 AM) (--A-) (ee01ebae8c9bf0fa072e0ff68718920a)
C:\Windows\system32\drivers\lsi_scsi.sys (96312 bytes) (LSI Logic) (1/20/2008 10:23:23 PM) (--A-) (912a04696e9ca30146a62afa1463dd5c)
C:\Windows\system32\drivers\mbam.sys (23256 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:02 PM) (--A-) (8683c1b450f4b3872839308d836e0f92)
C:\Windows\system32\drivers\MBAMSwissArmy.sys (110296 bytes) (Malwarebytes Corporation) (6/14/2014 7:33:36 PM) (--A-) (12e71da845d76665b56753ad149e32b3)
C:\Windows\system32\drivers\megasas.sys (31288 bytes) (LSI Corporation) (11/2/2006 3:36:45 AM) (--A-) (0001ce609d66632fa17b84705f658879)
C:\Windows\system32\drivers\MegaSR.sys (386616 bytes) (LSI Corporation, Inc.) (1/20/2008 11:10:19 PM) (--A-) (c252f32cd9a49dbfc25ecf26ebd51a99)
C:\Windows\system32\drivers\Mraid35x.sys (33384 bytes) (LSI Logic Corporation) (11/2/2006 3:36:45 AM) (--A-) (4fbbb70d30fd20ec51f80061703b001e)
C:\Windows\system32\drivers\mwac.sys (51928 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:02 PM) (--A-) (799613ba73d25641402aa81b6403eff8)
C:\Windows\system32\drivers\nfrd960.sys (45160 bytes) (IBM Corporation) (11/2/2006 3:36:44 AM) (--A-) (2e7fb731d4790a1bc6270accefacb36e)
C:\Windows\system32\drivers\ntrigdigi.sys (20608 bytes) (N-trig Innovative Technologies) (11/2/2006 3:36:50 AM) (--A-) (e875c093aec0c978a90f30c9e0dfbb72)
C:\Windows\system32\drivers\nvraid.sys (102968 bytes) (NVIDIA Corporation) (11/2/2006 3:36:46 AM) (--A-) (2edf9e7751554b42cbb60116de727101)
C:\Windows\system32\drivers\nvstor.sys (45112 bytes) (NVIDIA Corporation) (11/2/2006 3:36:46 AM) (--A-) (abed0c09758d1d97db0042dbb2688177)
C:\Windows\system32\drivers\OXSER.SYS (51169 bytes) (OEM) (11/9/2011 9:20:50 PM) (--A-) (8db0dbdec7880e81b73b8e7e8e9a666a)
C:\Windows\system32\drivers\ql2300.sys (1122360 bytes) (QLogic Corporation) (11/2/2006 3:36:47 AM) (--A-) (0a6db55afb7820c99aa1f3a1d270f4f6)
C:\Windows\system32\drivers\ql40xx.sys (106088 bytes) (QLogic Corporation) (11/2/2006 3:36:48 AM) (--A-) (81a7e5c076e59995d54bc1ed3a16e60b)
C:\Windows\system32\drivers\RimSerial.sys (27136 bytes) (Research in Motion Ltd) (9/7/2009 7:15:32 PM) (--A-) (2c4fb2e9f039287767c384e46ee91030)
C:\Windows\system32\drivers\RTKVHDA.sys (2744800 bytes) (Realtek Semiconductor Corp.) (8/4/2009 9:48:20 AM) (--A-) (3914ea9111dbeffaf1c68200817768ad)
C:\Windows\system32\drivers\Rtlh86.sys (259176 bytes) (Realtek) (6/23/2010 9:21:32 AM) (--A-) (2d19a7469ea19993d0c12e627f4530bc)
C:\Windows\system32\drivers\SCBaud.cpl (73728 bytes) (Socket Communications Inc.) (11/9/2011 9:20:50 PM) (--A-) (3b82611e599a17b0f64c8b60a7524c37)
C:\Windows\system32\drivers\SCBaud.w9x (86016 bytes) (Socket Communications Inc.) (11/9/2011 9:20:50 PM) (--A-) (22c591e694a081c05ea6f0310c7aab77)
C:\Windows\system32\drivers\secdrv.sys (20480 bytes) (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (11/2/2006 2:37:21 AM) (--A-) (90a3935d05b494a5a39d37e71f09a677)
C:\Windows\system32\drivers\Sio9502k.sys (48076 bytes) (Socket Communications, Inc.) (11/9/2011 9:20:50 PM) (--A-) (f6acd9575b5d77673b979bb46ff6a837)
C:\Windows\system32\drivers\SioUi2k.dll (77824 bytes) (Socket Communications Inc.) (11/9/2011 9:20:50 PM) (--A-) (d5bc498aaa82c8ef5710c296d0901fb6)
C:\Windows\system32\drivers\sisraid4.sys (74808 bytes) (Silicon Integrated Systems) (11/2/2006 3:36:48 AM) (--A-) (a99c6c8b0baa970d8aa59ddc50b57f94)
C:\Windows\system32\drivers\SktBt2k.sys (48556 bytes) (Socket Communications, Inc.) (11/9/2011 9:20:50 PM) (--A-) (42a39aa7ed51616e36adb5abddf8349b)
C:\Windows\system32\drivers\symc8xx.sys (35944 bytes) (LSI Logic) (11/2/2006 3:36:47 AM) (--A-) (192aa3ac01df071b541094f251deed10)
C:\Windows\system32\drivers\sym_hi.sys (31848 bytes) (LSI Logic) (11/2/2006 3:36:47 AM) (--A-) (8c8eb8c76736ebaf3b13b633b2e64125)
C:\Windows\system32\drivers\sym_u3.sys (34920 bytes) (LSI Logic) (11/2/2006 3:36:47 AM) (--A-) (8072af52b5fd103bbba387a1e49f62cb)
C:\Windows\system32\drivers\TrueSight.sys (26624 bytes) (Unknown) (6/14/2014 11:18:32 PM) (--A-) (e42c7ed4ec244409a1d49d6a57f52dcd)
C:\Windows\system32\drivers\uliahci.sys (238648 bytes) (ULi Electronics Inc.) (11/2/2006 3:36:48 AM) (--A-) (9224bb254f591de4ca8d572a5f0d635c)
C:\Windows\system32\drivers\ulsata.sys (98408 bytes) (Promise Technology, Inc.) (11/2/2006 3:36:46 AM) (--A-) (8514d0e5cd0534467c5fc61be94a569f)
C:\Windows\system32\drivers\ulsata2.sys (115816 bytes) (Promise Technology, Inc.) (11/2/2006 3:36:46 AM) (--A-) (38c3c6e62b157a6bc46594fada45c62b)
C:\Windows\system32\drivers\viaide.sys (20024 bytes) (VIA Technologies, Inc.) (11/2/2006 4:51:36 AM) (--A-) (aadf5587a4063f52c2c3fed7887426fc)
C:\Windows\system32\drivers\vsmraid.sys (130616 bytes) (VIA Technologies Inc.,Ltd) (11/2/2006 3:36:48 AM) (--A-) (587253e09325e6bf226b299774b728a9)
C:\Windows\system32\drivers\wssbtr1f.sys (63488 bytes) (National Semiconductor Sweden AB) (11/9/2011 9:20:50 PM) (--A-) (85c3baa151a6118b24d7701ddfc2d1eb)
C:\Windows\system32\drivers\XAudio.sys (8704 bytes) (Conexant Systems, Inc.) (8/8/2008 3:04:29 AM) (--A-) (dab33cfa9dd24251aaa389ff36b64d4b)

