|
|||||||
| Windows 7 Problem solving for the Windows 7 Operating System. Please remember to state which edition of Windows 7 you are using - Starter, Home Basic, Home Premium, Professional, Enterprise or Ultimate. |
 |
|
|
Topic Tools |
|
#1
November 3rd, 2014, 12:23 AM
|
|||
|
|||
|
tsupdate
I think I messed up and for that I apologize I beleive I posted wrong area...I was looking for info on tsupdate and ran accross a post on your forum..I have been trying to get answers for 3 years now.. I could write pages of what has happened.. Maybe better to tell you whatever you want to know..I did a clean install of windows 7 on my hp desktop. Useing the disks supplied from HP..Have done this numerous times. So before connecting to internet I unhid files and looked around inC:\Sysrem.Sav numerous files.Tryed to email folder to myself to keep incse of crash.. When trying to attach file I got an error that said can not attach folder is empty.So copying it to my browser found even more.. I know very little about computers all I know is what I have learned chseing answers to my problem.. I apologize for any wrong terminology. Maybe some of the things I have looked at are norrmal.Maybe HP uses programs like boot straping and mricmd.exe or combofix after installing the way I was diected and installing the way I was directed it is normai for it to be in my my pictures libraret with an icon of a computer and when you click it it is like opening windows explorer..I can not seem to get anyone to look I am told they are normal..I have started useing another program that has helped in discovering alot of things that I have been able to check.. Little things like finnally haveing a logon screen the coorrect startup screen... I have some copies of things until this crashes again..Anything you need includeing remote access..My theroy is what ever you want to call what is infected my computer uses legitimate programs like windows update system restore and whatever else you are running and writes programming to get authority tolkens and installs and deletes acording to triggers it uses that is why my recycle bin is full some times with stuff I have not done.. I have a zip file containing alot of files folders that I got today.. Any insite help would be greatly appreciated.
Thankyou 
|
|
#3
November 4th, 2014, 04:54 AM
|
|||
|
|||
|
No I do not.. Also This install is only maybe 3 days old...
Thanks for the reply
|
|
#4
November 7th, 2014, 06:46 AM
|
|||
|
|||
|
I get confused.. Gues it has to do with being old..Lately something could be infront of me and I wont see it..Maybe reach out to an old guy.. Good catch..That printer must be some special software.. comes with its own idenity..
Thankyou..
|
|
#5
November 8th, 2014, 12:14 AM
|
||||
|
||||
|
I am no spring chicken myself. After reviewing your initial post, I do need to ask is there anything actually wrong with your system right now? Unrealistic concerns, maybe a little due to lack of knowledge, often puts folks on witch hunts for what is likely just normal functions. Been there myself.
|
|
#6
November 9th, 2014, 04:04 AM
|
|||
|
|||
|
Thankyou for getting back with me..Right now problems consist of..
Not being able to run certain programs.. Not being able to run netframe work 3.5 Downloads but will not come up to install.. Screen resolution and graphics in general not that great on desktop.. Sometimes I get a diffrent desktop.. Try to email a folder from desk top get error that folder is empty... I run surround sound can not get speakers to what they are suppose to.. Says that they are being used elsewhere.. Some of my music files I can not open when I try to download a music video it will say done but can not open also some of my music will not open says mpe but icon wrong and music players wont play.. When shutting down it takes 10 times longer then should.. If I find pum start uyp page or search page I delete comes right back same with any maware that anti malware bites says that it found That is somethings it is doing now..This install is maybe 5 days old as time goes on things will get worst..Most of the program that everyone wants to run to check system do not show much..But a program like get folder size.. Shows alot... Also I guess I have printers installed and one of them has a ip address that I see all the time.. I have been blacklisted form my server..my ip address never changes.. I get errors that my DNS servers not registered if I nslookup. Here is a screen snipit.. I hope.. AGAIN THANK-YOU... for your time and effort.. Could not get image copy paste The reaso I sent all the other was this has nerer happened..I wanted to copy some ifo from that command prompt. So I right clicked and mas going to select mark.. It ran threw all the not reckonized program thing.. What I wanted to ask if you look on the ipconig comcast has a Hsd1 instead of the cdns01.. Is that a normal thing Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\xxx>nslookup local server *** Can't find server address for 'server': Server: cdns01.comcast.net Address: 75.75.75.75 *** cdns01.comcast.net can't find local: Non-existent domain C:\Users\xxx>nslookup comcast.net Server: cdns01.comcast.net Address: 75.75.75.75 Non-authoritative answer: Name: comcast.net Address: 69.252.80.75 C:\Users\xxx> Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\xxx>nslookup local server *** Can't find server address for 'server': Server: cdns01.comcast.net Address: 75.75.75.75 *** cdns01.comcast.net can't find local: Non-existent domain C:\Users\xxx>nslookup comcast.net Server: cdns01.comcast.net Address: 75.75.75.75 Non-authoritative answer: Name: comcast.net Address: 69.252.80.75 C:\Users\xxx>nslookup server Server: cdns01.comcast.net Address: 75.75.75.75 *** cdns01.comcast.net can't find server: Non-existent domain C:\Users\xxx>ipconfig/all Windows IP Configuration Host Name . . . . . . . . . . . . : xxx-HP Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net. Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : hsd1.ca.comcast.net. Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller Physical Address. . . . . . . . . : E8-40-F2-5F-41-5C DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 10.0.0.8(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Saturday, November 08, 2014 4:58:57 PM Lease Expires . . . . . . . . . . : Saturday, November 15, 2014 6:07:01 PM Default Gateway . . . . . . . . . : 10.0.0.1 DHCP Server . . . . . . . . . . . : 10.0.0.1 DNS Servers . . . . . . . . . . . : 75.75.75.75 75.75.76.76 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.hsd1.ca.comcast.net.: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : hsd1.ca.comcast.net. Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 12: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1087:2c6b:f5ff:fff7(Pref erred) Link-local IPv6 Address . . . . . : fe80::1087:2c6b:f5ff:fff7%12(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled C:\Users\xxx>Microsoft Windows [Version 6.1.7601] 'Microsoft' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Copyright (c) 2009 Microsoft Corporation. All rights reserved. 'Copyright' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>nslookup local server 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>*** Can't find server address for 'server': '***' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Server: cdns01.comcast.net 'Server:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 75.75.75.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>*** cdns01.comcast.net can't find local: Non-existent domain '***' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>nslookup comcast.net 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Server: cdns01.comcast.net 'Server:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 75.75.75.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>Non-authoritative answer: 'Non-authoritative' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Name: comcast.net 'Name:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 69.252.80.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>Microsoft Windows [Version 6.1.7601] 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Copyright (c) 2009 Microsoft Corporation. All rights reserved. 'Copyright' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>nslookup local server 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>*** Can't find server address for 'server': '***' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Server: cdns01.comcast.net 'Server:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 75.75.75.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>*** cdns01.comcast.net can't find local: Non-existent domain '***' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>nslookup comcast.net 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Server: cdns01.comcast.net 'Server:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 75.75.75.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>Non-authoritative answer: 'Non-authoritative' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Name: comcast.net 'Name:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 69.252.80.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>start 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>start C:\Users\xxx>nslookup local host *** Can't find server address for 'host': Server: cdns01.comcast.net Address: 75.75.75.75 *** cdns01.comcast.net can't find local: Non-existent domain C:\Users\xxx>nslookup host Server: cdns01.comcast.net Address: 75.75.75.75 *** cdns01.comcast.net can't find host: Non-existent domain C:\Users\xxx>host 'host' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Microsoft Windows [Version 6.1.7601] 'Microsoft' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Copyright (c) 2009 Microsoft Corporation. All rights reserved. 'Copyright' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>nslookup local server 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>*** Can't find server address for 'server': '***' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Server: cdns01.comcast.net 'Server:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 75.75.75.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>*** cdns01.comcast.net can't find local: Non-existent domain '***' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>nslookup comcast.net 'C:\Users\xxx' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Server: cdns01.comcast.net 'Server:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 75.75.75.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx>Non-authoritative answer: 'Non-authoritative' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Name: comcast.net 'Name:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx>Address: 69.252.80.75 'Address:' is not recognized as an internal or external command, operable program or batch file. C:\Users\xxx> C:\Users\xxx> C:\Users\xxx>C:\Users\xxx>
|
|
#7
November 10th, 2014, 01:02 AM
|
||||
|
||||
|
Better if you kept your replies to a couple of sentences. To be honest, helper folks usually scan through what's posted, looking for key terms, then skip the rest.
Let's get a detailed look. The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool. And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types" To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed. ------- Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.
|
|
#8
November 10th, 2014, 02:59 AM
|
|||
|
|||
|
Thankyou point taken...
Here is what you asked for.. Do not no if important.. When it got to scanning chrome. It stopped responding screen jumped.. Then looking for new programs when it hit zino reader same thing but also a cmd box dissapairedaccross screen Will have to send a couple replys says text to big .OTL logfile created on: 11/9/2014 5:35:34 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.49 Gb Total Physical Memory | 5.56 Gb Available Physical Memory | 74.20% Memory free 14.97 Gb Paging File | 12.49 Gb Available in Paging File | 83.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 920.04 Gb Total Space | 820.88 Gb Free Space | 89.22% Space Free | Partition Type: NTFS Drive D: | 11.37 Gb Total Space | 1.40 Gb Free Space | 12.29% Space Free | Partition Type: NTFS Computer Name: XXX-HP | User Name: xxx | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/11/09 17:34:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Downloads\OTL.exe PRC - [2014/11/04 19:40:09 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe PRC - [2014/10/30 18:10:40 | 000,977,600 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\Spark.exe PRC - [2014/10/30 18:10:40 | 000,080,576 | ---- | M] (Baidu Inc.) -- C:\Program Files (x86)\baidu\Spark\sparkservice.exe PRC - [2011/01/10 04:49:20 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe ========== Modules (No Company Name) ========== MOD - [2014/11/06 17:42:01 | 000,083,136 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Baidu\Spark\SysData\E xtApp\SnapImg\SnapImg.dll MOD - [2014/10/30 18:10:44 | 000,515,776 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\xnet.dll MOD - [2014/10/30 18:10:44 | 000,497,856 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\p2p_service_dll.dll MOD - [2014/10/30 18:10:44 | 000,274,112 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\p2squery.dll MOD - [2014/10/30 18:10:43 | 001,966,784 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\ffmpegsumo.dll MOD - [2014/10/30 18:10:43 | 000,713,920 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\libGLESv2.dll MOD - [2014/10/30 18:10:43 | 000,097,472 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\libEGL.dll MOD - [2014/10/30 18:10:42 | 001,005,248 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\bdxui.dll MOD - [2014/10/30 18:10:42 | 000,570,048 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\bdstatreport.dll MOD - [2014/10/30 18:10:42 | 000,407,232 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\bdxctrl.dll MOD - [2014/10/30 18:10:41 | 000,428,224 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\bdminiopenssl.dll MOD - [2014/10/30 18:10:40 | 000,977,600 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\Spark.exe MOD - [2014/10/30 18:10:40 | 000,377,536 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\bdaccount.dll MOD - [2014/10/14 19:07:38 | 013,677,384 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\PepperFlash\pepflashplayer.dll MOD - [2014/10/14 19:07:31 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\baidu\Spark\pdf.dll ========== Services (SafeList) ========== SRV:64bit: - [2014/08/22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2014/08/22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2014/04/17 17:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2014/11/05 09:21:38 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/10/30 18:10:40 | 001,356,992 | ---- | M] (Baidu.com, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe -- (SparkUpdater) SRV - [2014/10/30 18:10:40 | 000,080,576 | ---- | M] (Baidu Inc.) [Auto | Running] -- C:\Program Files (x86)\baidu\Spark\sparkservice.exe -- (SparkSvc) SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2011/01/10 04:49:20 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe -- (DokanMounter) SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014/11/08 20:49:04 | 000,037,624 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight) DRV:64bit: - [2014/10/30 00:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2014/10/30 00:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2014/07/17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2014/04/17 18:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2014/04/17 17:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2011/09/14 02:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/08/03 19:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2011/01/10 04:51:40 | 000,120,408 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan) DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/03/22 19:39:20 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 17:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{4C52DC88-91D3-4CBC-B20F-59E007F7411A}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF IE - HKLM\..\SearchScopes\{4C52DC88-91D3-4CBC-B20F-59E007F7411A}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com/Results.aspx?gd=&ctid=CT3322289&octid=EB_ORIGINAL_ CTID&ISID=M8FBDACE1-C3CB-4DA0-9553-A654472CB0BF&SearchSource=58&CUI=&UM=6&UP=SPDBB503 8E-DB67-4458-89E7-238192F9F414&q={searchTerms}&SSPV=SP2183TB_sp_ie IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=0625E840F25F4 15C&affID=129428&tt=0211014_tbf&tsp=5424 IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{4C52DC88-91D3-4CBC-B20F-59E007F7411A}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms} IE - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: redirectcleaner%40example.net:2.4.0 FF - prefs.js..extensions.enabledAddons: firefoxaddon%40youtubeenhancer.com:3.3.3 FF - prefs.js..extensions.enabledAddons: %7Bf2456568-e603-43db-8838-ffa7c4a685c7%7D:0.22 FF - prefs.js..keyword.URL: "" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_ 189.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_ 189.dll File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4 .dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4 .dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\xxx\AppData\Local\Google\Update\1.3.25.5\ npGoogleUpdate3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\xxx\AppData\Local\Google\Update\1.3.25.5\ npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 35.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 35.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins FF - HKEY_CURRENT_USER\software\mozilla\Aurora 35.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components FF - HKEY_CURRENT_USER\software\mozilla\Aurora 35.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins [2014/10/31 18:21:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Extensions [2014/11/05 21:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\extensions [2014/11/05 21:07:27 | 000,000,000 | ---D | M] (WMPlayer LibraryPropPage Class) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\extensions\{C1434527-70A1-1B6F-4C75-72AEF95713A8} [2014/11/04 20:11:30 | 000,000,000 | ---D | M] ("Sup-SW") -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\extensions\{f2456568-e603-43db-8838-ffa7c4a685c7} [2014/11/05 21:11:06 | 000,000,000 | ---D | M] (PriceLess) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\extensions\Z@jUr.org [2014/11/04 19:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi lesmsiix1yg.default\extensions [2014/11/04 19:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi lesmsiix1yg.default\extensions\staged [2014/11/02 23:10:43 | 000,075,971 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\extensions\firefoxaddon@youtu beenhancer.com.xpi [2014/11/02 23:07:51 | 000,032,292 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\extensions\redirectcleaner@ex ample.net.xpi [2014/11/05 21:05:47 | 000,001,629 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\searchplugins\MyOnlineSearch. xml [2014/11/05 21:06:05 | 000,001,249 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\searchplugins\onlysearchkms.x ml ========== Chrome ========== CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Pepp erFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer CHR - plugin: Native Client (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\inte rnal-nacl-plugin CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf. dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Update (Disabled) = C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll CHR - plugin: globalUpdate Update (Disabled) = C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4 .dll CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\ O1 HOSTS File: ([2014/11/04 20:05:45 | 000,000,835 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TheTorntv V10) - {11111111-1111-1111-1111-110611331111} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll File not found O2:64bit: - BHO: (Browser Champion BHO) - {FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} - C:\Program Files (x86)\Browser Champion\FrameworkBHO64.dll () O2 - BHO: (Browser Champion BHO) - {FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} - C:\Program Files (x86)\Browser Champion\FrameworkBHO.dll () O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000..\Run: [ClamWin] C:\Program Files (x86)\ClamWin\bin\ClamTray.exe (alch) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoRecentDocsNetHood = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: VerboseStatus = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\Software\Policies\Microsoft\Internet Explorer\Main present O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: cinemanow.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: cinemanow.com ([]https in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: hp.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: qflix.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: roxio.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: roxio.com ([]https in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: roxionow.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: roxionow.com ([]https in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: sonic.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2059181236-31080851-1000316753-1000\..Trusted Domains: sonic.com ([]https in Trusted sites) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{5FF593B7-DE65-4CA8-806B-B307E1CD7654}: DhcpNameServer = 75.75.75.75 75.75.76.76 O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC6 4Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader .dll (Client Connect LTD) O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc3 2loader.dll) - c:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader .dll (Client Connect LTD) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/11/09 03:40:09 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Diagnostics [2014/11/08 22:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dokan [2014/11/08 21:54:30 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Google [2014/11/08 21:48:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014/11/08 21:48:24 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2014/11/08 20:57:23 | 000,086,384 | ---- | C] (Premium Installer ) -- C:\Users\xxx\Desktop\$RQFFWJA.exe [2014/11/07 10:49:38 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2014/11/07 10:40:27 | 000,000,000 | ---D | C] -- C:\Windows\Logs [2014/11/07 10:11:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\.rsrc [2014/11/07 08:45:01 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Black List Software [2014/11/07 08:45:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black List Software [2014/11/07 07:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller [2014/11/07 07:51:22 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Temp [2014/11/07 07:51:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2014/11/06 22:33:56 | 000,000,000 | -HSD | C] -- C:\found.000 [2014/11/06 17:45:06 | 000,000,000 | ---D | C] -- C:\mo music [2014/11/06 17:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu [2014/11/06 17:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spark Browser [2014/11/06 17:41:38 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Baidu [2014/11/06 17:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\baidu [2014/11/06 17:37:32 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\MiniService [2014/11/06 17:37:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Baidu [2014/11/06 00:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus [2014/11/06 00:25:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ClamWin [2014/11/06 00:25:00 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\.clamwin [2014/11/06 00:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sourcefire Inc [2014/11/05 23:59:47 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps [2014/11/05 23:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014/11/05 23:49:07 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Macromedia [2014/11/05 21:27:22 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\USBFormat [2014/11/05 21:11:29 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Optimizer Pro [2014/11/05 21:07:27 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Oqmics [2014/11/05 21:07:17 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Ohics [2014/11/05 21:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\9e6c0187397729f1 [2014/11/05 21:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\PriceLess [2014/11/05 21:07:02 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Torch [2014/11/05 21:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PriceLess [2014/11/05 21:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\DSearchLink [2014/11/05 21:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LuckyTab [2014/11/05 20:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3 [2014/11/05 19:16:56 | 000,000,000 | ---D | C] -- C:\convert [2014/11/05 17:05:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2014/11/05 17:05:45 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2014/11/05 17:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2014/11/05 16:41:08 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Apple Computer [2014/11/05 16:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2014/11/05 16:41:01 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2014/11/05 16:41:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2014/11/05 16:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2014/11/05 16:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2014/11/05 16:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2014/11/05 