[+] Non accessible files


[+] Executables in Internet Explorer Folder


[+] Files created/modified 15 days ago

C:\Windows\system32\drivers\mbam.sys (23256 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:02 PM) (--A-) (8683c1b450f4b3872839308d836e0f92) (Created)
C:\Windows\system32\drivers\MBAMSwissArmy.sys (110296 bytes) (Malwarebytes Corporation) (6/14/2014 7:33:36 PM) (--A-) (12e71da845d76665b56753ad149e32b3) (Created)
C:\Windows\system32\drivers\mwac.sys (51928 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:02 PM) (--A-) (799613ba73d25641402aa81b6403eff8) (Created)
C:\Windows\system32\drivers\tcpip.sys (915392 bytes) (Microsoft Corporation) (6/10/2014 10:11:15 PM) (--A-) (a4196d394207369e1431e8681b373312) (Created)
C:\Windows\system32\drivers\tcpipreg.sys (31232 bytes) (Microsoft Corporation) (6/10/2014 10:11:15 PM) (--A-) (95389980f70fc4990a4395a0b8bbe1d6) (Created)
C:\Windows\system32\drivers\TrueSight.sys (26624 bytes) (Unknown) (6/14/2014 11:18:32 PM) (--A-) (e42c7ed4ec244409a1d49d6a57f52dcd) (Created)
C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe (54432 bytes) (Adobe Systems Inc.) (6/14/2014 9:02:53 PM) (--A-) (7b547f897e8a714512eebc8a5e69324c) (Created)
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe (130208 bytes) (Adobe Systems Inc.) (6/14/2014 9:02:53 PM) (--A-) (edf1b2e4e611cc9a0bf1d9e7eea2d325) (Created)
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe (96768 bytes) (Adobe Systems Inc.) (6/14/2014 9:02:53 PM) (--A-) (c113b2525cf0e7416c2f2ca7fbd7516e) (Created)
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe (54432 bytes) (Adobe Systems Inc.) (6/14/2014 9:02:53 PM) (--A-) (7b547f897e8a714512eebc8a5e69324c) (Created)
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe (59392 bytes) (Unknown) (6/14/2014 9:02:53 PM) (--A-) (c24eac61ff481033893953386788a2a6) (Created)
C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll (768512 bytes) (Microsoft Corporation) (6/10/2014 10:11:04 PM) (--A-) (fb874a0c864f798edc13043c1ccd55af) (Created)
C:\Program Files\Garmin\BaseCamp\AppLifeCycle.dll (2610736 bytes) (GARMIN Corp.) (6/4/2014 5:39:52 PM) (--A-) (c9a5678e08633bc6257db882a35ae2fb) (Created)
C:\Program Files\Garmin\BaseCamp\Cli.Infrastructure.dll (402480 bytes) (GARMIN Corp.) (6/4/2014 5:39:54 PM) (--A-) (637f646b58dabbb7432deb0e15b1404e) (Created)
C:\Program Files\Garmin\BaseCamp\Common.dll (103984 bytes) (GARMIN Corp.) (6/4/2014 5:39:54 PM) (--A-) (5d84f021a77a80f2aee8ae38b3186370) (Created)
C:\Program Files\Garmin\BaseCamp\DeviceInfoUI.dll (345648 bytes) (GARMIN Corp.) (6/4/2014 5:39:56 PM) (--A-) (70f0be1033871a6a29578a2db1c7e4a8) (Created)
C:\Program Files\Garmin\BaseCamp\GalaSoft.MvvmLight.Extras.WPF45.dll (32304 bytes) (GalaSoft Laurent Bugnion @ http://www.galasoft.ch) (6/4/2014 5:40:00 PM) (--A-) (41c44a6b5bcba8aacb357bb0ba5550e2) (Created)
C:\Program Files\Garmin\BaseCamp\GalaSoft.MvvmLight.WPF45.dll (35888 bytes) (GalaSoft Laurent Bugnion @ http://www.galasoft.ch) (6/4/2014 5:40:02 PM) (--A-) (53089829f90bea61fc3d788b353e3422) (Created)
C:\Program Files\Garmin\BaseCamp\Microsoft.Practices.ServiceLocation.dll (28208 bytes) (Microsoft) (6/4/2014 5:40:06 PM) (--A-) (248e738774837cd4b42993bd6167f90c) (Created)
C:\Program Files\Garmin\BaseCamp\RichClientExperience.dll (1885744 bytes) (GARMIN Corp.) (6/4/2014 5:40:10 PM) (--A-) (6800a8cc328ffb3d5e841f94806d5ba3) (Created)
C:\Program Files\Garmin\BaseCamp\System.Windows.Interactivity.dll (47664 bytes) (Microsoft Corporation) (6/4/2014 5:40:10 PM) (--A-) (184e8e14babab2640d1f5d179b21c606) (Created)
C:\Program Files\Garmin\BaseCamp\TaskUI.dll (1069104 bytes) (GARMIN Corp.) (6/4/2014 5:40:12 PM) (--A-) (4771aa22ea7908a14883dd11410b8e14) (Created)
C:\Program Files\Garmin\BaseCamp\XMLdll.dll (156208 bytes) (GARMIN Corp.) (6/4/2014 5:40:16 PM) (--A-) (300eedbcb391121c63e7a946402af566) (Created)
C:\Program Files\Garmin\BaseCamp\cs\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:40:18 PM) (--A-) (74330b49b0fb92359472a02fcd10b4a9) (Created)
C:\Program Files\Garmin\BaseCamp\cs\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:20 PM) (--A-) (7edb5278480e39494c6785b7ef46d99a) (Created)
C:\Program Files\Garmin\BaseCamp\cs\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:40:20 PM) (--A-) (ba08f6ff4c5ff3ed941ca18a99ae0dd2) (Created)
C:\Program Files\Garmin\BaseCamp\cs\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:40:22 PM) (--A-) (597ffc05e514bd5428530bd45e7d8c78) (Created)
C:\Program Files\Garmin\BaseCamp\cs\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:24 PM) (--A-) (8cd6b4ffd19496d9e7db0d1c31c29bd3) (Created)
C:\Program Files\Garmin\BaseCamp\cs\TaskUI.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:40:24 PM) (--A-) (79e6c6655ce60aeb1ff20cf02507d2a2) (Created)
C:\Program Files\Garmin\BaseCamp\da\AppLifeCycle.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:40:26 PM) (--A-) (bf3af553a733a296942417da92df93c6) (Created)
C:\Program Files\Garmin\BaseCamp\da\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:28 PM) (--A-) (4788fff0b96a69f0119e0e62397f60bb) (Created)
C:\Program Files\Garmin\BaseCamp\da\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:40:28 PM) (--A-) (1744e3c0fab6bbd3b439e012a88c8c88) (Created)
C:\Program Files\Garmin\BaseCamp\da\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:40:30 PM) (--A-) (00154b7662437535ed24f8bf23598368) (Created)
C:\Program Files\Garmin\BaseCamp\da\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:32 PM) (--A-) (4ce0fe317eeeba501a714d5f51a959a3) (Created)
C:\Program Files\Garmin\BaseCamp\da\TaskUI.resources.dll (22576 bytes) (GARMIN Corp.) (6/4/2014 5:40:32 PM) (--A-) (ffbec48be42c58d247ca182a96a93d5e) (Created)
C:\Program Files\Garmin\BaseCamp\de\AppLifeCycle.resources.dll (25136 bytes) (GARMIN Corp.) (6/4/2014 5:40:34 PM) (--A-) (3b249bc72476607220b1acb873dd99d1) (Created)
C:\Program Files\Garmin\BaseCamp\de\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:36 PM) (--A-) (d46d2b3a8a611fc35c1858523caf4e24) (Created)
C:\Program Files\Garmin\BaseCamp\de\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:40:38 PM) (--A-) (df64783ac92d4f02b10ef8481d6d822b) (Created)
C:\Program Files\Garmin\BaseCamp\de\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:40:38 PM) (--A-) (c23e8ed5628a38375dd5d5ac16718089) (Created)
C:\Program Files\Garmin\BaseCamp\de\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:40 PM) (--A-) (8375c0be194617f3ad1420b8b14e6be4) (Created)
C:\Program Files\Garmin\BaseCamp\de\TaskUI.resources.dll (23088 bytes) (GARMIN Corp.) (6/4/2014 5:40:40 PM) (--A-) (8dffcd247e1cde7927a6095828a73338) (Created)
C:\Program Files\Garmin\BaseCamp\es\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:40:50 PM) (--A-) (493f53dfb2600165c404f8bd90ae5a26) (Created)
C:\Program Files\Garmin\BaseCamp\es\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:54 PM) (--A-) (919cd9a81f43f4c8d433190ac50a4aa1) (Created)
C:\Program Files\Garmin\BaseCamp\es\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:40:54 PM) (--A-) (5013bf810bca4d267ed868bfe9db83b7) (Created)
C:\Program Files\Garmin\BaseCamp\es\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:40:56 PM) (--A-) (d27be9fad4ecfaea9d5cf2bc66a97c20) (Created)
C:\Program Files\Garmin\BaseCamp\es\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:40:58 PM) (--A-) (86e508eb1ce086829ee9a612b7e873f1) (Created)
C:\Program Files\Garmin\BaseCamp\es\TaskUI.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:41:02 PM) (--A-) (90b64eb628a3a0d9177d00ae06cdf796) (Created)
C:\Program Files\Garmin\BaseCamp\fi\AppLifeCycle.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:41:04 PM) (--A-) (ff5ef60d345a0bca964cabd38fd4f6ed) (Created)
C:\Program Files\Garmin\BaseCamp\fi\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:06 PM) (--A-) (9552a121b4da19f7e7c25e032bc413ee) (Created)
C:\Program Files\Garmin\BaseCamp\fi\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:41:08 PM) (--A-) (396cab412a793ed19609e33a99fc248d) (Created)
C:\Program Files\Garmin\BaseCamp\fi\DeviceInfoUI.resources.dll (12336 bytes) (GARMIN Corp.) (6/4/2014 5:41:08 PM) (--A-) (e38dd5f6fb6657ea753c1968893d49b2) (Created)
C:\Program Files\Garmin\BaseCamp\fi\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:10 PM) (--A-) (133e6af1782165d340dde51b0525ba15) (Created)
C:\Program Files\Garmin\BaseCamp\fi\TaskUI.resources.dll (22576 bytes) (GARMIN Corp.) (6/4/2014 5:41:12 PM) (--A-) (280d8b7e67091b3b8a64bac32904b59a) (Created)
C:\Program Files\Garmin\BaseCamp\fr\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:41:12 PM) (--A-) (8d7b7f1f64f6eb5f6a9689b576804694) (Created)
C:\Program Files\Garmin\BaseCamp\fr\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:16 PM) (--A-) (b0c2308f27a209357e0d683405b69923) (Created)
C:\Program Files\Garmin\BaseCamp\fr\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:41:18 PM) (--A-) (cf52e1a9af45f29e36c96622587dca13) (Created)
C:\Program Files\Garmin\BaseCamp\fr\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:41:20 PM) (--A-) (02bb9c20761030858b1c1c74c3f767b6) (Created)
C:\Program Files\Garmin\BaseCamp\fr\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:20 PM) (--A-) (0e3601bcb2a77c90d5485ef716bebbb3) (Created)
C:\Program Files\Garmin\BaseCamp\fr\TaskUI.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:41:22 PM) (--A-) (6bccbb76cbb860a71c814254991f5342) (Created)
C:\Program Files\Garmin\BaseCamp\hr\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:41:24 PM) (--A-) (5c784f48c63fab5fd33a69b1d3e7b17e) (Created)
C:\Program Files\Garmin\BaseCamp\hr\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:28 PM) (--A-) (94fabe27643438e8536fdd3cf82b10be) (Created)
C:\Program Files\Garmin\BaseCamp\hr\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:41:30 PM) (--A-) (2c136873863a334346a42988c1cd6061) (Created)
C:\Program Files\Garmin\BaseCamp\hr\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:41:30 PM) (--A-) (9bbbb6d74c261033b35f0859c08085ce) (Created)
C:\Program Files\Garmin\BaseCamp\hr\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:32 PM) (--A-) (2745ee7982464c67ea69edaa4a0a3286) (Created)
C:\Program Files\Garmin\BaseCamp\hr\TaskUI.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:41:34 PM) (--A-) (ab0ff70a53b9def97fa6ff8ec6f9f442) (Created)
C:\Program Files\Garmin\BaseCamp\hu\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:41:36 PM) (--A-) (3d7e8eab8986f1898444a3acc9309917) (Created)
C:\Program Files\Garmin\BaseCamp\hu\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:38 PM) (--A-) (27a90b5da5b98869ea24f50add2f014b) (Created)
C:\Program Files\Garmin\BaseCamp\hu\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:41:40 PM) (--A-) (5ceb74e5fd4cc6b30f56adb5cc197baa) (Created)
C:\Program Files\Garmin\BaseCamp\hu\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:41:44 PM) (--A-) (5cd6c9cf12268c0edce45847f170bbb2) (Created)
C:\Program Files\Garmin\BaseCamp\hu\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:41:46 PM) (--A-) (7fcc49d72c6d98c93a8ae9c04f6e5525) (Created)
C:\Program Files\Garmin\BaseCamp\hu\TaskUI.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:41:48 PM) (--A-) (02b27f993ec932f0fa1a5f58bb43c83f) (Created)
C:\Program Files\Garmin\BaseCamp\it\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:41:58 PM) (--A-) (3f4707d48d2aab5acb2a1aa1b1023a86) (Created)
C:\Program Files\Garmin\BaseCamp\it\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:00 PM) (--A-) (1332fa0617db6d944f55d377a30bed77) (Created)
C:\Program Files\Garmin\BaseCamp\it\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:42:02 PM) (--A-) (67f82ed5648ab18484c619792ad79e1e) (Created)
C:\Program Files\Garmin\BaseCamp\it\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:42:04 PM) (--A-) (7b13188994bc4d5c80c1f0ced92ca441) (Created)
C:\Program Files\Garmin\BaseCamp\it\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:06 PM) (--A-) (417021fc9c16d8220a2cfc06ab58528c) (Created)
C:\Program Files\Garmin\BaseCamp\it\TaskUI.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:42:06 PM) (--A-) (c27e983fc9d2177c34efd95f81464eaa) (Created)
C:\Program Files\Garmin\BaseCamp\ja\AppLifeCycle.resources.dll (26672 bytes) (GARMIN Corp.) (6/4/2014 5:42:08 PM) (--A-) (a6168791f9d439e0209c2c84b70ae727) (Created)
C:\Program Files\Garmin\BaseCamp\ja\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:10 PM) (--A-) (b978d3f066feb025b670f748d37255c0) (Created)
C:\Program Files\Garmin\BaseCamp\ja\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:42:12 PM) (--A-) (539425d03f5568827f92f498e8064329) (Created)
C:\Program Files\Garmin\BaseCamp\ja\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:42:12 PM) (--A-) (68ec2028065566d2c1ac4353b529e598) (Created)
C:\Program Files\Garmin\BaseCamp\ja\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:14 PM) (--A-) (16a1852289223cd4b5d3e09e6c5e6351) (Created)
C:\Program Files\Garmin\BaseCamp\ja\TaskUI.resources.dll (25648 bytes) (GARMIN Corp.) (6/4/2014 5:42:14 PM) (--A-) (2066fb2ddbf31c43a0781af73b985ac3) (Created)
C:\Program Files\Garmin\BaseCamp\ko\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:42:16 PM) (--A-) (7b777c01dcafe9afbabc340e0ded4e77) (Created)
C:\Program Files\Garmin\BaseCamp\ko\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:18 PM) (--A-) (67f3aa30a8a66b5a61083046cc8f3eb8) (Created)
C:\Program Files\Garmin\BaseCamp\ko\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:42:20 PM) (--A-) (fa54bb73b49b125e8dde43c25c067afa) (Created)
C:\Program Files\Garmin\BaseCamp\ko\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:42:22 PM) (--A-) (9ddb699108646005ffe250d733376539) (Created)
C:\Program Files\Garmin\BaseCamp\ko\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:22 PM) (--A-) (f95a2c18c161600060fd09cf8f819e5a) (Created)
C:\Program Files\Garmin\BaseCamp\ko\TaskUI.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:42:24 PM) (--A-) (c812364d59ed8e0ba34bf0b2f4474ff9) (Created)
C:\Program Files\Garmin\BaseCamp\nb-NO\AppLifeCycle.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:42:34 PM) (--A-) (e2f34b71d53de44a7fbd7d01fbfbfba3) (Created)
C:\Program Files\Garmin\BaseCamp\nb-NO\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:36 PM) (--A-) (6a04235145e2378a8284c60f4a42e5cb) (Created)
C:\Program Files\Garmin\BaseCamp\nb-NO\Common.resources.dll (16432 bytes) (GARMIN Corp.) (6/4/2014 5:42:38 PM) (--A-) (fa623881f6234dccb27ba36c1b3d7b5f) (Created)
C:\Program Files\Garmin\BaseCamp\nb-NO\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:42:38 PM) (--A-) (470b3f2195d0a46c5dca099e29053edc) (Created)
C:\Program Files\Garmin\BaseCamp\nb-NO\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:40 PM) (--A-) (eba01e0dde716c72269eabe82efc184b) (Created)
C:\Program Files\Garmin\BaseCamp\nb-NO\TaskUI.resources.dll (22576 bytes) (GARMIN Corp.) (6/4/2014 5:42:42 PM) (--A-) (4274dd099e0e73f0def49fa07787847e) (Created)
C:\Program Files\Garmin\BaseCamp\nl\AppLifeCycle.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:42:44 PM) (--A-) (f42f3736b91d5e5192a06f545fa64009) (Created)
C:\Program Files\Garmin\BaseCamp\nl\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:46 PM) (--A-) (2bdb11add793245886825cd6cb0bdfb6) (Created)
C:\Program Files\Garmin\BaseCamp\nl\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:42:48 PM) (--A-) (747b38ba34b44fb7d797fa02459466f0) (Created)
C:\Program Files\Garmin\BaseCamp\nl\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:42:48 PM) (--A-) (5f6e08dd25410a09badd36085742d833) (Created)
C:\Program Files\Garmin\BaseCamp\nl\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:50 PM) (--A-) (798b21676b716d2153a063f088f66c20) (Created)
C:\Program Files\Garmin\BaseCamp\nl\TaskUI.resources.dll (23088 bytes) (GARMIN Corp.) (6/4/2014 5:42:50 PM) (--A-) (21fcc856b048fe0fc9249bb771a80e5c) (Created)
C:\Program Files\Garmin\BaseCamp\pl\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:42:50 PM) (--A-) (7504aa62d4f996db2d40a7f49ac8db55) (Created)
C:\Program Files\Garmin\BaseCamp\pl\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:52 PM) (--A-) (6f3d0111f372f9d513ab994126777025) (Created)
C:\Program Files\Garmin\BaseCamp\pl\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:42:54 PM) (--A-) (c9a1e51f9f741a8fd4570d89492939d6) (Created)
C:\Program Files\Garmin\BaseCamp\pl\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:42:54 PM) (--A-) (ff5533a21e7cfa55b6c25c1b7c1a5e8c) (Created)
C:\Program Files\Garmin\BaseCamp\pl\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:56 PM) (--A-) (c36b5d75ccfa01c03537f491699ffe57) (Created)
C:\Program Files\Garmin\BaseCamp\pl\TaskUI.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:42:56 PM) (--A-) (94e2380a138e71c013bcc3cd5eb5264d) (Created)
C:\Program Files\Garmin\BaseCamp\pt\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:42:58 PM) (--A-) (de718979dba569e7e417e3c5b8f4aa0a) (Created)
C:\Program Files\Garmin\BaseCamp\pt\BaseCamp.resources.dll (460848 bytes) (GARMIN Corp.) (6/4/2014 5:42:58 PM) (--A-) (0081f3740f4b8e1615a5082e783efc13) (Created)
C:\Program Files\Garmin\BaseCamp\pt\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:42:58 PM) (--A-) (e0a4f089d337778f6240110defd8e3b3) (Created)
C:\Program Files\Garmin\BaseCamp\pt\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:43:00 PM) (--A-) (7661231bc2bf9bbb7d9c6077be49d7ac) (Created)
C:\Program Files\Garmin\BaseCamp\pt\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:43:02 PM) (--A-) (8dabea2e656eb14eb11e3318182aee1c) (Created)
C:\Program Files\Garmin\BaseCamp\pt\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:02 PM) (--A-) (ede63077fcd1780d64b233e183eb24d9) (Created)
C:\Program Files\Garmin\BaseCamp\pt\TaskUI.resources.dll (23088 bytes) (GARMIN Corp.) (6/4/2014 5:43:04 PM) (--A-) (7eb2fd2b048550754f7b1b32e70f5cd4) (Created)