16:40:27 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 [2014/11/05 16:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2014/11/05 16:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2014/11/05 16:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2014/11/05 16:36:13 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Macroplant,_LLC [2014/11/05 16:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2014/11/05 16:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2014/11/05 16:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2014/11/05 16:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2014/11/05 16:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2014/11/05 16:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2014/11/05 16:34:02 | 000,000,000 | ---D | C] -- C:\benny tunes [2014/11/05 13:01:25 | 000,011,776 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysNative\imdsksvc.exe [2014/11/05 09:51:05 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\PowerTool x64 V1.3 (en) [2014/11/05 09:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora [2014/11/05 08:55:20 | 000,000,000 | ---D | C] -- C:\my temp work [2014/11/05 08:44:16 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Bluetooth Exchange Folder [2014/11/05 08:38:45 | 000,000,000 | ---D | C] -- C:\[BOOT] [2014/11/05 08:35:11 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\CyberLink [2014/11/05 08:31:55 | 000,000,000 | ---D | C] -- C:\Hiren's.BootCD.15.2 [2014/11/05 08:13:36 | 000,000,000 | ---D | C] -- C:\Hirens.BootCD.15.2 [2014/11/05 08:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2014/11/05 08:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2014/11/04 20:24:55 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380 [2014/11/04 20:15:53 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\BitTorrent [2014/11/04 19:41:54 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\BandExtend [2014/11/04 19:40:33 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Browser Champion [2014/11/04 19:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bench [2014/11/04 19:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browser Champion [2014/11/04 19:39:33 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\SearchProtect [2014/11/04 19:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect [2014/11/04 19:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate [2014/11/04 19:36:41 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\TornTV.com [2014/11/04 19:36:40 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\TornTV.com [2014/11/04 08:53:41 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\GlarySoft [2014/11/04 08:39:03 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Hirens.BootCD.15.2 [2014/11/04 08:38:18 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\hbc [2014/11/04 08:25:37 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\ffmpeg [2014/11/04 06:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2014/11/04 06:15:47 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\library_dir [2014/11/04 06:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2014/11/04 06:14:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2014/11/04 06:14:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2014/11/04 06:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2014/11/04 06:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2014/11/04 06:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2014/11/04 01:30:29 | 000,000,000 | ---D | C] -- C:\AMD [2014/11/03 09:28:58 | 000,000,000 | ---D | C] -- C:\dupes [2014/11/03 09:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Files Finder [2014/11/03 09:17:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Duplicate Music Files Finder [2014/11/03 08:25:29 | 002,369,456 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.v13.4.2.o cx [2014/11/03 08:25:29 | 001,005,088 | ---- | C] (Bennet-Tec Information Systems, Inc) -- C:\Windows\SysWow64\TList8.ocx [2014/11/03 08:25:29 | 000,171,752 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\SysWow64\mtRTF2.ocx [2014/11/03 08:25:29 | 000,086,016 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\SysWow64\mtSplitter.ocx [2014/11/03 08:25:29 | 000,044,736 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\SysWow64\mtSubclass.dll [2014/11/03 08:25:29 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\GetFoldersize [2014/11/03 08:25:28 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\GetFoldersize [2014/11/03 08:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetFoldersize [2014/11/03 08:24:54 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\GetFoldersize [2014/11/03 01:09:47 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Google Music Player [2014/11/03 01:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExtenDev [2014/11/03 00:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2014/11/03 00:57:05 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\AVS4YOU [2014/11/03 00:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU [2014/11/03 00:56:12 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll [2014/11/03 00:56:12 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll [2014/11/03 00:56:12 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll [2014/11/03 00:56:12 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll [2014/11/03 00:56:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll [2014/11/03 00:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia [2014/11/03 00:39:47 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.008 [2014/11/03 00:39:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.007 [2014/11/03 00:39:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.006 [2014/11/03 00:39:21 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.005 [2014/11/03 00:39:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.004 [2014/11/03 00:39:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.003 [2014/11/02 22:57:03 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\speedofme-143e9b77d5f819e89cf8f4e024f0d34b [2014/11/02 22:56:53 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\speedofme-143e9b77d5f819e89cf8f4e024f0d34b [2014/11/02 19:37:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2014/11/02 19:37:52 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2014/11/02 14:51:40 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\New Compressed (zipped) Folder [2014/11/01 17:32:43 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Media Player Classic [2014/11/01 17:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fast Monster ltd [2014/11/01 07:20:48 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.002 [2014/11/01 07:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr Prot Antivirus [2014/11/01 07:20:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.001 [2014/11/01 07:20:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000 [2014/11/01 07:20:45 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mswinsck.ocx [2014/11/01 07:20:44 | 000,034,304 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\NTSVC.ocx [2014/11/01 07:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dr Prot Antivirus [2014/10/31 22:15:27 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Zynga Support_files [2014/10/31 19:47:24 | 000,701,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
|
|
#9
November 10th, 2014, 03:03 AM
|
|||
|
|||
|
page 2
.[2014/10/30 00:38:19 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014/10/30 00:38:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2014/10/30 00:38:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2014/10/30 00:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2014/10/30 00:38:00 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat [2014/10/30 00:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2014/10/30 00:37:55 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Online Services [2014/10/30 00:37:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [2014/10/30 00:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2014/10/30 00:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink [2014/10/30 00:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall [2014/10/30 00:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic [2014/10/30 00:36:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos [2014/10/30 00:36:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2014/10/30 00:36:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2014/10/30 00:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2014/10/30 00:35:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2014/10/30 00:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} [2014/10/30 00:32:31 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection [2014/10/30 00:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2014/10/30 00:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp [2014/10/30 00:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2014/10/30 00:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2014/10/30 00:29:56 | 001,284,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2014/10/30 00:29:56 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2014/10/30 00:29:56 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2014/10/30 00:29:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2014/10/30 00:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2014/10/30 00:29:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP TouchSmart [2014/10/30 00:28:55 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [2014/10/30 00:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2014/10/30 00:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\hp [2014/10/30 00:28:31 | 000,117,248 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\HPMUIDir.exe [2014/10/30 00:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2014/10/30 00:28:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard [2014/10/30 00:23:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2014/10/30 00:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2014/10/30 00:18:21 | 003,555,840 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2014/10/30 00:18:21 | 003,060,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2014/10/30 00:18:21 | 000,095,544 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll [2014/10/30 00:18:20 | 003,891,200 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll [2014/10/30 00:18:17 | 000,533,096 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2014/10/30 00:18:17 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2014/10/30 00:18:17 | 000,047,232 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys [2014/10/30 00:18:16 | 002,399,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2014/10/30 00:18:16 | 001,559,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2014/10/30 00:18:16 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2014/10/30 00:18:16 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2014/10/30 00:18:16 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2014/10/30 00:18:15 | 003,114,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2014/10/30 00:18:15 | 001,805,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2014/10/30 00:18:15 | 001,245,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2014/10/30 00:18:15 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2014/10/30 00:18:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2014/10/30 00:18:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2014/10/30 00:18:15 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2014/10/30 00:18:15 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2014/10/30 00:18:15 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2014/10/30 00:18:15 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2014/10/30 00:18:15 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2014/10/30 00:18:14 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2014/10/30 00:18:14 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2014/10/30 00:18:14 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2014/10/30 00:18:10 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll [2014/10/30 00:18:10 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll [2014/10/30 00:18:10 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll [2014/10/30 00:18:10 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll [2014/10/30 00:18:10 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2014/10/30 00:18:09 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2014/10/30 00:18:09 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe [2014/10/30 00:18:09 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe [2014/10/30 00:18:09 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2014/10/30 00:18:09 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe [2014/10/30 00:18:09 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2014/10/30 00:11:46 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2014/10/30 00:11:46 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2014/10/30 00:11:46 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2014/10/30 00:08:08 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2014/10/30 00:08:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL [2014/10/30 00:08:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL [2014/10/30 00:08:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL [2014/10/30 00:08:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL [2014/10/30 00:06:07 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2014/10/30 00:06:07 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2014/10/30 00:06:07 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2014/10/30 00:06:07 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2014/10/30 00:06:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2014/10/30 00:06:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2014/10/30 00:06:07 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2014/10/30 00:05:53 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2014/10/30 00:05:00 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2014/10/30 00:05:00 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2014/10/30 00:05:00 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2014/10/30 00:05:00 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2014/10/30 