 

[maddmaverick]

pg2 of hijack hunter log

C:\Program Files\Garmin\BaseCamp\ru\AppLifeCycle.resources.dll (29232 bytes) (GARMIN Corp.) (6/4/2014 5:43:10 PM) (--A-) (ca7e71e9e4ec453dd28743765dcda88d) (Created)
C:\Program Files\Garmin\BaseCamp\ru\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:12 PM) (--A-) (90b89a7070b8650da4957f9868527181) (Created)
C:\Program Files\Garmin\BaseCamp\ru\Common.resources.dll (18480 bytes) (GARMIN Corp.) (6/4/2014 5:43:12 PM) (--A-) (47d6423b20d4f8b54d58b7e2472452a0) (Created)
C:\Program Files\Garmin\BaseCamp\ru\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:43:14 PM) (--A-) (00a336be139d1d6809dd576c0ed0dcdf) (Created)
C:\Program Files\Garmin\BaseCamp\ru\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:16 PM) (--A-) (18a4365d9ec677decd51a5d6a3346661) (Created)
C:\Program Files\Garmin\BaseCamp\ru\TaskUI.resources.dll (29232 bytes) (GARMIN Corp.) (6/4/2014 5:43:16 PM) (--A-) (3aa814487fd99757b24eb96ee494d3b7) (Created)
C:\Program Files\Garmin\BaseCamp\sk\AppLifeCycle.resources.dll (24624 bytes) (GARMIN Corp.) (6/4/2014 5:43:18 PM) (--A-) (db0318e3a4edf22a7f31eda165f9316a) (Created)
C:\Program Files\Garmin\BaseCamp\sk\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:20 PM) (--A-) (2edb762b7087e5af07ee9dbd84059c73) (Created)
C:\Program Files\Garmin\BaseCamp\sk\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:43:20 PM) (--A-) (8c6c25d24e62f2dc44e975fb58bc5cf9) (Created)
C:\Program Files\Garmin\BaseCamp\sk\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:43:22 PM) (--A-) (c781ce54265a75adde3bb8c6c42c2a1d) (Created)
C:\Program Files\Garmin\BaseCamp\sk\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:24 PM) (--A-) (21700c1621324d9ebf83706ad8d9f919) (Created)
C:\Program Files\Garmin\BaseCamp\sk\TaskUI.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:43:24 PM) (--A-) (1cd0701f016528f379db2ad3bdbfead5) (Created)
C:\Program Files\Garmin\BaseCamp\sl\AppLifeCycle.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:43:26 PM) (--A-) (cfd0cde0f0fdb90eb34d433bf8a29be0) (Created)
C:\Program Files\Garmin\BaseCamp\sl\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:28 PM) (--A-) (78c89c476ae25ddb4e980231ac405241) (Created)
C:\Program Files\Garmin\BaseCamp\sl\Common.resources.dll (17456 bytes) (GARMIN Corp.) (6/4/2014 5:43:30 PM) (--A-) (cc6a3a9bad51fc93099b2b245bd5220f) (Created)
C:\Program Files\Garmin\BaseCamp\sl\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:43:32 PM) (--A-) (0f71431cdc08f37369a5c00f328f7bfb) (Created)
C:\Program Files\Garmin\BaseCamp\sl\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:32 PM) (--A-) (b78f6770a4f8b099ef28da444c274f4c) (Created)
C:\Program Files\Garmin\BaseCamp\sl\TaskUI.resources.dll (23600 bytes) (GARMIN Corp.) (6/4/2014 5:43:34 PM) (--A-) (05e938fc6f5ee4d04f15bff489e6b759) (Created)
C:\Program Files\Garmin\BaseCamp\sv-se\AppLifeCycle.resources.dll (24112 bytes) (GARMIN Corp.) (6/4/2014 5:43:34 PM) (--A-) (2fb8a83624679d44956877a7cf506c76) (Created)
C:\Program Files\Garmin\BaseCamp\sv-se\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:38 PM) (--A-) (e63c434c6d6d368695c3769b86fb9b09) (Created)
C:\Program Files\Garmin\BaseCamp\sv-se\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:43:38 PM) (--A-) (88c74cc9fdb3b37e8a70c98f51c2e04b) (Created)
C:\Program Files\Garmin\BaseCamp\sv-se\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:43:40 PM) (--A-) (0390bccfc609999976f5d752391fbe15) (Created)
C:\Program Files\Garmin\BaseCamp\sv-se\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:40 PM) (--A-) (1dcfd2d242e279f60f659b7c51cfee4a) (Created)
C:\Program Files\Garmin\BaseCamp\sv-se\TaskUI.resources.dll (23088 bytes) (GARMIN Corp.) (6/4/2014 5:43:42 PM) (--A-) (2ca4120e8e9b2184b96ab4d669c71bf7) (Created)
C:\Program Files\Garmin\BaseCamp\th\AppLifeCycle.resources.dll (33328 bytes) (GARMIN Corp.) (6/4/2014 5:43:44 PM) (--A-) (bef218b73952f9bd90aa634edd121b71) (Created)
C:\Program Files\Garmin\BaseCamp\th\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:46 PM) (--A-) (41e5b1eaa98709dd5b64487b35ff38f7) (Created)
C:\Program Files\Garmin\BaseCamp\th\Common.resources.dll (19504 bytes) (GARMIN Corp.) (6/4/2014 5:43:46 PM) (--A-) (05750e7a119597a0d6d8523d0c54605a) (Created)
C:\Program Files\Garmin\BaseCamp\th\DeviceInfoUI.resources.dll (12848 bytes) (GARMIN Corp.) (6/4/2014 5:43:48 PM) (--A-) (358c6b552304072053f6eb7b11d1bbd8) (Created)
C:\Program Files\Garmin\BaseCamp\th\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:43:50 PM) (--A-) (40d856373be188bf5851e4e36d280653) (Created)
C:\Program Files\Garmin\BaseCamp\th\TaskUI.resources.dll (30768 bytes) (GARMIN Corp.) (6/4/2014 5:43:50 PM) (--A-) (ce4ce26ec1a8987b8ef3ef2f4be1cd7e) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hans\AppLifeCycle.resources.dll (23088 bytes) (GARMIN Corp.) (6/4/2014 5:43:58 PM) (--A-) (605028505a4a534efb3ad54cb393750d) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hans\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:44:00 PM) (--A-) (8ca1eb122287456a58ced09d7e9ebf50) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hans\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:44:02 PM) (--A-) (86f1b7ab17ca7b0602c78a5a377dcab2) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hans\DeviceInfoUI.resources.dll (12336 bytes) (GARMIN Corp.) (6/4/2014 5:44:04 PM) (--A-) (1791a40fa7f8f84969e48792f00bfedc) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hans\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:44:06 PM) (--A-) (7007029bbd9df852fe8c6c14d2024fdf) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hans\TaskUI.resources.dll (22064 bytes) (GARMIN Corp.) (6/4/2014 5:44:06 PM) (--A-) (912597f61f5fc27b7e09ee51020c9d34) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hant\AppLifeCycle.resources.dll (23088 bytes) (GARMIN Corp.) (6/4/2014 5:44:08 PM) (--A-) (6a70da5926a83c17dd6c5e4a28d82fd9) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hant\Cli.Infrastructure.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:44:10 PM) (--A-) (49cad763a6e4ac144daa16b7be9d785c) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hant\Common.resources.dll (16944 bytes) (GARMIN Corp.) (6/4/2014 5:44:12 PM) (--A-) (66a040b545573b698fea2ec77954a190) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hant\DeviceInfoUI.resources.dll (12336 bytes) (GARMIN Corp.) (6/4/2014 5:44:12 PM) (--A-) (0c0aa8f0c5ff51335d9e3f17205be078) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hant\RichClientExperience.resources.dll (13360 bytes) (GARMIN Corp.) (6/4/2014 5:44:14 PM) (--A-) (77eaa41e8e36ed9e34ff474badeb75fe) (Created)
C:\Program Files\Garmin\BaseCamp\zh-Hant\TaskUI.resources.dll (22064 bytes) (GARMIN Corp.) (6/4/2014 5:44:16 PM) (--A-) (b7b2144772c3319c8e461df63e1c7fe5) (Created)
C:\Program Files\Garmin\Core Update Service\ANT_NET.dll (103936 bytes) (Dynastream Innovations Inc.) (6/9/2014 12:46:24 PM) (--A-) (328c917b88ee4adddf087be4c7f15d64) (Created)
C:\Program Files\Garmin\Core Update Service\ANT_WrappedLib.dll (232448 bytes) (Dynastream Innovations Inc.) (6/9/2014 12:46:24 PM) (--A-) (1daeaa68878b511fba4a60760c663816) (Created)
C:\Program Files\Garmin\Core Update Service\DSI_CP210xManufacturing_3_1.dll (69632 bytes) (Silicon Laboratories) (6/9/2014 12:46:24 PM) (--A-) (854c13b498977f6a0ea11eb9695f8712) (Created)
C:\Program Files\Garmin\Core Update Service\DSI_SiUSBXp_3_1.dll (90112 bytes) (Silicon Laboratories, Inc.) (6/9/2014 12:46:24 PM) (--A-) (75355d591ffed68a6feabcc3592380a4) (Created)
C:\Program Files\Garmin\Core Update Service\Fit.dll (524288 bytes) (Unknown) (6/9/2014 12:46:24 PM) (--A-) (2dd28e72dcc15a1d704d046b491059ae) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.Device.IO.dll (14848 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (7d781ae00c172006e500212cdee47063) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreLibrary.dll (245760 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (d2d2c807a195bcd9f85ec01d7dddb860) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (435032 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:48 PM) (--A-) (0215daf58c80d7ebe6084e5065717c3d) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.DataTypes.dll (26112 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (7e9d198855068a3381cd003ad170e562) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.dll (10240 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (f539dd3fcb8d4f2d6056b42b5ea706f3) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.DotNet.dll (74752 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:40 PM) (--A-) (3aa7dc2521be160a5e943c241b9996f0) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.IO.DotNet.dll (113152 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:40 PM) (--A-) (225fde1a695a1bab49e59e1baa7f3e08) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.PortableDeviceLib.dll (87040 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:40 PM) (--A-) (61320075bb39c84e0a852d913e0a7297) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Glib.dll (82432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (b65cd003d328c73a38178eea6c6d4dcb) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MyDownloader.Core.dll (42496 bytes) (Programmmers) (6/9/2014 12:45:42 PM) (--A-) (c607c6f7bb3d2b6ddba16ae39451edf9) (Created)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.Services.Rce.Core.Dto.dll (70144 bytes) (Unknown) (6/9/2014 12:45:42 PM) (--A-) (93e85900f1eb270606846158ae13004e) (Created)
C:\Program Files\Garmin\Core Update Service\GpsImgWrapper.dll (378368 bytes) (Unknown) (6/9/2014 12:45:42 PM) (--A-) (c04355ecbd1f703062f8e909ebf91a3d) (Created)
C:\Program Files\Garmin\Core Update Service\Ionic.Zip.dll (446464 bytes) (Dino Chiesa) (6/9/2014 12:45:42 PM) (--A-) (fb83e56708103345bfdb8a2b7ff7bba7) (Created)
C:\Program Files\Garmin\Core Update Service\Microsoft.Net.BITS.dll (34816 bytes) (David Hall) (6/9/2014 12:45:42 PM) (--A-) (11cb50dc1d79c0d573358814ffeeaabe) (Created)
C:\Program Files\Garmin\Core Update Service\msvcp100.dll (421200 bytes) (Microsoft Corporation) (6/9/2014 12:45:42 PM) (--A-) (03e9314004f504a14a61c3d364b62f66) (Created)
C:\Program Files\Garmin\Core Update Service\msvcr100.dll (770384 bytes) (Microsoft Corporation) (6/9/2014 12:45:42 PM) (--A-) (67ec459e42d3081dd8fd34356f7cafc1) (Created)
C:\Program Files\Garmin\Core Update Service\Newtonsoft.Json.dll (391680 bytes) (Newtonsoft) (6/9/2014 12:45:42 PM) (--A-) (8611795b70cd1f321cb5cb5aad95ff7b) (Created)
C:\Program Files\Garmin\Core Update Service\protobuf-net.dll (159232 bytes) (Unknown) (6/9/2014 12:45:42 PM) (--A-) (c5a169a35c7f0d503bb68f8b4a8ffbde) (Created)
C:\Program Files\Garmin\Core Update Service\XercesLib.dll (1976832 bytes) (Apache Software Foundation) (6/9/2014 12:46:24 PM) (--A-) (404e41e5f11490cc1b11afa2bfaa241f) (Created)
C:\Program Files\Garmin\Core Update Service\XMLdll.dll (425472 bytes) (Garmin) (6/9/2014 12:46:24 PM) (--A-) (72157a2052c12c5c2e2c51be647e1206) (Created)
C:\Program Files\Garmin\Core Update Service\Bin\InstallerCustomActions.CA.dll (524691 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (f350c0802f3d8db68c4af34f2a9c462f) (Created)
C:\Program Files\Garmin\Express\ANT_NET.dll (103936 bytes) (Dynastream Innovations Inc.) (6/9/2014 12:46:24 PM) (--A-) (328c917b88ee4adddf087be4c7f15d64) (Created)
C:\Program Files\Garmin\Express\ANT_WrappedLib.dll (232448 bytes) (Dynastream Innovations Inc.) (6/9/2014 12:46:24 PM) (--A-) (1daeaa68878b511fba4a60760c663816) (Created)
C:\Program Files\Garmin\Express\avcodec-53.dll (1100784 bytes) (Unknown) (6/9/2014 12:45:10 PM) (--A-) (949ee89e8020092b4f96bc925b653215) (Created)
C:\Program Files\Garmin\Express\avformat-53.dll (191984 bytes) (Unknown) (6/9/2014 12:45:10 PM) (--A-) (5eb03f6ee5b2b36c5961d5513fd9946c) (Created)
C:\Program Files\Garmin\Express\avutil-51.dll (124400 bytes) (Unknown) (6/9/2014 12:45:10 PM) (--A-) (c69dad1e23585aa5c7eb2eae4fca31ac) (Created)
C:\Program Files\Garmin\Express\Awesomium.Core.dll (984256 bytes) (Awesomium Technologies LLC) (6/9/2014 12:45:10 PM) (--A-) (ccb730443d993aa2a08b47567c892d79) (Created)
C:\Program Files\Garmin\Express\Awesomium.Windows.Controls.dll (549056 bytes) (Awesomium Technologies LLC) (6/9/2014 12:45:10 PM) (--A-) (1a8a68a2cf6f45fe6f9bdecb1135c783) (Created)
C:\Program Files\Garmin\Express\awesomium_process (39336 bytes) (Awesomium Technologies) (6/9/2014 12:45:10 PM) (--A-) (f8205543ae01aaf513ed20bda39b7d32) (Created)
C:\Program Files\Garmin\Express\DSI_CP210xManufacturing_3_1.dll (69632 bytes) (Silicon Laboratories) (6/9/2014 12:46:24 PM) (--A-) (854c13b498977f6a0ea11eb9695f8712) (Created)
C:\Program Files\Garmin\Express\DSI_SiUSBXp_3_1.dll (90112 bytes) (Silicon Laboratories, Inc.) (6/9/2014 12:46:24 PM) (--A-) (75355d591ffed68a6feabcc3592380a4) (Created)
C:\Program Files\Garmin\Express\Express.exe (2875224 bytes) (Garmin) (6/9/2014 12:47:00 PM) (--A-) (997df3f03f7c95fd99ebc449f969e2e9) (Created)
C:\Program Files\Garmin\Express\FluidKit.dll (153088 bytes) (Unknown) (6/9/2014 12:45:10 PM) (--A-) (7c266ed81e68c884e4108e3666859069) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.Device.IO.dll (14848 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (7d781ae00c172006e500212cdee47063) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.MapUpdate.Client.Core.dll (1254912 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (a41fa1efcd4706af27f349d1a1568592) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.MapUpdate.CoreLibrary.dll (245760 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (d2d2c807a195bcd9f85ec01d7dddb860) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.MapUpdate.Device.DataTypes.dll (26112 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (7e9d198855068a3381cd003ad170e562) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.MapUpdate.Device.IO.DotNet.dll (113152 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:40 PM) (--A-) (225fde1a695a1bab49e59e1baa7f3e08) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.MapUpdate.Device.PortableDeviceLib.dll (87040 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:40 PM) (--A-) (61320075bb39c84e0a852d913e0a7297) (Created)
C:\Program Files\Garmin\Express\Garmin.Cartography.MapUpdate.Glib.dll (82432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (b65cd003d328c73a38178eea6c6d4dcb) (Created)
C:\Program Files\Garmin\Express\libEGL.dll (118240 bytes) (Unknown) (6/9/2014 12:45:10 PM) (--A-) (f789cd45ad52c6eedef370c93849063d) (Created)
C:\Program Files\Garmin\Express\libGLESv2.dll (628704 bytes) (Unknown) (6/9/2014 12:45:10 PM) (--A-) (e6a18f4b351cd9d3ac024d5afafd0883) (Created)
C:\Program Files\Garmin\Express\Microsoft.Expression.Interactions.dll (91648 bytes) (Microsoft Corporation) (6/9/2014 12:45:10 PM) (--A-) (6a3b9e46c41e42e7b8e1479468d892af) (Created)
C:\Program Files\Garmin\Express\protobuf-net.dll (188928 bytes) (Marc Gravell) (6/9/2014 12:45:10 PM) (--A-) (cbf0121ce9830b1e0154e009e8f8890b) (Created)
C:\Program Files\Garmin\Express\System.Windows.Interactivity.dll (39936 bytes) (Microsoft Corporation) (6/9/2014 12:45:10 PM) (--A-) (3ab57a33a6e3a1476695d5a6e856c06a) (Created)
C:\Program Files\Garmin\Express\xinput9_1_0.dll (61136 bytes) (Microsoft Corporation) (6/9/2014 12:45:10 PM) (--A-) (adfb6d7b61e301761c700652b6fe7ccd) (Created)
C:\Program Files\Garmin\Express\AR\Express.resources.dll (81920 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (8272119744c1aa15cd454d31c303e397) (Created)
C:\Program Files\Garmin\Express\AR\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (16896 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (c94cb562e23d6ddaae524d47e5d23276) (Created)
C:\Program Files\Garmin\Express\CS\Express.resources.dll (70144 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (8012dadc501c1b6c838a10ee856f3948) (Created)
C:\Program Files\Garmin\Express\CS\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (08ebe471b1477be756063d672c13cb9e) (Created)
C:\Program Files\Garmin\Express\DA\Express.resources.dll (66048 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (ec1abd68c48b1c3e113537bae8743fde) (Created)
C:\Program Files\Garmin\Express\DA\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (13824 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (6da330c607e6c21ed25de8229bc27c85) (Created)
C:\Program Files\Garmin\Express\DE\Express.resources.dll (70656 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (8b593bf4aa335d8d4a3eb16e34d162f3) (Created)
C:\Program Files\Garmin\Express\DE\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14848 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (d242d2fbb2d23399b5a3a4a808e87b92) (Created)
C:\Program Files\Garmin\Express\EL\Express.resources.dll (103936 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (7cafe7074f2c8033992036e066ff13bd) (Created)
C:\Program Files\Garmin\Express\EL\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (19456 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (3a32a6aec64ce81479eedf126373e97f) (Created)
C:\Program Files\Garmin\Express\ES\Express.resources.dll (71680 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (d1adc83ad2c92133a2e45e92917c7536) (Created)
C:\Program Files\Garmin\Express\ES\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (0a20d7168de8c99e3b6468572aefb6e8) (Created)
C:\Program Files\Garmin\Express\FI\Express.resources.dll (64512 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (96cf43c47cba5d46ee8016f104b7159d) (Created)
C:\Program Files\Garmin\Express\FI\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (13312 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (5562dfd706b5385ec6895c9f75dffd0d) (Created)
C:\Program Files\Garmin\Express\FR\Express.resources.dll (73216 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (5eda3636e0fa5ad45a1553b1729a356a) (Created)
C:\Program Files\Garmin\Express\FR\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (15360 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (04b5d989a02864cd25fc1f03e65b8de3) (Created)
C:\Program Files\Garmin\Express\HE\Express.resources.dll (76288 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (5f7ad4d20bd28796a136bf1c3244be99) (Created)
C:\Program Files\Garmin\Express\HE\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (15360 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (28f8e2cb221c830e69a0824ecd37eeb4) (Created)
C:\Program Files\Garmin\Express\HR\Express.resources.dll (68096 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (2885dbfc0648e6d51716c1055737d81d) (Created)
C:\Program Files\Garmin\Express\HR\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (d76135608c715802e549c39172ead63f) (Created)
C:\Program Files\Garmin\Express\HU\Express.resources.dll (72704 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (3d1ec9e1f17e247a11c10d8a5e0d9df3) (Created)
C:\Program Files\Garmin\Express\HU\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14848 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (924eefeb4e12a39201f106f93a5a5b09) (Created)
C:\Program Files\Garmin\Express\IT\Express.resources.dll (69120 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (5a7ecc5cb8b4a519cd776b5f98a6cd77) (Created)
C:\Program Files\Garmin\Express\IT\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:50 PM) (--A-) (333dcbf96458d91d5b5846725835c3af) (Created)
C:\Program Files\Garmin\Express\JA\Express.resources.dll (78848 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (ee9f0d4f5528c92ff74232a2e6941d8b) (Created)
C:\Program Files\Garmin\Express\JA\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (15872 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (c7662f9df572bb99f41d9b25b0e7dd4e) (Created)
C:\Program Files\Garmin\Express\KO\Express.resources.dll (69632 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (4f04a85b463db3ba7f5439ccfde9d5d3) (Created)
C:\Program Files\Garmin\Express\KO\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (f632807f0399ab47eccdf847eaa511ff) (Created)
C:\Program Files\Garmin\Express\NL\Express.resources.dll (67584 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (8b06818fe9b809e90d04431e02c0b58e) (Created)
C:\Program Files\Garmin\Express\NL\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (2d6638cd4a2dae75166347e25818650e) (Created)
C:\Program Files\Garmin\Express\NO\Express.resources.dll (65536 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (f9b14b830e2261be9667422faf858a67) (Created)
C:\Program Files\Garmin\Express\NO\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (13824 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (eb50be30ecb288efb9954ee9e4bc4586) (Created)
C:\Program Files\Garmin\Express\PL\Express.resources.dll (71168 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (7577486efc2d821129a4e272f9e42e54) (Created)
C:\Program Files\Garmin\Express\PL\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (76bf8ac30e9d695d2bd4e3dc6d8b196a) (Created)
C:\Program Files\Garmin\Express\PT\Express.resources.dll (70656 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (ddef4a5fee5c4fa61fb936a3b86bf0ab) (Created)
C:\Program Files\Garmin\Express\PT\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (f33d010ade45d11319b1c6d58dc3122a) (Created)
C:\Program Files\Garmin\Express\PT-BR\Express.resources.dll (69120 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (9e8e635ec1cdfab20dd35555325858d9) (Created)
C:\Program Files\Garmin\Express\PT-BR\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (4d7242e2ee5cfc70e0af02a825dc1292) (Created)
C:\Program Files\Garmin\Express\RU\Express.resources.dll (95744 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (4b620b154c7ca2568d88f8a59e9b48f6) (Created)
C:\Program Files\Garmin\Express\RU\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (18432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (c10d6e74234a296ee11af48d80e94aa8) (Created)
C:\Program Files\Garmin\Express\SK\Express.resources.dll (70656 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (258286dcd63fff9699dd155db163c2f2) (Created)
C:\Program Files\Garmin\Express\SK\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (86394a57f7677dc774f0136117489425) (Created)
C:\Program Files\Garmin\Express\SL\Express.resources.dll (67584 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (8ce97736d65ad2cc9687b19b10e22eda) (Created)
C:\Program Files\Garmin\Express\SL\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (cfb82bd52609cf784ce546906ca1a499) (Created)
C:\Program Files\Garmin\Express\SV\Express.resources.dll (65536 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (97555b9e2be6f31d41bf2738f3a357fe) (Created)
C:\Program Files\Garmin\Express\SV\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (13824 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (b59b3e7dc060b3a71bc62dfe9fd90680) (Created)
C:\Program Files\Garmin\Express\TH\Express.resources.dll (110592 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (8b803e970f6dc20bfa87d17cc6781002) (Created)
C:\Program Files\Garmin\Express\TH\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (20992 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (9db54bc59a4baa240150e522176f727c) (Created)
C:\Program Files\Garmin\Express\TR\Express.resources.dll (68608 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (34675e9d9439efeb4ff0d53caf7d8095) (Created)
C:\Program Files\Garmin\Express\TR\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (14336 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (e8a9e2cae2f2d12a141947317eedefb2) (Created)
C:\Program Files\Garmin\Express\UK\Express.resources.dll (95744 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (15afc92aebfd9efe0b48f99e454ea9b7) (Created)
C:\Program Files\Garmin\Express\UK\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (18432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (1cdb94fe213e0c8de771cf9b38d223ed) (Created)
C:\Program Files\Garmin\Express\ZH-CN\Express.resources.dll (61952 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (28b50469a72ecc49b64138fb643488b2) (Created)
C:\Program Files\Garmin\Express\ZH-CN\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (18432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (1cdb94fe213e0c8de771cf9b38d223ed) (Created)
C:\Program Files\Garmin\Express\ZH-TW\Express.resources.dll (61952 bytes) (Garmin) (6/9/2014 12:46:58 PM) (--A-) (9fba24e8d8bcd35ee093e477764de6c0) (Created)
C:\Program Files\Garmin\Express\ZH-TW\Garmin.Cartography.MapUpdate.Client.Core.resources.dll (13312 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:52 PM) (--A-) (0365f15655237f8c2d720af29a939e69) (Created)
C:\Program Files\Garmin\Express Elevated Installer\ElevatedInstaller.exe (20824 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:06 PM) (--A-) (0c6fc92a99f0e388e01704c80b58917c) (Created)
C:\Program Files\Garmin\Express Elevated Installer\Garmin.Cartography.MapUpdate.CoreLibrary.dll (245760 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (d2d2c807a195bcd9f85ec01d7dddb860) (Created)