00:04:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2014/10/30 00:04:42 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2014/10/30 00:04:42 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2014/10/30 00:03:25 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014/10/30 00:03:25 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2014/10/30 00:03:25 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2014/10/30 00:03:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014/10/30 00:03:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2014/10/30 00:03:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2014/10/30 00:03:16 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014/10/30 00:03:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014/10/30 00:03:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2014/10/30 00:03:08 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2014/10/30 00:03:08 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2014/10/30 00:03:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2014/10/30 00:02:50 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014/10/30 00:02:50 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2014/10/30 00:02:50 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2014/10/30 00:02:50 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2014/10/30 00:02:50 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014/10/30 00:02:50 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2014/10/30 00:02:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2014/10/30 00:02:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014/10/30 00:02:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2014/10/30 00:02:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014/10/30 00:02:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2014/10/30 00:02:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2014/10/30 00:02:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2014/10/30 00:02:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2014/10/30 00:02:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2014/10/30 00:02:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2014/10/30 00:02:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2014/10/30 00:02:38 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2014/10/30 00:02:38 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2014/10/30 00:02:29 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2014/10/30 00:02:21 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2014/10/30 00:02:21 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2014/10/30 00:02:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2014/10/30 00:02:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2014/10/30 00:02:21 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2014/10/30 00:02:21 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2014/10/30 00:02:21 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2014/10/30 00:02:21 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2014/10/30 00:02:21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2014/10/30 00:02:11 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2014/10/30 00:02:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2014/10/30 00:02:02 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2014/10/30 00:02:02 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2014/10/30 00:02:02 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2014/10/30 00:02:02 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2014/10/30 00:02:02 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2014/10/30 00:02:02 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2014/10/30 00:02:02 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2014/10/30 00:02:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2014/10/30 00:02:02 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2014/10/30 00:02:02 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2014/10/30 00:02:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2014/10/30 00:01:27 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2014/10/30 00:00:57 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2014/10/30 00:00:57 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2014/10/30 00:00:49 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2014/10/30 00:00:49 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2014/10/30 00:00:41 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2014/10/30 00:00:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2014/10/30 00:00:25 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2014/10/30 00:00:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2014/10/30 00:00:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2014/10/30 00:00:18 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2014/10/30 00:00:18 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2014/10/30 00:00:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2014/10/30 00:00:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2014/10/30 00:00:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2014/10/30 00:00:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2014/10/30 00:00:03 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2014/10/30 00:00:03 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2014/10/30 00:00:03 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2014/10/30 00:00:03 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2014/10/29 23:59:55 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2014/10/29 23:59:55 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2014/10/29 23:59:55 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2014/10/29 23:59:55 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2014/10/29 23:59:55 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2014/10/29 23:59:55 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2014/10/29 23:59:55 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2014/10/29 23:59:46 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2014/10/29 23:59:46 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2014/10/29 23:59:16 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2014/10/29 23:59:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2014/10/29 23:59:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2014/10/29 23:59:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2014/10/29 23:58:54 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2014/10/29 23:58:54 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2014/10/29 23:58:45 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2014/10/29 23:58:45 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2014/10/29 23:58:45 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2014/10/29 23:58:45 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2014/10/29 23:58:45 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2014/10/29 23:58:45 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2014/10/29 23:58:03 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014/10/29 23:58:03 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014/10/29 23:58:03 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014/10/29 23:58:03 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014/10/29 23:58:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2014/10/29 23:58:03 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014/10/29 23:58:03 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014/10/29 23:58:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2014/10/29 23:58:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014/10/29 23:58:03 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014/10/29 23:58:03 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014/10/29 23:57:07 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2014/10/29 23:57:07 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2014/10/29 23:57:07 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014/10/29 23:57:07 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014/10/29 23:57:07 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014/10/29 23:57:07 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014/10/29 23:57:07 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2014/10/29 23:57:07 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014/10/29 23:57:07 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2014/10/29 23:57:07 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014/10/29 23:57:07 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2014/10/29 23:57:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2014/10/29 23:57:07 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2014/10/29 23:57:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014/10/29 23:57:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014/10/29 23:57:07 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2014/10/29 23:57:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2014/10/29 23:57:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2014/10/29 23:57:07 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014/10/29 23:57:07 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2014/10/29 23:57:07 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2014/10/29 23:57:07 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2014/10/29 23:57:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2014/10/29 23:57:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2014/10/29 23:57:07 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014/10/29 23:57:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014/10/29 23:57:07 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014/10/29 23:57:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2014/10/29 23:57:07 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2014/10/29 23:57:07 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2014/10/29 23:57:07 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2014/10/29 23:57:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014/10/29 23:57:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2014/10/29 23:57:07 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014/10/29 23:57:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2014/10/29 23:57:07 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2014/10/29 23:57:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2014/10/29 23:57:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014/10/29 23:57:07 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2014/10/29 23:57:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014/10/29 23:57:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014/10/29 23:57:07 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2014/10/29 23:57:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2014/10/29 23:57:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2014/10/29 23:57:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2014/10/29 23:57:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014/10/29 23:57:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2014/10/29 23:57:07 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2014/10/29 23:57:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2014/10/29 23:57:07 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2014/10/29 23:57:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2014/10/29 23:57:07 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014/10/29 23:57:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2014/10/29 23:57:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014/10/29 23:57:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014/10/29 23:57:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014/10/29 23:57:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2014/10/29 23:57:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2014/10/29 23:57:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2014/10/29 23:57:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2014/10/29 23:57:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2014/10/29 23:50:08 | 000,000,000 | ---D | C] -- C:\SYSTEM.SAV [2014/10/29 23:46:07 | 000,000,000 | ---D | C] -- C:\USWV64HP ========== Files - Modified Within 30 Days ========== [2014/11/09 17:35:47 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014/11/09 17:35:47 | 000,660,618 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014/11/09 17:35:47 | 000,121,016 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014/11/09 17:31:28 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/11/09 17:31:27 | 000,005,164 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-11.job [2014/11/09 17:31:27 | 000,004,474 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-4.job [2014/11/09 17:31:27 | 000,004,138 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-6.job [2014/11/09 17:31:27 | 000,003,794 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-7.job [2014/11/09 17:31:27 | 000,003,450 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-3.job [2014/11/09 17:31:27 | 000,003,430 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-1.job [2014/11/09 17:31:27 | 000,002,426 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5_user.job [2014/11/09 17:31:27 | 000,002,426 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5.job [2014/11/09 17:31:27 | 000,002,090 | ---- | M] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-2.job [2014/11/09 17:31:27 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore .job [2014/11/09 17:31:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/11/09 15:14:14 | 000,162,777 | ---- | M] () -- C:\Users\xxx\Desktop\stupid.PNG [2014/11/09 15:06:38 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/11/09 15:06:38 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/11/09 15:02:37 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/11/09 11:53:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2059181236-31080851-1000316753-1000UA.job [2014/11/09 11:50:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\bench-S-1-5-21-2059181236-31080851-1000316753-1000.job [2014/11/09 08:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\bench-sys.job [2014/11/08 22:01:26 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\SparkUpdater.job [2014/11/08 21:40:53 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2014/11/08 21:00:31 | 000,002,560 | ---- | M] () -- C:\Users\xxx\Desktop\$AttrDef [2014/11/08 21:00:21 | 000,000,000 | ---- | M] () -- C:\Users\xxx\Desktop\$BadClus_$Bad [2014/11/08 20:59:57 | 000,004,096 | ---- | M] () -- C:\Users\xxx\Desktop\$MFTMirr [2014/11/08 20:57:23 | 000,086,384 | ---- | M] (Premium Installer ) -- C:\Users\xxx\Desktop\$RQFFWJA.exe [2014/11/08 20:49:04 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\start [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Server [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\nslookup [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Non-authoritative [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Name [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\host [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Copyright [2014/11/08 20:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Address [2014/11/08 19:53:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2059181236-31080851-1000316753-1000Core.job