C:\Program Files\Garmin\Express Elevated Installer\Garmin.Cartography.MapUpdate.Device.DataTypes.dll (26112 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (7e9d198855068a3381cd003ad170e562) (Created)
C:\Program Files\Garmin\Express Elevated Installer\Garmin.Cartography.MapUpdate.GLib.dll (82432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (b65cd003d328c73a38178eea6c6d4dcb) (Created)
C:\Program Files\Garmin\Express Self Updater\esu.exe (24920 bytes) (Unknown) (6/9/2014 12:47:12 PM) (--A-) (946d38bf025ac5ce9125fa183c9a2223) (Modified)
C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe (24920 bytes) (Unknown) (6/9/2014 12:47:12 PM) (--A-) (946d38bf025ac5ce9125fa183c9a2223) (Created)
C:\Program Files\Garmin\Express Self Updater\Garmin.Cartography.MapUpdate.CoreLibrary.dll (245760 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (d2d2c807a195bcd9f85ec01d7dddb860) (Created)
C:\Program Files\Garmin\Express Self Updater\Garmin.Cartography.MapUpdate.Glib.dll (82432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (b65cd003d328c73a38178eea6c6d4dcb) (Created)
C:\Program Files\Garmin\Express Self Updater\Garmin.Cartography.Services.Rce.Core.Dto.dll (70144 bytes) (Unknown) (6/9/2014 12:45:42 PM) (--A-) (93e85900f1eb270606846158ae13004e) (Created)
C:\Program Files\Garmin\Express Self Updater\protobuf-net.dll (159232 bytes) (Unknown) (6/9/2014 12:45:42 PM) (--A-) (c5a169a35c7f0d503bb68f8b4a8ffbde) (Created)
C:\Program Files\Garmin\Express Tray\ExpressTray.exe (122200 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (f63374722a35813caf665c01388716b8) (Created)
C:\Program Files\Garmin\Express Tray\Garmin.Cartography.MapUpdate.CoreLibrary.dll (245760 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:38 PM) (--A-) (d2d2c807a195bcd9f85ec01d7dddb860) (Created)
C:\Program Files\Garmin\Express Tray\Garmin.Cartography.MapUpdate.Device.DataTypes.dll (26112 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (7e9d198855068a3381cd003ad170e562) (Created)
C:\Program Files\Garmin\Express Tray\Garmin.Cartography.MapUpdate.GLib.dll (82432 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:46:36 PM) (--A-) (b65cd003d328c73a38178eea6c6d4dcb) (Created)
C:\Program Files\Garmin\Express Tray\AR\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (862a7067b34beef3d2d61864c2f01dae) (Created)
C:\Program Files\Garmin\Express Tray\CS\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (7c14fbeebcc73618b03c9a40edc588bd) (Created)
C:\Program Files\Garmin\Express Tray\DA\ExpressTray.resources.dll (5632 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (9f653769dc72309d03377ec94247374f) (Created)
C:\Program Files\Garmin\Express Tray\DE\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (0bb6b5eaa09e8b17b86031630d7c341d) (Created)
C:\Program Files\Garmin\Express Tray\EL\ExpressTray.resources.dll (6656 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (e83d45efc4dea2c6e06d0fe669919288) (Created)
C:\Program Files\Garmin\Express Tray\ES\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (4a68b380fc760ec3b663d8e62672acde) (Created)
C:\Program Files\Garmin\Express Tray\FI\ExpressTray.resources.dll (5632 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (8e0210d8abd6ac369ae126a8fb40a309) (Created)
C:\Program Files\Garmin\Express Tray\FR\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (34400ca513aeb233b12b01cf452fe0ae) (Created)
C:\Program Files\Garmin\Express Tray\HE\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (02b9add961a2b01aeb54fec8aa2d2982) (Created)
C:\Program Files\Garmin\Express Tray\HR\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (8f7a1ec3922384b21615a40fe726166f) (Created)
C:\Program Files\Garmin\Express Tray\HU\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (56d028e26e8346bd67dbd656c0c21850) (Created)
C:\Program Files\Garmin\Express Tray\IT\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (da6e09087266b99f80d9a4890f120b00) (Created)
C:\Program Files\Garmin\Express Tray\JA\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (a257340874be6ecb498b7dc571ed8f97) (Created)
C:\Program Files\Garmin\Express Tray\KO\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (bcafe39518187d59832aeda3d348d3d5) (Created)
C:\Program Files\Garmin\Express Tray\NL\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (b653a7ba3619ee446dfa22b64837b2b8) (Created)
C:\Program Files\Garmin\Express Tray\NO\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (b8783eed4532fdb39d20e55d6780900f) (Created)
C:\Program Files\Garmin\Express Tray\PL\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (1e7f95b8ef312d405634c2bc673e2278) (Created)
C:\Program Files\Garmin\Express Tray\PT\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (fc368fe3e9d4c18f6298c8ae7d204756) (Created)
C:\Program Files\Garmin\Express Tray\PT-BR\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (5c0676f092402fd4ed76974c2691c513) (Created)
C:\Program Files\Garmin\Express Tray\RU\ExpressTray.resources.dll (6656 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (8d611721171e7fff8e779df1cfb1e250) (Created)
C:\Program Files\Garmin\Express Tray\SK\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (322e9a82fa502dda84400bf638571813) (Created)
C:\Program Files\Garmin\Express Tray\SL\ExpressTray.resources.dll (6144 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (5530c4f6a190c8ea645b32b588fc8848) (Created)
C:\Program Files\Garmin\Express Tray\SV\ExpressTray.resources.dll (5632 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (5c69ad2e6cc6d0c1c515768c2ee19a3a) (Created)
C:\Program Files\Garmin\Express Tray\TH\ExpressTray.resources.dll (6656 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (5dc3fb5875ccec8f316b6acc8d295760) (Created)
C:\Program Files\Garmin\Express Tray\TR\ExpressTray.resources.dll (5632 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (2abf8adaef8d1d7165aa40249db61b6c) (Created)
C:\Program Files\Garmin\Express Tray\UK\ExpressTray.resources.dll (6656 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (880372a09821b0d40c638afafa6830ee) (Created)
C:\Program Files\Garmin\Express Tray\ZH-CN\ExpressTray.resources.dll (5632 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:04 PM) (--A-) (e362ae6073bc3617c015534689e38432) (Created)
C:\Program Files\Garmin\Express Tray\ZH-TW\ExpressTray.resources.dll (5632 bytes) (Garmin Ltd or its subsidiaries) (6/9/2014 12:47:02 PM) (--A-) (948a2174fdb73b993a0527bff97bee99) (Created)
C:\Program Files\ImgBurn\uninstall.exe (74000 bytes) (LIGHTNING UK!) (6/14/2014 9:02:09 PM) (--A-) (91f3ea55eb6288132d811bf8bf112f96) (Created)
C:\Program Files\Internet Explorer\ExtExport.exe (22528 bytes) (Microsoft Corporation) (6/10/2014 10:11:12 PM) (--A-) (d14cba888ef2a88c28cb5e6396a295da) (Created)
C:\Program Files\Internet Explorer\iedvtool.dll (678912 bytes) (Microsoft Corporation) (6/10/2014 10:11:09 PM) (--A-) (0244b65289a33c8e7e5dcc00d7d14412) (Created)
C:\Program Files\Internet Explorer\ieinstal.exe (469504 bytes) (Microsoft Corporation) (6/10/2014 10:11:08 PM) (--A-) (054e45a74734cdbddefb503cbba0e0df) (Created)
C:\Program Files\Internet Explorer\ielowutil.exe (223232 bytes) (Microsoft Corporation) (6/10/2014 10:11:10 PM) (--A-) (77aeb4008a5e1015599a4dc6ae50c33b) (Created)
C:\Program Files\Internet Explorer\ieproxy.dll (194560 bytes) (Microsoft Corporation) (6/10/2014 10:11:12 PM) (--A-) (bacbf7365c3f62a762a6479c38da812a) (Created)
C:\Program Files\Internet Explorer\IEShims.dll (194560 bytes) (Microsoft Corporation) (6/10/2014 10:11:08 PM) (--A-) (4ecfaefadd69cf2dbbba1f55f8f73b59) (Created)
C:\Program Files\Internet Explorer\iexplore.exe (758000 bytes) (Microsoft Corporation) (6/10/2014 10:11:10 PM) (--A-) (7ba5b7dede25d44f3e664d5ba067e3cd) (Created)
C:\Program Files\Internet Explorer\jsdbgui.dll (387584 bytes) (Microsoft Corporation) (6/10/2014 10:11:11 PM) (--A-) (043a9e303d882f4537b838f547521556) (Created)
C:\Program Files\Internet Explorer\jsdebuggeride.dll (104448 bytes) (Microsoft Corporation) (6/10/2014 10:11:12 PM) (--A-) (cac19d7139281f163637426820640280) (Created)
C:\Program Files\Internet Explorer\sqmapi.dll (149744 bytes) (Microsoft Corporation) (6/10/2014 10:11:13 PM) (--A-) (b26b0d0c33772675d7dc1e99a75d69b5) (Created)
C:\Program Files\Java\jre7\bin\awt.dll (1174440 bytes) (Oracle Corporation) (6/14/2014 8:29:03 PM) (--A-) (31b365149665e966705aca035162fb12) (Created)
C:\Program Files\Java\jre7\bin\axbridge.dll (153000 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (ddb2f6552c053194eb6424e67fca2cde) (Created)
C:\Program Files\Java\jre7\bin\dcpr.dll (142248 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (82e546c3df73103c068170fb20aef975) (Created)
C:\Program Files\Java\jre7\bin\decora-sse.dll (62888 bytes) (Unknown) (6/14/2014 8:29:04 PM) (--A-) (39c8c175078a593c1947fd134709099f) (Created)
C:\Program Files\Java\jre7\bin\deploy.dll (374696 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (eee1603fdfb1e9fa9c08786f022b2151) (Created)
C:\Program Files\Java\jre7\bin\dt_shmem.dll (25512 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (080defeb2a6772f76f3514619bd500d6) (Created)
C:\Program Files\Java\jre7\bin\dt_socket.dll (21928 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (465e2c464476863fb0ed105125b82cb3) (Created)
C:\Program Files\Java\jre7\bin\fontmanager.dll (221608 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (89698673625d9e952185d5153e832e11) (Created)
C:\Program Files\Java\jre7\bin\fxplugins.dll (156584 bytes) (Unknown) (6/14/2014 8:29:04 PM) (--A-) (bfc4fb0c3271bb3812c4724080bed138) (Created)
C:\Program Files\Java\jre7\bin\glass.dll (159656 bytes) (Unknown) (6/14/2014 8:29:04 PM) (--A-) (eb6f67bf88fa4a2f39d3ee2be3cf4a77) (Created)
C:\Program Files\Java\jre7\bin\glib-lite.dll (408488 bytes) (Unknown) (6/14/2014 8:29:04 PM) (--A-) (1f8273463cdbadbd64f720bd76586874) (Created)
C:\Program Files\Java\jre7\bin\gstreamer-lite.dll (505768 bytes) (Unknown) (6/14/2014 8:29:04 PM) (--A-) (29195d88aedcdbf7cc2e2c00f095929b) (Created)
C:\Program Files\Java\jre7\bin\hprof.dll (132520 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (94a71b6258bf9f50392c662d25d8fd60) (Created)
C:\Program Files\Java\jre7\bin\installer.dll (207776 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (b5cdfca0e0948ba5718e27cf6a54a70e) (Created)
C:\Program Files\Java\jre7\bin\instrument.dll (115112 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (71706c82a18c310f9210cfc3837a0576) (Created)
C:\Program Files\Java\jre7\bin\j2pcsc.dll (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (f83a056b5ab399cbecf30614a917026b) (Created)
C:\Program Files\Java\jre7\bin\j2pkcs11.dll (51112 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (bc8d3bcb2bc057afd804110f88a29cad) (Created)
C:\Program Files\Java\jre7\bin\jaas_nt.dll (19880 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (96952e6fbbc52392b9a28d97004a258f) (Created)
C:\Program Files\Java\jre7\bin\jabswitch.exe (48040 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (07643c3af27179144c9800af0819de75) (Created)
C:\Program Files\Java\jre7\bin\java-rmi.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (96777405ab93af8fcf6c9b6f5c3f1e51) (Created)
C:\Program Files\Java\jre7\bin\java.dll (119720 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (82312df735ab5896bed807bbc784d0ef) (Created)
C:\Program Files\Java\jre7\bin\java.exe (175528 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (2251971694e17bac4e344dc2b7cd7add) (Created)
C:\Program Files\Java\jre7\bin\JavaAccessBridge.dll (125352 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (eddb9de3e7718bb71b1f51bd98e0ea45) (Created)
C:\Program Files\Java\jre7\bin\javacpl.exe (68008 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (82517de5984f3ea3a49e0b5c8825da63) (Created)
C:\Program Files\Java\jre7\bin\javafx-font.dll (243112 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (1c96b78612ae4b8399859afe436534ba) (Created)
C:\Program Files\Java\jre7\bin\javafx-iio.dll (188328 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (d8612608dc40dcef1686304ea67f4f25) (Created)
C:\Program Files\Java\jre7\bin\javaw.exe (175528 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (ecb3ab701d6e26f5e54c58957e34e719) (Created)
C:\Program Files\Java\jre7\bin\javaws.exe (264616 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (cee4c9e092168cebd187491af6fda8fb) (Created)
C:\Program Files\Java\jre7\bin\java_crw_demo.dll (23976 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (80b9b5e8168808a7771904d6f9736939) (Created)