|
|
#10
November 10th, 2014, 03:04 AM
|
|||
|
|||
|
page 3
[2014/11/08 18:56:19 | 000,000,000 | ---- | M] () -- C:\Users\xxx\nslookup [2014/11/08 18:46:59 | 000,000,000 | ---- | M] () -- C:\Users\xxx\start [2014/11/08 18:46:27 | 000,000,000 | ---- | M] () -- C:\Users\xxx\Microsoft [2014/11/08 18:39:41 | 000,056,423 | ---- | M] () -- C:\Users\xxx\Desktop\ns look.PNG [2014/11/07 10:33:06 | 000,001,160 | ---- | M] () -- C:\Users\xxx\Desktop\Keyboard.bat [2014/11/07 08:45:01 | 000,003,061 | ---- | M] () -- C:\Users\xxx\Desktop\Assassin SE.lnk [2014/11/07 07:54:21 | 003,647,576 | ---- | M] () -- C:\Users\xxx\Desktop\RogueKillerCMDX64.exe [2014/11/06 18:34:00 | 000,000,000 | ---- | M] () -- C:\Users\xxx\Desktop\7z920-x64.msi [2014/11/06 18:33:26 | 004,515,488 | ---- | M] () -- C:\Users\xxx\Desktop\ffmpeg.zip [2014/11/06 18:31:58 | 002,435,540 | ---- | M] () -- C:\Users\xxx\Desktop\GetFoldersize.zip [2014/11/06 18:31:19 | 000,000,000 | ---- | M] () -- C:\Users\xxx\Desktop\grub4dos.zip [2014/11/06 18:30:58 | 621,283,886 | ---- | M] () -- C:\Users\xxx\Desktop\Hirens.BootCD.15.2.zip [2014/11/06 17:41:39 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\Facebook.lnk [2014/11/06 17:41:39 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\Google.lnk [2014/11/06 17:41:39 | 000,002,071 | ---- | M] () -- C:\Users\Public\Desktop\Spark Browser.lnk [2014/11/05 23:58:00 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/11/05 23:49:00 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014/11/05 23:49:00 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014/11/05 21:26:00 | 000,035,228 | ---- | M] () -- C:\Users\xxx\Desktop\USBFormat.zip [2014/11/05 21:07:02 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014/11/05 21:06:04 | 000,002,065 | ---- | M] () -- C:\Windows\patsearch.bin [2014/11/05 21:06:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrN ew_01009.Wdf [2014/11/05 18:40:37 | 000,015,632 | ---- | M] () -- C:\Users\xxx\Desktop\00 spare ass annie.mp3 - Shortcut.lnk [2014/11/05 16:41:06 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2014/11/05 16:35:52 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2014/11/04 20:05:45 | 000,000,835 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2014/11/04 19:40:13 | 000,000,004 | ---- | M] () -- C:\end [2014/11/04 06:10:49 | 000,768,844 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014/11/03 10:13:31 | 000,060,974 | ---- | M] () -- C:\Users\xxx\Desktop\1970740_10152113621213859_183 2334931_n.jpg [2014/11/03 09:36:34 | 000,880,258 | ---- | M] () -- C:\Users\xxx\Documents\no dupes.m3u [2014/11/03 09:17:38 | 000,001,021 | ---- | M] () -- C:\Users\xxx\Desktop\Duplicate Music Files Finder.lnk [2014/11/03 08:25:29 | 000,001,069 | ---- | M] () -- C:\Users\xxx\Desktop\GetFoldersize.lnk [2014/11/03 01:11:08 | 000,003,055 | ---- | M] () -- C:\Users\xxx\Desktop\GMusic.lnk [2014/11/03 01:07:21 | 001,227,624 | ---- | M] () -- C:\Users\xxx\Documents\NewList.m3u [2014/11/02 19:23:05 | 002,887,680 | ---- | M] () -- C:\Suspicious Driver [2014/11/02 10:33:32 | 203,625,985 | ---- | M] () -- C:\Users\xxx\Desktop\New Compressed (zipped) Folder.zip [2014/10/31 18:25:20 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2014/10/31 18:21:03 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Aurora.lnk [2014/10/31 18:12:03 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_p7-1225_Y53316J_0U_Q3CR2090CF0_E12NA1MRW608_4A_I2ACF_ SPEGATRON CORPORATION_V1.03_B7.18_T120326_W73-1_L409_M7667_J1000_7AMD_8F10_92.50_#141030_N10EC81 68;14E44357_Z_G10029640.MRK [2014/10/31 18:12:03 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_p7-1225_Y53316J_0U_Q3CR2090CF0_E12NA1MRW608_4A_I2ACF_ SPEGATRON CORPORATION_V1.03_B7.18_T120326_W73-1_L409_M7667_J1000_7AMD_8F10_92.50_#141030_N10EC81 68;14E44357_Z_G10029640.MRK [2014/10/31 18:11:27 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2014/10/31 18:11:27 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2014/10/30 00:23:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09 _00.Wdf [2014/10/30 00:22:48 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2014/10/30 00:21:27 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/10/30 00:19:16 | 001,003,228 | ---- | M] () -- C:\Windows\SysNative\oem115.inf [2014/10/30 00:11:46 | 005,561,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2014/10/30 00:11:46 | 003,967,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2014/10/30 00:11:46 | 003,912,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2014/10/30 00:08:08 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2014/10/30 00:08:08 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL [2014/10/30 00:08:08 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL [2014/10/30 00:08:08 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL [2014/10/30 00:08:08 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL [2014/10/30 00:08:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL [2014/10/30 00:08:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL [2014/10/30 00:06:07 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2014/10/30 00:06:07 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2014/10/30 00:06:07 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2014/10/30 00:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2014/10/30 00:06:07 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2014/10/30 00:06:07 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2014/10/30 00:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2014/10/30 00:05:53 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2014/10/30 00:05:00 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2014/10/30 00:05:00 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2014/10/30 00:05:00 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2014/10/30 00:05:00 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2014/10/30 00:04:51 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2014/10/30 00:04:42 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2014/10/30 00:04:42 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2014/10/30 00:03:25 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014/10/30 00:03:25 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2014/10/30 00:03:25 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2014/10/30 00:03:25 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014/10/30 00:03:25 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2014/10/30 00:03:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2014/10/30 00:03:16 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014/10/30 00:03:16 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014/10/30 00:03:08 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2014/10/30 00:03:08 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2014/10/30 00:03:08 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2014/10/30 00:03:08 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2014/10/30 00:02:50 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014/10/30 00:02:50 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2014/10/30 00:02:50 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2014/10/30 00:02:50 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2014/10/30 00:02:50 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014/10/30 00:02:50 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2014/10/30 00:02:50 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2014/10/30 00:02:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014/10/30 00:02:50 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2014/10/30 00:02:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014/10/30 00:02:50 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2014/10/30 00:02:50 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2014/10/30 00:02:50 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2014/10/30 00:02:50 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2014/10/30 00:02:50 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2014/10/30 00:02:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2014/10/30 00:02:50 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2014/10/30 00:02:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2014/10/30 00:02:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2014/10/30 00:02:38 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2014/10/30 00:02:38 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2014/10/30 00:02:29 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2014/10/30 00:02:21 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2014/10/30 00:02:21 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2014/10/30 00:02:21 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2014/10/30 00:02:21 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2014/10/30 00:02:21 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2014/10/30 00:02:21 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2014/10/30 00:02:21 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2014/10/30 00:02:21 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2014/10/30 00:02:21 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2014/10/30 00:02:11 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2014/10/30 00:02:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2014/10/30 00:02:02 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2014/10/30 00:02:02 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2014/10/30 00:02:02 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2014/10/30 00:02:02 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2014/10/30 00:02:02 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2014/10/30 00:02:02 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2014/10/30 00:02:02 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2014/10/30 00:02:02 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2014/10/30 00:02:02 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2014/10/30 00:02:02 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2014/10/30 00:02:02 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2014/10/30 00:01:27 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2014/10/30 00:00:57 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2014/10/30 00:00:57 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2014/10/30 00:00:49 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2014/10/30 00:00:49 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2014/10/30 00:00:41 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2014/10/30 00:00:41 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2014/10/30 00:00:25 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2014/10/30 00:00:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2014/10/30 00:00:25 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2014/10/30 00:00:18 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2014/10/30 00:00:18 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2014/10/30 00:00:18 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2014/10/30 00:00:18 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2014/10/30 00:00:11 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2014/10/30 00:00:11 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2014/10/30 00:00:03 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2014/10/30 00:00:03 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2014/10/30 00:00:03 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2014/10/30 00:00:03 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2014/10/29 23:59:55 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2014/10/29 23:59:55 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2014/10/29 23:59:55 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2014/10/29 23:59:55 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2014/10/29 23:59:55 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2014/10/29 23:59:55 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2014/10/29 23:59:55 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2014/10/29 23:59:46 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2014/10/29 23:59:46 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2014/10/29 23:59:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2014/10/29 23:59:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2014/10/29 23:59:01 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2014/10/29 23:59:01 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2014/10/29 23:58:54 | 001,465,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2014/10/29 23:58:54 | 000,870,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2014/10/29 23:58:45 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2014/10/29 23:58:45 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2014/10/29 23:58:45 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2014/10/29 23:58:45 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2014/10/29 23:58:45 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2014/10/29 23:58:45 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2014/10/29 23:58:03 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014/10/29 23:58:03 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014/10/29 23:58:03 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014/10/29 23:58:03 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014/10/29 23:58:03 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2014/10/29 23:58:03 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014/10/29 23:58:03 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014/10/29 23:58:03 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2014/10/29 23:58:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014/10/29 23:58:03 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014/10/29 23:58:03 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014/10/29 23:57:07 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2014/10/29 23:57:07 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2014/10/29 23:57:07 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014/10/29 23:57:07 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014/10/29 23:57:07 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014/10/29 23:57:07 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014/10/29 23:57:07 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2014/10/29 23:57:07 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014/10/29 23:57:07 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2014/10/29 23:57:07 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014/10/29 23:57:07 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2014/10/29 23:57:07 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2014/10/29 23:57:07 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2014/10/29 23:57:07 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014/10/29 23:57:07 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014/10/29 23:57:07 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2014/10/29 23:57:07 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2014/10/29 23:57:07 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2014/10/29 23:57:07 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014/10/29 23:57:07 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2014/10/29 23:57:07 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2014/10/29 23:57:07 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2014/10/29 23:57:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2014/10/29 23:57:07 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2014/10/29 23:57:07 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014/10/29 23:57:07 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014/10/29 23:57:07 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014/10/29 23:57:07 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2014/10/29 23:57:07 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2014/10/29 23:57:07 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2014/10/29 23:57:07 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2014/10/29 23:57:07 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014/10/29 23:57:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2014/10/29 23:57:07 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014/10/29 23:57:07 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2014/10/29 23:57:07 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2014/10/29 23:57:07 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2014/10/29 23:57:07 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014/10/29 23:57:07 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2014/10/29 23:57:07 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014/10/29 23:57:07 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014/10/29 23:57:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2014/10/29 23:57:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2014/10/29 23:57:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2014/10/29 23:57:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2014/10/29 23:57:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014/10/29 23:57:07 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2014/10/29 23:57:07 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2014/10/29 23:57:07 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2014/10/29 23:57:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2014/10/29 23:57:07 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2014/10/29 23:57:07 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2014/10/29 23:57:07 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2014/10/29 23:57:07 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014/10/29 23:57:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2014/10/29 23:57:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014/10/29 23:57:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014/10/29 23:57:07 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014/10/29 23:57:07 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2014/10/29 23:57:07 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2014/10/29 23:57:07 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2014/10/29 23:57:07 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2014/10/29 23:57:07 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2014/10/29 23:45:25 | 000,000,000 | RHS- | M] () -- C:\OS ========== Files Created - No Company Name ========== [2014/11/09 15:14:14 | 000,162,777 | ---- | C] () -- C:\Users\xxx\Desktop\stupid.PNG [2014/11/08 22:01:26 | 000,000,430 | ---- | C] () -- C:\Windows\tasks\SparkUpdater.job [2014/11/08 21:00:31 | 000,002,560 | ---- | C] () -- C:\Users\xxx\Desktop\$AttrDef [2014/11/08 21:00:21 | 000,000,000 | ---- | C] () -- C:\Users\xxx\Desktop\$BadClus_$Bad [2014/11/08 20:59:57 | 000,004,096 | ---- | C] () -- C:\Users\xxx\Desktop\$MFTMirr [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\start [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\Server [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\Non-authoritative [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\Name [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\host [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\Copyright [2014/11/08 20:44:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\Address [2014/11/08 20:44:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\nslookup [2014/11/08 18:46:59 | 000,000,000 | ---- | C] () -- C:\Users\xxx\start [2014/11/08 18:46:27 | 000,000,000 | ---- | C] () -- C:\Users\xxx\Microsoft [2014/11/08 18:46:09 | 000,000,000 | ---- | C] () -- C:\Users\xxx\nslookup [2014/11/08 18:39:41 | 000,056,423 | ---- | C] () -- C:\Users\xxx\Desktop\ns look.PNG [2014/11/07 10:33:06 | 000,001,160 | ---- | C] () -- C:\Users\xxx\Desktop\Keyboard.bat [2014/11/07 08:45:01 | 000,003,061 | ---- | C] () -- C:\Users\xxx\Desktop\Assassin SE.lnk [2014/11/07 07:54:56 | 000,037,624 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys [2014/11/07 07:54:15 | 003,647,576 | ---- | C] () -- C:\Users\xxx\Desktop\RogueKillerCMDX64.exe [2014/11/06 17:41:39 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\Facebook.lnk [2014/11/06 17:41:39 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\Google.lnk [2014/11/06 17:41:39 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\Spark Browser.lnk [2014/11/05 23:58:00 | 000,002,257 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/11/05 23:57:35 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/11/05 23:57:35 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/11/05 21:26:13 | 000,000,000 | ---- | C] () -- C:\Users\xxx\Desktop\grub4dos.zip [2014/11/05 21:25:59 | 000,035,228 | ---- | C] () -- C:\Users\xxx\Desktop\USBFormat.zip [2014/11/05 21:06:04 | 000,002,065 | ---- | C] () -- C:\Windows\patsearch.bin [2014/11/05 21:06:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrN ew_01009.Wdf [2014/11/05 18:40:37 | 000,015,632 | ---- | C] () -- C:\Users\xxx\Desktop\00 spare ass annie.mp3 - Shortcut.lnk [2014/11/05 16:41:06 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2014/11/05 16:35:52 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2014/11/05 16:35:19 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2014/11/05 09:50:44 | 000,001,069 | ---- | C] () -- C:\Users\xxx\Desktop\GetFoldersize.lnk [2014/11/05 08:30:38 | 623,890,432 | ---- | C] () -- C:\Hiren's.BootCD.15.2.iso [2014/11/05 08:09:37 | 000,000,000 | ---- | C] () -- C:\Users\xxx\Desktop\7z920-x64.msi [2014/11/04 19:40:28 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014/11/04 19:40:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\bench-S-1-5-21-2059181236-31080851-1000316753-1000.job [2014/11/04 19:40:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\bench-sys.job [2014/11/04 19:38:58 | 000,000,004 | ---- | C] () -- C:\end [2014/11/04 19:38:51 | 000,002,426 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5_user.job [2014/11/04 19:38:49 | 000,002,426 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5.job [2014/11/04 19:38:37 | 000,002,090 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-2.job [2014/11/04 19:38:30 | 000,003,430 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-1.job [2014/11/04 19:38:16 | 000,004,474 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-4.job [2014/11/04 19:38:01 | 000,004,138 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-6.job [2014/11/04 19:38:00 | 000,003,794 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-7.job [2014/11/04 19:37:53 | 000,005,164 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-11.job [2014/11/04 19:37:50 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.j ob [2014/11/04 19:37:49 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore .job [2014/11/04 19:37:47 | 000,003,450 | ---- | C] () -- C:\Windows\tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-3.job [2014/11/04 08:36:43 | 621,283,886 | ---- | C] () -- C:\Users\xxx\Desktop\Hirens.BootCD.15.2.zip [2014/11/04 08:25:20 | 004,515,488 | ---- | C] () -- C:\Users\xxx\Desktop\ffmpeg.zip [2014/11/03 10:13:30 | 000,060,974 | ---- | C] () -- C:\Users\xxx\Desktop\1970740_10152113621213859_183 2334931_n.jpg [2014/11/03 09:36:34 | 000,880,258 | ---- | C] () -- C:\Users\xxx\Documents\no dupes.m3u [2014/11/03 09:17:38 | 000,001,021 | ---- | C] () -- C:\Users\xxx\Desktop\Duplicate Music Files Finder.lnk [2014/11/03 08:24:40 | 002,435,540 | ---- | C] () -- C:\Users\xxx\Desktop\GetFoldersize.zip [2014/11/03 01:09:47 | 000,003,055 | ---- | C] () -- C:\Users\xxx\Desktop\GMusic.lnk [2014/11/03 01:07:20 | 001,227,624 | ---- | C] () -- C:\Users\xxx\Documents\NewList.m3u [2014/11/02 19:23:05 | 002,887,680 | ---- | C] () -- C:\Suspicious Driver [2014/11/02 10:31:59 | 203,625,985 | ---- | C] () -- C:\Users\xxx\Desktop\New Compressed (zipped) Folder.zip [2014/11/01 07:20:47 | 000,295,514 | ---- | C] () -- C:\Windows\SysWow64\Vb6.olb [2014/10/31 18:48:48 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2059181236-31080851-1000316753-1000UA.job [2014/10/31 18:48:47 | 000,000,848 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2059181236-31080851-1000316753-1000Core.job [2014/10/31 18:28:37 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2014/10/31 18:25:20 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2014/10/31 18:25:17 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2014/10/31 18:21:03 | 000,001,096 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk [2014/10/31 18:21:03 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Aurora.lnk [2014/10/31 18:13:18 | 000,001,411 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Internet Explorer (64-bit).lnk [2014/10/31 18:13:11 | 000,001,445 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Internet Explorer.lnk [2014/10/31 18:09:07 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_p7-1225_Y53316J_0U_Q3CR2090CF0_E12NA1MRW608_4A_I2ACF_ SPEGATRON CORPORATION_V1.03_B7.18_T120326_W73-1_L409_M7667_J1000_7AMD_8F10_92.50_#141030_N10EC81 68;14E44357_Z_G10029640.MRK [2014/10/31 18:09:07 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_p7-1225_Y53316J_0U_Q3CR2090CF0_E12NA1MRW608_4A_I2ACF_ SPEGATRON CORPORATION_V1.03_B7.18_T120326_W73-1_L409_M7667_J1000_7AMD_8F10_92.50_#141030_N10EC81 68;14E44357_Z_G10029640.MRK [2014/10/30 00:35:47 | 000,002,109 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office 2010.lnk [2014/10/30 00:35:46 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2014/10/30 00:27:28 | 000,015,476 | ---- | C] () -- C:\Windows\SysNative\HP_Logo.bmp [2014/10/30 00:23:34 | 001,003,228 | ---- | C] () -- C:\Windows\SysNative\oem115.inf [2014/10/30 00:23:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09 _00.Wdf [2014/10/30 00:22:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2014/10/30 00:18:17 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2014/10/30 00:18:09 | 000,035,363 | ---- | C] () -- C:\Windows\atiogl.xml [2014/10/29 23:57:07 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2014/10/29 23:57:07 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2014/10/29 23:45:25 | 000,000,000 | RHS- | C] () -- C:\OS [2014/10/29 23:13:10 | 000,000,003 | R--- | C] () -- C:\cPCsuppDisc [2014/10/29 23:09:09 | 000,507,154 | R--- | C] () -- C:\Disc1 [2014/09/01 00:18:44 | 000,002,086 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\DJUI [2014/09/01 00:18:44 | 000,001,248 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\QTLVHGQE [2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2014/04/17 18:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2014/04/17 18:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2014/04/17 17:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2014/04/17 17:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2008/06/20 07:00:02 | 001,411,584 | ---- | C] () -- C:\Program Files (x86)\Setup1.msi [2008/06/20 06:59:58 | 000,344,064 | ---- | C] () -- C:\Program Files (x86)\setup.exe ========== ZeroAccess Check ========== [2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014/10/30 00:03:53 | 014,173,184 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/10/30 00:03:53 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >
|
|
#11
November 10th, 2014, 03:05 AM
|
|||
|
|||
|
now extras