C:\Program Files\Java\jre7\bin\jawt.dll (14248 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (564d3e10d756b8a605f7a47073860d63) (Created)
C:\Program Files\Java\jre7\bin\JAWTAccessBridge.dll (15272 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (d5da0ff5665c317d1d152eb60fb42358) (Created)
C:\Program Files\Java\jre7\bin\JdbcOdbc.dll (45992 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (bc521fa803a01a3b8e0f24f9555bb1fb) (Created)
C:\Program Files\Java\jre7\bin\jdwp.dll (165288 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (a230cd22f016d9aa5ed9db764894e088) (Created)
C:\Program Files\Java\jre7\bin\jfr.dll (20392 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (6fa9b312b09fdfa67c5c85af235c2918) (Created)
C:\Program Files\Java\jre7\bin\jfxmedia.dll (110504 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (eb373c18d4b80c7caa0cb833cfe21cdf) (Created)
C:\Program Files\Java\jre7\bin\jli.dll (142760 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (ff824515a97f5d7aa853b23891aeb2e9) (Created)
C:\Program Files\Java\jre7\bin\jp2iexp.dll (202152 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (b6caa7842cd90f44c7ab076b1c88a66b) (Created)
C:\Program Files\Java\jre7\bin\jp2launcher.exe (52648 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (1efc992ca271e6d40034fbe7bcedb724) (Created)
C:\Program Files\Java\jre7\bin\jp2native.dll (18856 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (4badc60c2d6ad780287f98ee5d364c7a) (Created)
C:\Program Files\Java\jre7\bin\jp2ssv.dll (171944 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (1a9f3a631b5180d21020c885f9f82d07) (Created)
C:\Program Files\Java\jre7\bin\jpeg.dll (145832 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (66342f1fae4f8e366531938ec6c8a232) (Created)
C:\Program Files\Java\jre7\bin\jpicom.dll (93608 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (23671abfedcce437179169c22c1e3f00) (Created)
C:\Program Files\Java\jre7\bin\jpiexp.dll (156072 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (3bb8e236ac8acffed50bc6a44c9435be) (Created)
C:\Program Files\Java\jre7\bin\jpinscp.dll (103848 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (ff18ca668862f141f15c0b7f58159ed1) (Created)
C:\Program Files\Java\jre7\bin\jpioji.dll (69032 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (f4132e769bd22b14ab81050bde8a705f) (Created)
C:\Program Files\Java\jre7\bin\jpishare.dll (142248 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (d081fbf7ec25535018b16f2ee8a87bc4) (Created)
C:\Program Files\Java\jre7\bin\jqs.exe (182696 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (e87885a59fdc241b6575943a75e495d9) (Created)
C:\Program Files\Java\jre7\bin\jsdt.dll (16808 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (f5250c58e8c1d670b5d16b29406808f4) (Created)
C:\Program Files\Java\jre7\bin\jsound.dll (30632 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (47949ee5be1665023e870ed202f75cd0) (Created)
C:\Program Files\Java\jre7\bin\jsoundds.dll (27560 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (575e28aa36cf31b579f4deecf68afd25) (Created)
C:\Program Files\Java\jre7\bin\kcms.dll (178088 bytes) (Eastman Kodak Company) (6/14/2014 8:29:05 PM) (--A-) (0e6542e1011a9ca95a7e8a94783fc1e8) (Created)
C:\Program Files\Java\jre7\bin\keytool.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (e2c8f178a57d011518785cf75044cd69) (Created)
C:\Program Files\Java\jre7\bin\kinit.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (62ca7aba57a4fcdb3844f73a156bae26) (Created)
C:\Program Files\Java\jre7\bin\klist.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (aea4e94fc2a2f88fa5ec7fb6bc349e1b) (Created)
C:\Program Files\Java\jre7\bin\ktab.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (235a2e87c34995f1837283fe76cd2e46) (Created)
C:\Program Files\Java\jre7\bin\libxml2.dll (504232 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (6c1e28f08885d08ad88202024b320d12) (Created)
C:\Program Files\Java\jre7\bin\libxslt.dll (164776 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (aba6c197aef40f6e116447e161c79af2) (Created)
C:\Program Files\Java\jre7\bin\management.dll (31656 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (43367482a091124f4b905e45b602414e) (Created)
C:\Program Files\Java\jre7\bin\mlib_image.dll (573864 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (e7932ef5773648ae717c55103aff44df) (Created)
C:\Program Files\Java\jre7\bin\msvcr100.dll (773968 bytes) (Microsoft Corporation) (6/14/2014 8:29:05 PM) (--A-) (bf38660a9125935658cfa3e53fdc7d65) (Created)
C:\Program Files\Java\jre7\bin\net.dll (75688 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (1c0d269e3aba99c6b986736d92157ddf) (Created)
C:\Program Files\Java\jre7\bin\nio.dll (50088 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (3d6926234dc39e76d0559e19ee3caa92) (Created)
C:\Program Files\Java\jre7\bin\npjpi170_60.dll (223144 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (4e06ef3cb8ea629b786f9cea0957e96e) (Created)
C:\Program Files\Java\jre7\bin\npoji610.dll (220584 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (296c5f8ba896a49c4a2ce0e11fa6d018) (Created)
C:\Program Files\Java\jre7\bin\npt.dll (17832 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (e7c7678195aeccbf85fdaf7ff6f74d8b) (Created)
C:\Program Files\Java\jre7\bin\orbd.exe (16808 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (f9de7324bdf83f5afe174354f47c2ae0) (Created)
C:\Program Files\Java\jre7\bin\pack200.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (8140dcc3064ba8adc407d956be19d764) (Created)
C:\Program Files\Java\jre7\bin\policytool.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (3002e7e937fcb8985320aa807e762845) (Created)
C:\Program Files\Java\jre7\bin\prism-d3d.dll (44968 bytes) (Unknown) (6/14/2014 8:29:05 PM) (--A-) (3aaa51814488d001f5cfac981753a66e) (Created)
C:\Program Files\Java\jre7\bin\rmid.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (e0fe8b7be802f8c4a71317ac35e44b00) (Created)
C:\Program Files\Java\jre7\bin\rmiregistry.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (b5c9699aa60f74f144db5a566f6e58f8) (Created)
C:\Program Files\Java\jre7\bin\servertool.exe (16296 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (84fb0ec0581c996f445433bd2379a5cc) (Created)
C:\Program Files\Java\jre7\bin\splashscreen.dll (196520 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (d10bf1c1defc83c2d2e9d4c4fbe2f2b3) (Created)
C:\Program Files\Java\jre7\bin\ssv.dll (462760 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (a2ee57eff61ae2d6bda7e83090d170d0) (Created)
C:\Program Files\Java\jre7\bin\ssvagent.exe (49576 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (0595b07f96e4f48784a4b772b887ad68) (Created)
C:\Program Files\Java\jre7\bin\sunec.dll (123816 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (66bb10bcc0a1a24025a8c241a6022c67) (Created)
C:\Program Files\Java\jre7\bin\sunmscapi.dll (25512 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (f7c50cf70711392628f1b28aad488133) (Created)
C:\Program Files\Java\jre7\bin\t2k.dll (192936 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (f072c266b7782ecccf5d510292b0ef87) (Created)
C:\Program Files\Java\jre7\bin\tnameserv.exe (16808 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (3427c247afec295cd4a20b53ee445f23) (Created)
C:\Program Files\Java\jre7\bin\unpack.dll (57768 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (7098d8b7c42e3a1d632cdb5f7912dee4) (Created)
C:\Program Files\Java\jre7\bin\unpack200.exe (145832 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (c7c5ff4b0e83702efbc0c886d87e9743) (Created)
C:\Program Files\Java\jre7\bin\verify.dll (39848 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (96259295c6939affc49ef494d99c089b) (Created)
C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll (21416 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (2b0ae756053d9351c26ee4a19c2f5cd8) (Created)
C:\Program Files\Java\jre7\bin\WindowsAccessBridge.dll (96680 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (b1799ee2c6b8435e7227844c5fc08bcc) (Created)
C:\Program Files\Java\jre7\bin\wsdetect.dll (163240 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (891c10c1f203a89af8958e0a9f855862) (Created)
C:\Program Files\Java\jre7\bin\zip.dll (66984 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (cd45747240b888ac6cc0a28f19bf5044) (Created)
C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll (802728 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (3c03a6289b7e2723099fe1cd9574c4bb) (Created)
C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll (880040 bytes) (Oracle Corporation) (6/14/2014 8:29:04 PM) (--A-) (7bf7103176dbfc80a31e275f7ed7918c) (Created)
C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll (773968 bytes) (Microsoft Corporation) (6/14/2014 8:29:05 PM) (--A-) (bf38660a9125935658cfa3e53fdc7d65) (Created)
C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (164776 bytes) (Oracle Corporation) (6/14/2014 8:29:05 PM) (--A-) (6897943e58d779d1c7cb74191931b1d5) (Created)
C:\Program Files\Malwarebytes Anti-Malware\7z.dll (920888 bytes) (Igor Pavlov) (6/14/2014 7:32:09 PM) (--A-) (9f522b2708cab181c0f137abbcd1de2e) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbam.dll (579896 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:04 PM) (--A-) (d32c2a98859cb22d57a665f15f351e7d) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbamcore.dll (1680696 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:04 PM) (--A-) (f722fa26739eafcbd8d5f3829b632cd7) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbamdor.exe (54072 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:05 PM) (--A-) (4da2f2da54a92850f56c0db712058188) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll (157496 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:02 PM) (--A-) (1be09650974c36d9b2a890eea0c338c3) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbampt.exe (39736 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:05 PM) (--A-) (9acd7583584c93ee542c273df8e91dc1) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (1809720 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:05 PM) (--A-) (d84aea3f3329d622dfc1297dddf6163b) (Created)
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (860472 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:05 PM) (--A-) (4f45ed469906494f9bf754e476390dbd) (Created)
C:\Program Files\Malwarebytes Anti-Malware\msvcp100.dll (421688 bytes) (Microsoft Corporation) (6/14/2014 7:32:09 PM) (--A-) (e4b829081e639e42985853bae754a53d) (Created)
C:\Program Files\Malwarebytes Anti-Malware\msvcr100.dll (774456 bytes) (Microsoft Corporation) (6/14/2014 7:32:10 PM) (--A-) (80fcedbe920e9cbe30d9d3665bd6efed) (Created)
C:\Program Files\Malwarebytes Anti-Malware\QtCore4.dll (2732856 bytes) (Digia Plc and/or its subsidiary(-ies)) (6/14/2014 7:32:10 PM) (--A-) (30490eed6a1e20e8259c0b9c58f488fe) (Created)
C:\Program Files\Malwarebytes Anti-Malware\QtNetwork4.dll (909112 bytes) (Digia Plc and/or its subsidiary(-ies)) (6/14/2014 7:32:10 PM) (--A-) (d7588d42e29080c32a003bee465160d8) (Created)
C:\Program Files\Malwarebytes Anti-Malware\unins000.exe (718037 bytes) (Unknown) (6/14/2014 7:32:02 PM) (--A-) (d2796ecf50731e696f0c065d24c0827a) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.com (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.pif (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.scr (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.com (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:14 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.pif (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.scr (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-killer.exe (1181496 bytes) (Unknown) (6/14/2014 7:32:11 PM) (--A-) (c6927fd8f7e9105b64db5d5a08b53731) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\rundll32.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\windows.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe (750392 bytes) (MalwareBytes) (6/14/2014 7:32:15 PM) (--A-) (09882e8edd1144e6ef1af6d1f98305ee) (Created)
C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll (32568 bytes) (Digia Plc and/or its subsidiary(-ies)) (6/14/2014 7:32:09 PM) (--A-) (e59f533c26c8375cd120b4791482217e) (Created)
C:\Program Files\Malwarebytes Anti-Malware\Plugins\fixdamage.exe (821560 bytes) (Malwarebytes Corporation) (6/14/2014 7:32:06 PM) (--A-) (3a4dcd021d9f3a5305a22e5e309da305) (Created)