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules] "{15BF12D6-A66C-4227-A743-07BC9C825954}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules] "{007CB984-4146-4CDF-975C-93CA838485B7}" = protocol=17 | dir=in | app=c:\program files (x86)\baidu\spark\bdtray.exe | "{22C2E888-9882-474A-9C7C-81D9ECEC51DA}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\local\temp\7zs3d8f.tmp\sy mnrt.exe | "{380C15E0-2BB4-4EF4-B0F1-3F2B4305271A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{5C19BAC1-2AA2-49F7-ABB2-1084925BCB3A}" = protocol=17 | dir=in | app=c:\program files (x86)\baidu\spark\spark.exe | "{6685E3F2-488A-41D2-BF24-ADAC7BFEF255}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{714B504A-6469-4664-A9E5-14E51AD7C647}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\local\temp\7zs3d8f.tmp\sy mnrt.exe | "{72A620AB-970B-4595-933F-1AAF04700E10}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7A615308-75BD-4FCF-829D-CFC81C052BE1}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{900E4D6F-BDFC-49C2-AF67-48B166DBE7F6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{AE3A1C8C-A606-4768-B10D-B6AFECA20178}" = protocol=6 | dir=in | app=c:\program files (x86)\baidu\spark\spark.exe | "{B9370046-E47D-431F-8DC2-EB29A3CEC573}" = protocol=6 | dir=in | app=c:\program files (x86)\baidu\spark\bdtray.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client "{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{6119B3A6-3603-9695-0398-CDF2AF0A13F8}" = AMD Catalyst Install Manager "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.1.1 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 "{ABD878B8-E7E3-2BC4-5A95-478133DCFFC3}" = AMD Accelerated Video Transcoding "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "Microsoft Security Client" = Microsoft Security Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}" = HP Clock "{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}" = HP Calendar "{452479C5-0118-48E9-AA69-0A7339F95FC8}" = HP RSS "{455AEEBA-64AF-4518-9EDF-BA8428B67547}" = ClamAV "{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics "{5A238CBE-7FA6-49DB-A3CC-707A7DC2FDBD}" = Assassin SE "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{776CC95E-8160-401B-AC79-164822AA8306}" = HP Weather "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support "{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}" = HP Notes "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore "{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{C3C7E0B9-6870-4FB5-9883-0BD970F98418}" = Google Music Player "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Aurora 35.0a2 (x86 en-US)" = Aurora 35.0a2 (x86 en-US) "ClamWin Free Antivirus_is1" = ClamWin Free Antivirus 0.98.4.1 "DokanLibrary" = Dokan Library 0.6.0 "Duplicate Music Files Finder_is1" = Duplicate Music Files Finder 1.5.5 "GetFoldersize_is1" = GetFoldersize 2.5.24 "Google Chrome" = Google Chrome "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "Kobo" = Kobo "MozillaMaintenanceService" = Mozilla Maintenance Service "PDF Complete" = PDF Complete Special Edition "Spark" = Spark Browser "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2059181236-31080851-1000316753-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall] ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/9/2014 1:48:59 AM | Computer Name = xxx-HP | Source = VSS | ID = 18 Description = Error - 11/9/2014 11:55:36 AM | Computer Name = xxx-HP | Source = globalUpdate Update | ID = 1 Description = Error - 11/9/2014 2:02:57 PM | Computer Name = xxx-HP | Source = globalUpdate Update | ID = 1 Description = Error - 11/9/2014 2:12:37 PM | Computer Name = xxx-HP | Source = VSS | ID = 22 Description = Error - 11/9/2014 2:12:37 PM | Computer Name = xxx-HP | Source = VSS | ID = 8193 Description = Error - 11/9/2014 7:00:22 PM | Computer Name = xxx-HP | Source = Application Error | ID = 1000 Description = Faulting application name: GoogleUpdate.exe, version: 1.3.25.0, time stamp: 0x53592941 Faulting module name: urlmon.dll_unloaded, version: 0.0.0.0, time stamp: 0x4eb31864 Exception code: 0xc0000005 Fault offset: 0x76ae31f4 Faulting process id: 0xac0 Faulting application start time: 0x01cffc70ee286dc9 Faulting application path: C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe Faulting module path: urlmon.dll Report Id: 2e65f475-6864-11e4-a4dc-e840f25f415c [ System Events ] Error - 11/9/2014 1:48:59 AM | Computer Name = xxx-HP | Source = DCOM | ID = 10005 Description = Error - 11/9/2014 2:25:16 AM | Computer Name = xxx-HP | Source = Ntfs | ID = 262281 Description = The default transaction resource manager on volume \\?\Volume{b9650dbd-616b-11e4-a2c6-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error - 11/9/2014 7:32:23 AM | Computer Name = xxx-HP | Source = Ntfs | ID = 262281 Description = The default transaction resource manager on volume \\?\Volume{b9650dbd-616b-11e4-a2c6-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error - 11/9/2014 11:55:14 AM | Computer Name = xxx-HP | Source = Ntfs | ID = 262281 Description = The default transaction resource manager on volume \\?\Volume{b9650dbd-616b-11e4-a2c6-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error - 11/9/2014 12:05:42 PM | Computer Name = xxx-HP | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.187.1631.0 Update Source: %%859 Update Stage: %%852 Source Path: Default URL Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.11104.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error - 11/9/2014 2:02:37 PM | Computer Name = xxx-HP | Source = Ntfs | ID = 262281 Description = The default transaction resource manager on volume \\?\Volume{b9650dbd-616b-11e4-a2c6-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error - 11/9/2014 6:59:04 PM | Computer Name = xxx-HP | Source = Ntfs | ID = 262281 Description = The default transaction resource manager on volume \\?\Volume{b9650dbd-616b-11e4-a2c6-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error - 11/9/2014 9:31:08 PM | Computer Name = xxx-HP | Source = Ntfs | ID = 262281 Description = The default transaction resource manager on volume \\?\Volume{b9650dbd-616b-11e4-a2c6-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. < End of report >
|
|
#12
November 11th, 2014, 12:18 AM
|
||||
|
||||
|
Is your user name xxx, or did you just modify those logs? If you did, please post the logs again without the modifications. I cannot create a repair script when all the user account names are masked.
|
|
#13
November 11th, 2014, 12:23 AM
|
|||
|
|||
|
Yes my username is xxx.. computer name xxx-hp.. I should be only user and no others on network..
|
|
#14
November 11th, 2014, 01:40 AM
|
||||
|
||||
|
Go to Start - Control Panel - Programs - Programs and Features/Uninstall, then click on each of the following programs, if they show there, and click "Uninstall/Change".
Spark Browser - From Baidu, a Chinese adware company. May also want to uninstall ClamWin Free Antivirus. It may interfere with things, and has a reputation for being pretty useless. ----------- Be sure to continue to temporarily disable any protective software when running the scan tools we use here. Download the latest version of Malwarebytes' Anti-Malware from Here. Then double click that downloaded file to install the application. Agree to all the prompts, however, when the Setup display shows, I suggest unchecking "Enable free trial of malwarebytes Anti-Malware Premium". Then click Finish. Malwarebytes will open, and automatically run an update. Once the update has finished (shown by a green check mark next to "Database version"), click the Scan Now button, and allow Malwarebytes to scan your system. When the scan has finished, click the drop down next to "Export Log", click "Text file (*.txt)", then save that log to your desktop by any name you choose. Post that log in your next reply please.
|
|
#15
November 11th, 2014, 04:46 AM
|
|||
|
|||
|
Do not know how but this is first time alot of these files were ever discovered by this or any other program.. Especially the s1.... file that is attached to recycle bin...Bad news is alot of these files were the ones I said I could not delete..Here is the log.. Then I opened the recyclebin after scan and all files quarenteened..that is the other entery.. I deleted those files that you asked.. Thankyou for your time and effort.. Very much appreciated..
The text file of c:\recycle bin wont fit next page Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/10/2014 Scan Time: 7:14:21 PM Logfile: mwb.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.11.01 Rootkit Database: v2014.11.10.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: xxx Scan Type: Threat Scan Result: Completed Objects Scanned: 337688 Time Elapsed: 9 min, 37 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 55 PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\CLASSES\CLSID\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\CLASSES\CLSID\{A7E5E408-67D6-48DF-9B00-3F24D85584BB}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A7E5E408-67D6-48DF-9B00-3F24D85584BB}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7B8E1CE6-3198-4E0D-8C4B-0354F66F74AF}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A720E457-6761-487F-B689-D024B75539BB}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FDE7F01D-B450-4CCF-8498-4CE5E8FAEA59}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A720E 457-6761-487F-B689-D024B75539BB}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FDE7F 01D-B450-4CCF-8498-4CE5E8FAEA59}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7B8E1CE 6-3198-4E0D-8C4B-0354F66F74AF}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXP LORER\BROWSER HELPER OBJECTS\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURREN TVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SE TTINGS\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\ST ATS\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\CLASSES\CLSID\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}\INPROCSERVER32, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [c0bde9513d3f9b9bd08fd1e2eb17a15f], PUP.Optional.Babylon.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [cdb0eb4fe3995dd989a8feb5e81a58a8], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, Quarantined, [b7c613272854fa3c1b032738e61d2cd4], PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4 d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [1568a397fa8291a5dae5634257ad15eb], PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2 797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [cbb28baf4339f640308e85200ef68d73], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\Browser Champion, Quarantined, [97e6a793e3990c2a730b300e1fe41de3], PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\TheTorntv V10-nv, Quarantined, [d0ad96a481fbea4cd9fa3bf836cde719], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\BService, Quarantined, [90edee4c403c0531e65dafa1b3502ad6], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\InstalledExtension s, Quarantined, [54290d2ddca090a6380c0b45649f9e62], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\NmHost, Quarantined, [b0cd58e2b5c72e08af960a46778c8779], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\Updater, Quarantined, [c8b5e15994e848ee53f3a1af778cab55], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [a9d4db5f7606f73fec38a69e9172f20e], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\NATIVEMESS AGINGHOSTS\com.bench.nmhost, Quarantined, [a8d5cd6d3f3d270f8c3f9306bd47aa56], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIO NS\3874, Quarantined, [7409cd6d512bdc5a829c87d843c0a15f], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging. google.com/globalUpdate Update;version=10, Quarantined, [1b621a207dff280e00943272d1335ea2], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging. google.com/globalUpdate Update;version=4, Quarantined, [a3dafd3d6913b185187dbfe59074ea16], PUP.Optional.BrowserChampion.A, HKLM\SOFTWARE\WOW6432NODE\PROXY\INSTALLATIONS\Brow ser Champion, Quarantined, [3e3fd7633f3d0e286419bd81a95a8f71], PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, Quarantined, [0b7249f18eee033342eebb8d986b39c7], PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [493493a77ffdac8a766dd5ad7d872ad6], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Conduit_Search_Protect, Quarantined, [2d50ec4ea2dacb6b3e19e1bfda2a5ca4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [dba2f04a314b8aac9637dabb43c16a96], PUP.Optional.TornTV.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, Quarantined, [9de0dd5d6e0e67cfba1bff34c43f23dd], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, Quarantined, [0578d862255790a6ceacb4ce3bc9dd23], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, Quarantined, [c2bb86b4710b45f15a9248efa360629e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\esc, Quarantined, [96e74ded225a82b48737b9e94fb527d9], PUP.Optional.Softonic.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [d0ad4ded8eee48eecdcf6af0f60dd62a], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10 , Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.One ClickCtrl.10, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURREN TVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebContr ol.4, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Upd ate3WebControl.4, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURREN TVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], Registry Values: 3 PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path , C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [a9d4db5f7606f73fec38a69e9172f20e] PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir , C:\PROGRA~2\SearchProtect, Quarantined, [0b7249f18eee033342eebb8d986b39c7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2059181236-31080851-1000316753-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 400ff4583455288b005e09755aba7c50, Quarantined, [0578d862255790a6ceacb4ce3bc9dd23] Registry Data: 3 PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64 Loader.dll , Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC6 4Loader.dll),Replaced,[0d702c0e2c5072c4ed759f06e819fb05] PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~2\searchprotect\searchprotect\bin\spvc32 loader.dll , Good: (), Bad: (c:\progra~2\searchprotect\searchprotect\bin\spvc3 2loader.dll),Replaced,[037ac07a6e0e7abcd38fcdd8f50c7a86] Broken.OpenCommand, HKCR\regfile\shell\open\command, regedit.exe Good: (regedit.exe "Bad: (regedit.exe %1),Replaced,[ffffffffffffffffffffffffffffffff]"), %4, %5 Folders: 53 PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost, Quarantined, [631ae9515c200d29b33eb1baa45fe61a], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\data, Quarantined, [631ae9515c200d29b33eb1baa45fe61a], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\data\installer, Quarantined, [631ae9515c200d29b33eb1baa45fe61a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [cbb243f72f4da98d4c689957f2107f81], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater, Quarantined, [cab3cb6ffb81d165e0a07889798afd03], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\1.7.0.0, Quarantined, [cab3cb6ffb81d165e0a07889798afd03], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService, Quarantined, [84f9142608744aec5ff89d674ab94cb4], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1, Quarantined, [84f9142608744aec5ff89d674ab94cb4], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Wd, Quarantined, [c5b8be7c4b31cb6b4711fa0a36cde51b], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy, Quarantined, [dca139013c409a9c923356b757ac27d9], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\SearchPro tect, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\SearchPro tect\rep, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\SearchPro tect\STG, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\UI, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\UI\rep, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{84DF56D4-482E-4F77-A677-68C57B7C1755}, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\CanvasFramework, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\icons, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Browser Champion, Quarantined, [0a7353e76a1244f26f6b0020db28eb15], PUP.Optional.MultiPlug.A, C:\ProgramData\PriceLess, Quarantined, [ceaf97a39ce05adc9eb9978e9a695da3], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PriceLess, Quarantined, [cdb06ad0e09c7fb755036abb788bfc04], PUP.Optional.DSearchLink.A, C:\ProgramData\DSearchLink, Quarantined, [a3daf64404786bcbdbb646df976c8b75], PUP.Optional.TornTV.