 

[maddmaverick]

pg 3 of hijack hunter log

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (6/15/2014 1:18:54 PM) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c) (Created)
C:\Program Files\NoVirusThanks\Hijack Hunter\nhdrv.sys (4608 bytes) (NoVirusThanks Company Srl) (6/15/2014 1:18:54 PM) (--A-) (8f40312ac7b0f3d0246fe52105e4f1d7) (Created)
C:\Program Files\NoVirusThanks\Hijack Hunter\unins000.exe (707354 bytes) (Unknown) (6/15/2014 1:18:54 PM) (--A-) (eecf7fe501b410aa3733bb0b23ab678a) (Created)
C:\Program Files\Spybot - Search & Destroy 2\blindman.exe (133072 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:11 PM) (--A-) (226d10c91ead15b7accff316e37e8a33) (Created)
C:\Program Files\Spybot - Search & Destroy 2\borlndmm.dll (36088 bytes) (Borland Software Corporation) (6/12/2014 6:29:59 PM) (--A-) (88f54314e76eda9f6d1d9d6c40e36636) (Created)
C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl (416600 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (adbdf381754191b3be14ea7771acd29b) (Created)
C:\Program Files\Spybot - Search & Destroy 2\DelZip190.dll (322960 bytes) (DelphiZip) (6/12/2014 6:29:59 PM) (--A-) (bf12fbecc08de2a379d2584d238345c8) (Created)
C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl (531288 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (19bf5baf635b5d0bedd9a9034369a287) (Created)
C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll (1112408 bytes) (The OpenSSL Project, http://www.openssl.org/) (6/12/2014 6:29:58 PM) (--A-) (b009d6171147be129636a49c4178e487) (Created)
C:\Program Files\Spybot - Search & Destroy 2\libssl32.dll (244624 bytes) (The OpenSSL Project, http://www.openssl.org/) (6/12/2014 6:29:58 PM) (--A-) (a0bca2fdfe9c603924325b6a13d1a86f) (Created)
C:\Program Files\Spybot - Search & Destroy 2\NotificationSpreader.dll (2972112 bytes) (Unknown) (6/12/2014 6:29:57 PM) (--A-) (0bb5a2fcd72f1a6f7753f0f7973a9f96) (Created)
C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl (2169224 bytes) (Embarcadero Technologies, Inc.) (6/12/2014 6:29:58 PM) (--A-) (4c867b62f6100c107a3a8f5e7a10461d) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll (1075184 bytes) (Safer-Networking Ltd.) (6/12/2014 6:29:56 PM) (--A-) (cc482978d7f0655bee5b910e219a6106) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDAV.dll (12240 bytes) (Unknown) (6/12/2014 6:29:57 PM) (--A-) (612c9c28a2b577d8aac916e73e1f68ec) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll (212464 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:08 PM) (--A-) (02190a696b40191fad7a863e49e895aa) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDEvents.dll (12256 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:11 PM) (--A-) (b95d443e86c89dfc8a4d3fe6e184f02d) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDFileScanHelper.exe (221216 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:01 PM) (--A-) (e3399927c23e8b35b550b09602411310) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll (728552 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:01 PM) (--A-) (91a7d4b3cce541505f783707e4ff2e13) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (1738200 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:01 PM) (--A-) (11d94599270aa1603f75cb5acbbd266f) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDHook32.dll (292544 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:11 PM) (--A-) (9393a174f440ee1b43e73823647c023b) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys (46336 bytes) (Unknown) (6/12/2014 6:30:12 PM) (--A-) (77b6853f0bdae72c9d2d504e85c89e7e) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDHookHelper.exe (127152 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:12 PM) (--A-) (46027885d6c6183ad8487082de6f34cd) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDHookInst32.exe (250760 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:12 PM) (--A-) (159b659b77452d87ce9e6371ab25a2ec) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll (772576 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:02 PM) (--A-) (66c5ca4b6030cde4987d743901fd35a6) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll (617432 bytes) (Safer-Networking Ltd.) (6/12/2014 6:29:57 PM) (--A-) (2d5871ba7e1f5c044e35d3934f273429) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDLists.dll (339416 bytes) (Safer-Networking Ltd.) (6/12/2014 6:29:56 PM) (--A-) (0740d38a057081d172a5e155468d6f74) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDPESetup.exe (224208 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:04 PM) (--A-) (40a043f1f2da0fad8d16412485a95258) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDScanLibrary.dll (1933288 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:01 PM) (--A-) (6852df940bbd39de4afebc0aada35e47) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDTasks.dll (1626088 bytes) (Safer-Networking Ltd.) (6/12/2014 6:29:52 PM) (--A-) (19425fef8f88d205c2e9005818509954) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (2081752 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:05 PM) (--A-) (d91d8344e73283999777083bf17d54e2) (Created)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (171928 bytes) (Safer-Networking Ltd.) (6/12/2014 6:30:12 PM) (--A-) (9b9b368a8ff5caf91d7a333cf62cd2cc) (Created)
C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl (896976 bytes) (Safer-Networking Ltd.) (6/12/2014 6:29:59 PM) (--A-) (c484bd3b4ec3b038440832ff1fd85645) (Created)
C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl (167768 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (1a188c66e4c52ba5b8a9a5f24ffa2e02) (Created)
C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl (109400 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (072283ef1720e1f9694357f6e9673898) (Created)
C:\Program Files\Spybot - Search & Destroy 2\spybotsd2-install-bdcore-update.exe (578056 bytes) (Safer-Networking Ltd.) (6/12/2014 6:31:38 PM) (--A-) (f10dc0556bdf4af01e76a54980c871cf) (Created)
C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll (574840 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (14361fb2fd630988816a4f46aeaf0684) (Created)
C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll (244624 bytes) (The OpenSSL Project, http://www.openssl.org/) (6/12/2014 6:29:58 PM) (--A-) (d21ab32f16e8de67d45e5a383b5e52ba) (Created)
C:\Program Files\Spybot - Search & Destroy 2\Tools.dll (624088 bytes) (Safer-Networking Ltd.) (6/12/2014 6:29:57 PM) (--A-) (11213c6b011a3a4a0969c8e4c3271d2c) (Created)
C:\Program Files\Spybot - Search & Destroy 2\unins000.exe (1273648 bytes) (Unknown) (6/12/2014 6:29:52 PM) (--A-) (9230c5077687d79d7e858eaa6d68b5ad) (Created)
C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl (2477736 bytes) (Embarcadero Technologies, Inc.) (6/12/2014 6:29:58 PM) (--A-) (d9af104f7e21fa859efa3c67e5522e88) (Created)
C:\Program Files\Spybot - Search & Destroy 2\vclie150.bpl (715720 bytes) (Embarcadero Technologies, Inc.) (6/12/2014 6:29:58 PM) (--A-) (aeb9dd47b76075b05e27874384544f39) (Created)
C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl (329120 bytes) (Embarcadero Technologies, Inc.) (6/12/2014 6:29:58 PM) (--A-) (4aa01bd5cc7da9888af33c5fab5bf1dd) (Created)
C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl (243112 bytes) (Embarcadero Technologies, Inc.) (6/12/2014 6:29:58 PM) (--A-) (5422cb64444c33f029483552a8face37) (Created)
C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl (554400 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (8f220dcb4aa4b2a12ece5b87c701170d) (Created)
C:\Program Files\Spybot - Search & Destroy 2\xcacls.exe (91648 bytes) (Unknown) (6/12/2014 6:29:52 PM) (--A-) (98f2272a7d1ba8e3155fbea167bcc613) (Created)
C:\Program Files\Spybot - Search & Destroy 2\ZMstr190DXE.bpl (410496 bytes) (DelphiZip) (6/12/2014 6:29:59 PM) (--A-) (4f5e98282ed74fae959c00e860e986ae) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\avxdisk.dll (56224 bytes) (BitDefender) (6/12/2014 6:29:59 PM) (--A-) (adf9f919e10832746ed516230420f749) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\bdcore.dll (116152 bytes) (Bitdefender) (6/12/2014 6:29:59 PM) (--A-) (4ceb44ae133f1628917e3385905b88d7) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\bdcore.dll.upd (116152 bytes) (Bitdefender) (6/12/2014 6:34:42 PM) (--A-) (4ceb44ae133f1628917e3385905b88d7) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\bdquar.dll (593968 bytes) (BitDefender) (6/12/2014 6:29:59 PM) (--A-) (25d23e5a5a627cc718e478b66ad8aff7) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll (565640 bytes) (Unknown) (6/12/2014 6:29:59 PM) (--A-) (b608ba52fa1fd29bf81b718818246b4d) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\BDUpdateServiceCom.dll (1162016 bytes) (BitDefender) (6/12/2014 6:29:59 PM) (--A-) (ad3b4fc6b424c75aac5d15f50cf170d1) (Created)
C:\Program Files\Spybot - Search & Destroy 2\av\scan.dll (356984 bytes) (BitDefender) (6/12/2014 6:30:00 PM) (--A-) (9b375bb63f99b113c065a5db4e632e23) (Created)
C:\Program Files\Spybot - Search & Destroy 2\Updates\Extracts\SDDisableProxy.exe (17392 bytes) (Unknown) (6/12/2014 6:31:29 PM) (--A-) (0c68c4b59cef048adadca4fc4ea6991a) (Created)
C:\Program Files\Spybot - Search & Destroy 2\Updates\Extracts\spybotsd2-install-bdcore-update.exe (578056 bytes) (Safer-Networking Ltd.) (6/12/2014 6:31:35 PM) (--A-) (f10dc0556bdf4af01e76a54980c871cf) (Created)
C:\Program Files\Spybot - Search & Destroy 2\Updates\Extracts\spybotsd2-translation-frx.exe (254064 bytes) (Unknown) (6/12/2014 6:31:42 PM) (--A-) (fee1c90af84e759cbbe45c0fa9b63012) (Created)
C:\Users\maverick\AppData\Local\Temp\Set5F6F.tmp (171568 bytes) (InstallShield Software Corporation) (6/14/2014 9:21:49 PM) (--A-) (97ca2704abad6c28fac5d60f82613f29) (Created)
C:\Users\maverick\AppData\Local\Temp\SetE1C8.tmp (171568 bytes) (InstallShield Software Corporation) (6/14/2014 9:21:16 PM) (--A-) (97ca2704abad6c28fac5d60f82613f29) (Created)
C:\Users\maverick\AppData\Local\Temp\_iu14D2N.tmp (696200 bytes) (Unknown) (6/13/2014 3:59:17 PM) (----) (0ba1acfee0532249412f53ee6374ee93) (Created)
C:\Users\maverick\AppData\Local\Temp\_av4_\aswCmnB.dll (131072 bytes) (ALWIL Software) (6/13/2014 7:39:42 PM) (--A-) (99f500385cb4dff826f0a9058bee2c98) (Created)
C:\Users\maverick\AppData\Local\Temp\_av4_\aswCmnOS.dll (81920 bytes) (ALWIL Software) (6/13/2014 7:39:43 PM) (--A-) (01033eda5f63e4ba48c25099ce9d6bdd) (Created)
C:\Users\maverick\AppData\Local\Temp\_av4_\aswCmnS.dll (192512 bytes) (ALWIL Software) (6/13/2014 7:39:43 PM) (--A-) (13eeb998a123530809bfbc16a6be580e) (Created)
C:\Users\maverick\AppData\Local\Temp\_av4_\aswEngin.dll (1228800 bytes) (ALWIL Software) (6/13/2014 7:39:43 PM) (--A-) (6b198f82d25a06e2e402385038e6785b) (Created)
C:\Users\maverick\AppData\Local\Temp\_av4_\aswScan.dll (86016 bytes) (ALWIL Software) (6/13/2014 7:39:43 PM) (--A-) (088022e7418526c11831394502a6e5bd) (Created)

[+] Hidden files in suspicious folders


[+] Suspicious Registry Keys


[+] Suspicious folders


[+] Drivers

C:\Windows\system32\drivers\crcdisk.sys (crcdisk) (Crcdisk Filter Driver) (Microsoft Corporation) (741e9dff4f42d2d8477d0fc1dc0df871)
C:\Windows\system32\drivers\dc3d.sys (dc3d) (MS Hardware Device Detection Driver (USB)) (Microsoft Corporation) (90f8539fa0de4aafe4fdbe7f95d6a512)
C:\Windows\system32\drivers\dvd43llh.sys (dvd43llh) (dvd43llh) (RIF) (1fc1eed3ea0c3a0ecf8a95b97e1b4831)
C:\Windows\system32\drivers\hsx_dp.sys (HSF_DP) (HSF_DP) (Conexant Systems, Inc.) (617732f6c0f86df3757b1d39211c15e5)
C:\Windows\system32\drivers\hsxhwbs3.sys (HSXHWBS3) (HSXHWBS3) (Conexant Systems, Inc.) (b1322e002bc4a556f83e4edde8e2f30f)
C:\Windows\system32\drivers\igdkmd32.sys (igfx) (igfx) (Intel Corporation) (a9221d13d8f1f772010ee293ba9baeb7)
C:\Windows\system32\drivers\rtkvhda.sys (IntcAzAudAddService) (Service for Realtek HD Audio (WDM)) (Realtek Semiconductor Corp.) (3914ea9111dbeffaf1c68200817768ad)
C:\Windows\system32\drivers\intelide.sys (intelide) (intelide) (Microsoft Corporation) (83aa759f3189e6370c30de5dc5590718)
C:\Windows\system32\drivers\intelppm.sys (intelppm) (Intel Processor Driver) (Microsoft Corporation) (224191001e78c89dfa78924c3ea595ff)
c:\windows\system32\drivers\mbam.sys (MBAMProtector) (MBAMProtector) (Malwarebytes Corporation) (8683c1b450f4b3872839308d836e0f92)
c:\windows\system32\drivers\mwac.sys (MBAMWebAccessControl) (MBAMWebAccessControl) (Malwarebytes Corporation) (799613ba73d25641402aa81b6403eff8)
C:\Windows\system32\drivers\mdmxsdk.sys (mdmxsdk) (mdmxsdk) (Conexant) (0cea2d0d3fa284b85ed5b68365114f76)
C:\Windows\system32\drivers\nuidfltr.sys (NuidFltr) (NUID filter driver) (Microsoft Corporation) (37be10ff10a92031fc5a01e8363925cc)
C:\Windows\system32\drivers\point32.sys (Point32) (Microsoft IntelliPoint Filter Driver) (Microsoft Corporation) (896d916de06f5502d301e8c4dc442ae8)
C:\Windows\system32\drivers\rtlh86.sys (RTL8169) (Realtek 8169 NT Driver) (Realtek) (2d19a7469ea19993d0c12e627f4530bc)
c:\program files\spybot - search & destroy 2\sdhookdrv32.sys (SDHookDriver) (Hook Test Driver) (Unknown) (77b6853f0bdae72c9d2d504e85c89e7e)
C:\Windows\system32\drivers\swenum.sys (swenum) (Software Bus Driver) (Microsoft Corporation) (7ba58ecf0c0a9a69d44b3dca62becf56)
c:\program files\tuneup utilities 2013\tuneuputilitiesdriver32.sys (TuneUpUtilitiesDrv) (TuneUpUtilitiesDrv) (TuneUp Software) (94c4cd2d19b8c4137a46261f229fec24)
C:\Windows\system32\drivers\hsx_cnxt.sys (winachsf) (winachsf) (Conexant Systems, Inc.) (f1265727c078406299ff4b3b033e3132)
C:\Windows\system32\drivers\xaudio.sys (XAudio) (XAudio) (Conexant Systems, Inc.) (dab33cfa9dd24251aaa389ff36b64d4b)
c:\windows\system32\drivers\mbamswissarmy.sys (MBAMSwissArmy) (MBAMSwissArmy) (Malwarebytes Corporation) (12e71da845d76665b56753ad149e32b3)

[+] Drivers -> FSFilter Anti-Virus

Driver Name: MBAMProtector
Driver File: \??\C:\Windows\system32\drivers\mbam.sys
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector


[+] Services

c:\program files\common files\adobe\arm\1.0\armsvc.exe (AdobeARMservice) (Adobe Acrobat Update Service) (Adobe Systems Incorporated) (b362181ed3771dc03b4141927c80f801)
c:\windows\system32\atashost.exe (atashost) (WebEx Service Host for Support Center) (Cisco WebEx LLC) (e77ccb62d96a218d62dd4b3b8a385395)
c:\program files\bonjour\mdnsresponder.exe (Bonjour Service) (Bonjour Service) (Apple Inc.) (5ab58c337ac65837fe404462ad6265ab)
c:\program files\hewlett-packard\hp health check\hphc_service.exe (HP Health Check Service) (HP Health Check Service) (Hewlett-Packard) (a3a30438c48d2d71556e120c9c7ba7a0)
c:\program files\malwarebytes anti-malware\mbamscheduler.exe (MBAMScheduler) (MBAMScheduler) (Malwarebytes Corporation) (d84aea3f3329d622dfc1297dddf6163b)
c:\program files\malwarebytes anti-malware\mbamservice.exe (MBAMService) (MBAMService) (Malwarebytes Corporation) (4f45ed469906494f9bf754e476390dbd)
c:\program files\spybot - search & destroy 2\sdfssvc.exe (SDScannerService) (Spybot-S&D 2 Scanner Service) (Safer-Networking Ltd.) (11d94599270aa1603f75cb5acbbd266f)
c:\program files\spybot - search & destroy 2\sdupdsvc.exe (SDUpdateService) (Spybot-S&D 2 Updating Service) (Safer-Networking Ltd.) (d91d8344e73283999777083bf17d54e2)
c:\program files\spybot - search & destroy 2\sdwscsvc.exe (SDWSCService) (Spybot-S&D 2 Security Center Service) (Safer-Networking Ltd.) (9b9b368a8ff5caf91d7a333cf62cd2cc)
c:\program files\tuneup utilities 2013\tuneuputilitiesservice32.exe (TuneUp.UtilitiesSvc) (TuneUp Utilities Service) (TuneUp Software) (084e60950b0b13f5b078dee75b1046ef)
c:\program files\common files\microsoft shared\windows live\wlidsvc.exe (wlidsvc) (Windows Live ID Sign-in Assistant) (Microsoft Corp.) (0a70f4022ec2e14c159efc4f69aa2477)
c:\windows\system32\drivers\xaudio.exe (XAudioService) (XAudioService) (Conexant Systems, Inc.) (cd5f291a1161f15896d1a4d63daff5df)

[+] ServiceDll


[+] Unknown files in Winsock LSP

Value: LibraryPath
Data: C:\Program Files\Bonjour\mdnsNSP.dll
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008

Value: LibraryPath
Data: C:\Program Files\Bonjour\mdnsNSP.dll
Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008

Value: LibraryPath
Data: C:\Program Files\Bonjour\mdnsNSP.dll
Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008


[+] Unknown files in CLSID

C:\Windows\system32\RtkApoApi.dll (326176 bytes) (Realtek Semiconductor Corp.) (8/4/2009 9:17:16 AM) (--A-) (531daac4c55271cb3c6c9a7cc5f13e3f)
C:\Windows\system32\OGACheckControl.dll (403816 bytes) (Unknown) (8/3/2009 3:07:42 PM) (--A-) (10c03f5479e6bd73c9cb3dfde9fa4c2e)
C:\Windows\system32\FMAPO.dll (266240 bytes) (Fortemedia Corporation) (7/21/2009 2:01:22 PM) (--A-) (dbcb0d820534ff5e5a8738a2125304c0)
C:\Windows\system32\RtkPgExt.dll (1265696 bytes) (Realtek Semiconductor Corp.) (8/4/2009 9:17:32 AM) (--A-) (e157bc709660f505eaa06fb3cfe68159)
C:\Windows\system32\AERTACap.dll (142848 bytes) (Andrea Electronics Corporation) (4/16/2009 2:14:58 AM) (--A-) (c8d30ea2e09eb35b2741ca2f7a93249e)
C:\Windows\system32\kodak\kds_aio5000\EKWiaImg.dll (17920 bytes) (Unknown) (6/10/2010 5:44:44 PM) (--A-) (7838496e2685bab20ef5dcefe16d1876)
C:\Windows\system32\dnssdX.dll (197920 bytes) (Apple Inc.) (5/18/2010 4:35:16 PM) (--A-) (c56def9f6b902689de8c52add0ba03d2)
C:\Windows\system32\IGFXEXPS.DLL (23552 bytes) (Intel Corporation) (2/26/2009 7:04:34 PM) (--A-) (c8cca27f2aacc1168b72af6173710ea5)
C:\Windows\system32\AERTARen.dll (125952 bytes) (Andrea Electronics Corporation) (3/31/2009 6:07:12 AM) (--A-) (6dfb7fb4bf8bc0efbd2786261e732888)
C:\Windows\system32\igfxpph.dll (200192 bytes) (Intel Corporation) (2/26/2009 7:04:42 PM) (--A-) (e9b04acfb9c7f93483db3a17c60241c3)
C:\Windows\system32\SRSTSXT.dll (339968 bytes) (SRS Labs, Inc.) (8/8/2008 3:04:36 AM) (--A-) (e5639080a7ffa5f03642f4d4cdb1e9ce)
C:\Windows\system32\igfxdo.dll (130048 bytes) (Intel Corporation) (2/26/2009 7:04:02 PM) (--A-) (8690ca2fd953e5afe2156a4c7ea007d2)
C:\Windows\system32\RTCOM\RTCOMDLL.dll (1038880 bytes) (Realtek Semiconductor Corp.) (8/8/2008 3:04:36 AM) (--A-) (d5c2c983d1a1b00a183b2969fd3cc260)
C:\Windows\system32\kodak\kds_aio5000\EKAiOWia2Drv.dll (1117184 bytes) (Eastman Kodak Company) (3/1/2011 8:51:16 AM) (--A-) (08993de8850922770a3aaf10524b3672)
C:\Windows\system32\RP3DHT32.dll (290304 bytes) (Dolby Laboratories, Inc.) (3/8/2009 9:32:30 PM) (--A-) (7e2b73200e4169aed13f955a62fc8d47)
C:\Windows\system32\cPC_DMIRD.dll (253952 bytes) (Hewlett-Packard Development Company, L.P.) (8/8/2008 2:15:06 AM) (--A-) (1b14b9b4324dd25841e18825546519a3)
C:\Windows\system32\RTCOM\RtkCfg.dll (141856 bytes) (Realtek Semiconductor Corp.) (8/4/2009 9:17:26 AM) (--A-) (61b064543477dea6d7030724c872c877)
C:\Windows\system32\RP3DAA32.dll (290304 bytes) (Dolby Laboratories, Inc.) (3/8/2009 9:30:48 PM) (--A-) (0fe8e6440f9cfd5f32bb0bdde4347a55)
C:\Windows\system32\SRSWOW.dll (135168 bytes) (SRS Labs, Inc.) (8/8/2008 3:04:36 AM) (--A-) (e067361e60fcae24790b88135895f3c8)
C:\Windows\system32\RTCOM\RtlCPAPI.dll (137760 bytes) (Realtek Semiconductor Corp.) (8/8/2008 3:04:36 AM) (--A-) (866c67c918cb5be950e05d73a141dce9)

[+] TCP Connections

svchost.exe -> 0.0.0.0:135 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:445 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:5357 -> 0.0.0.0:0 -> LISTENING
wininit.exe -> 0.0.0.0:49152 -> 0.0.0.0:0 -> LISTENING
svchost.exe -> 0.0.0.0:49153 -> 0.0.0.0:0 -> LISTENING
svchost.exe -> 0.0.0.0:49154 -> 0.0.0.0:0 -> LISTENING
lsass.exe -> 0.0.0.0:49155 -> 0.0.0.0:0 -> LISTENING
spoolsv.exe -> 0.0.0.0:49156 -> 0.0.0.0:0 -> LISTENING
services.exe -> 0.0.0.0:49164 -> 0.0.0.0:0 -> LISTENING
mDNSResponder.exe -> 127.0.0.1:5354 -> 0.0.0.0:0 -> LISTENING
SDFSSvc.exe -> 127.0.0.1:21320 -> 0.0.0.0:0 -> LISTENING
SDUpdSvc.exe -> 127.0.0.1:21321 -> 0.0.0.0:0 -> LISTENING
SDFSSvc.exe -> 127.0.0.1:21322 -> 0.0.0.0:0 -> LISTENING
SDFSSvc.exe -> 127.0.0.1:21323 -> 0.0.0.0:0 -> LISTENING
SDTray.exe -> 127.0.0.1:21327 -> 0.0.0.0:0 -> LISTENING
mbamservice.exe -> 127.0.0.1:43227 -> 0.0.0.0:0 -> LISTENING
N/A -> 127.0.0.1:49641 -> 127.0.0.1:21322 -> TIME_WAIT
N/A -> 192.168.1.101:139 -> 0.0.0.0:0 -> LISTENING

[+] UDP Connections

svchost.exe -> 0.0.0.0:3702 -> *.*
svchost.exe -> 0.0.0.0:3702 -> *.*
svchost.exe -> 0.0.0.0:5355 -> *.*
SDFSSvc.exe -> 0.0.0.0:21328 -> *.*
SDFSSvc.exe -> 0.0.0.0:59364 -> *.*
mDNSResponder.exe -> 0.0.0.0:63372 -> *.*
svchost.exe -> 0.0.0.0:63374 -> *.*
iexplore.exe -> 127.0.0.1:52305 -> *.*
N/A -> 192.168.1.101:137 -> *.*
N/A -> 192.168.1.101:138 -> *.*
mDNSResponder.exe -> 192.168.1.101:5353 -> *.*

 

[shelf life]

OK thanks for the info. Not seeing any malware. Did the slow boot up/sluggishness just happen recently? Possibly after installing software or updating? Dosnt look like you have a bunch of stuff loading and starting at boot up.

 

[maddmaverick]

It started the same time the router got messed with. Iran disk clean up and deleted all my backups, disk was only at 8% fragmented but I ran a deep defrag anyway and got it down to .1%. Still booting slower than before, but not nearly as bad. Turned off drive indexing and removed the ready boost drive, now programs seem to be operating normal again. Browsing is almost back to normal, but it doesn't like spybots forum for some reason, I can navigate a few pages then it just does the circle spinning forever thing. Don't have that problem with the other pc. I bought Comodos Internet Security Pro 7 for the laptop today and after 3 hours it found a virus that nothing else could. Got it cleaned up and now it is working great again, so I don't think il be needing assistance with that one. It was some kind of Win32 variant. I don't know enough about them to determine if it was messing with my desktop thru the network connection. I may end up springing for comodo on mine. Im kinda really impressed with it. Its definitely more intimidating than any other AV I've used, but it shouldn't take too much research to get it all figured out. Do you know if I temporarily uninstall my paid subscription to Spybots AV to take advantage of the 30 day free trial of comodo, will I be able to reinstall Spybot AV without having to buy another license?

 

[shelf life]

Its safe to conclude that you dont have a malware issue based on what we have used and now Comodo results also. Malware wouldnt escape all of them and the Comodo result could be nothing really. Malware scanners usually drag a lot of stuff up once its found.

The Spybot license I really coudnt say. If you typed in a license number or something than I dont see why the same license wouldnt work again if you reinstalled it again within a year.

But dont go by what I say, I dont represent Safer-Networking Ltd.

You probably could disable it so it dosnt start up at bootup, although some AV might still complain about it even though its disabled and not active. Probably safest bet is to uninstall it before using Comodo.

Heres a link, I would find out about uninstalling and reinstalling first, just to be sure.
http://www.safer-networking.org/contact/sales/

You can remove highjackhunter via the add/removes program panel. You can delete the Roguekiller icon and that will take care of it.
If all is good then Happy Safe surfing out there.