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\TornTV.com, Quarantined, [730abc7e74083afca84d949427dc1ee2], Files: 206 PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader .dll, Quarantined, [0d702c0e2c5072c4ed759f06e819fb05], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader .dll, Quarantined, [037ac07a6e0e7abcd38fcdd8f50c7a86], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\FrameworkBHO64.dll, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\FrameworkBHO.dll, Quarantined, [205db783e8940135235c328051b160a0], PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, Quarantined, [7607c971225ae15585c88a6605ffa55b], PUP.Optional.IBryte, C:\Users\xxx\Desktop\$RQFFWJA.exe, Quarantined, [5a234feb4a32dd59c568f3edcc357789], PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, Quarantined, [3f3ecd6d2359b97d5c06a30238c9e11f], PUP.Optional.OnlySearch.A, C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\searchplugins\onlysearchkms.x ml, Quarantined, [0974dd5de29a64d2dda9ee4d0df60bf5], PUP.Optional.Proxy.A, C:\Users\xxx\AppData\Local\proxy.log, Quarantined, [2f4eb9812e4ef640c227e25c4db6e51b], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-1, Quarantined, [df9e1822f18bfe38e936ec586e95c937], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-11, Quarantined, [85f8d26868143303a7789ca844bf7987], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-2, Quarantined, [007de5551b61ae88dc43f15349bafb05], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-3, Quarantined, [bdc0fe3ca0dc78bed6498aba3dc62ad6], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-4, Quarantined, [1667c4763c4080b61807d56f897ab54b], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5, Quarantined, [91ecef4bf488c274b36c8db7ab5812ee], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5_user, Quarantined, [463766d4b3c97eb8a976ba8ab74ce21e], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-6, Quarantined, [cab38baf0f6d1026c659de6657ac659b], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-7, Quarantined, [285570caf488db5b78a7251f857eeb15], PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-S-1-5-21-2059181236-31080851-1000316753-1000, Quarantined, [a4d9f04a91eb072fbc0879cfb54e9c64], PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-sys, Quarantined, [5c2173c7bbc1a393873d8bbd26ddc63a], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\nmhost.exe, Quarantined, [631ae9515c200d29b33eb1baa45fe61a], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\manifest.json, Quarantined, [631ae9515c200d29b33eb1baa45fe61a], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\data\installer\fhajokkdlhllmgen mniigcnlefjakobn, Quarantined, [631ae9515c200d29b33eb1baa45fe61a], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-S-1-5-21-2059181236-31080851-1000316753-1000.job, Quarantined, [0e6fa991f884e1557e7c1458f50ef709], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-sys.job, Quarantined, [e598bf7bd1abee48c1393e2ec83b7789], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.htm l, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall. png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.p ng, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS .png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.pn g, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_che cked.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def .png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Icon.ico, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG. png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.m in.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js , Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults .js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protecti on.css, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protecti on.html, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protecti on.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaul ts.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protec tionDS.css, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protec tionDS.html, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protec tionDS.js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.j s, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.c ss, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.h tml, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.j s, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults. js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall .css, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall .html, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall .js, Quarantined, [4934ec4ea5d767cf9bfad1bac440b64a], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-1.job, Quarantined, [7eff6cce116b8caa9c8ed2d054b0e917], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-11.job, Quarantined, [166797a386f652e44cde396936ceef11], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-2.job, Quarantined, [a0ddda60acd0e3530f1b6141c0447e82], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-3.job, Quarantined, [c8b5c377007ce35345e5584af311cb35], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-4.job, Quarantined, [b7c6c1795d1fed49ed3ddac8a75da55b], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5.job, Quarantined, [93ea51e9ff7d9a9c969491113aca03fd], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-5_user.job, Quarantined, [89f443f71d5f251164c6049eac5839c7], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-6.job, Quarantined, [2657b8826f0dcb6bd555396905ffb44c], PUP.Optional.CrossRider.T, C:\Windows\Tasks\1cedbdc4-cbec-47fc-a34a-64e238718306-7.job, Quarantined, [780568d23e3e072fb575772b07fdb34d], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore .job, Quarantined, [dca167d3e696e056d66acbd7ca3ab947], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMa chineCore, Quarantined, [dca1d664304c26102f127f2304006f91], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.j ob, Quarantined, [1f5e4cee6e0ebd79c37f950d15ef46ba], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMa chineUA, Quarantined, [80fd1d1d374564d2fb48bde556aea060], PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [433aa397f08c300614ae980d2fd5ed13], PUP.Optional.YourFileDownloader, C:\Windows\System32\Tasks\Update Service YourFileDownloader, Quarantined, [4e2fd664d3a92115fa572d79b252d22e], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\products.xml, Quarantined, [cab3cb6ffb81d165e0a07889798afd03], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\updater.exe, Quarantined, [cab3cb6ffb81d165e0a07889798afd03], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\1.7.0.0\updater.exe, Quarantined, [cab3cb6ffb81d165e0a07889798afd03], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Quarantined, [84f9142608744aec5ff89d674ab94cb4], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper64.dll, Quarantined, [84f9142608744aec5ff89d674ab94cb4], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe, Quarantined, [84f9142608744aec5ff89d674ab94cb4], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\cl.exe, Quarantined, [dca139013c409a9c923356b757ac27d9], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\icon.ico, Quarantined, [dca139013c409a9c923356b757ac27d9], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\proc.exe, Quarantined, [dca139013c409a9c923356b757ac27d9], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\pwdg.exe, Quarantined, [dca139013c409a9c923356b757ac27d9], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\SearchPro tect\rep\UserRepository.dat, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\SearchPro tect\rep\UserSettings.dat, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.SearchProtect.A, C:\Users\xxx\AppData\Local\SearchProtect\UI\rep\UI Repository.dat, Quarantined, [b2cb75c5ed8fb5811fb5c35202014eb2], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHand ler.exe, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.ex e, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBro ker.exe, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHel per.msi, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnD emand.exe, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en. dll, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4 .dll, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [ef8e97a393e952e444c4e5352fd430d0], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\background.html, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\config.xml, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\extension_info.json, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\appAPI_bg.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\appAPI_browseraction.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\appAPI_common.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\appAPI_content.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\appAPI_settings.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\appAPI_webrequest.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\AppFramework\jquery.min.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\CanvasFramework\canvasscript_engine.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\CanvasFramework\canvas_bg.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\CanvasFramework\md5.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\CanvasFramework\registry.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\CanvasFramework\webrequest.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\backgroundscript_engine.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\base.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\browser.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\console.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\framework.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\global.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\i18n.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\initialize.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\invoke_async.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\io.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\json2.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\lang.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\legacy.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\message_target.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\messaging.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\storage.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\timer.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\updater.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\userscript_client.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\userscript_engine.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\utils.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework\xhr.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\browser_button.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\context_menu.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\context_menu_item_handler.html, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\framework_api.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\notification.html, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\notifications.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\options.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\ui_base.js, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\bottom-left.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\bottom-middle.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\bottom-right.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\middle-left.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\middle-right.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\tail-bottom.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\tail-left.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\tail-right.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\tail-top.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\top-left.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\top-middle.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\framework-ui\theme\bubble\top-right.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\icons\button.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\icons\icon100.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\icons\icon128.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\icons\icon32.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Program Files (x86)\Browser Champion\icons\icon48.png, Quarantined, [2b52cb6f780484b2776276aaf60d2cd4], PUP.Optional.BrowserChampion.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Browser Champion\Browser Champion Settings.url, Quarantined, [0a7353e76a1244f26f6b0020db28eb15], PUP.Optional.BrowserChampion.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Browser Champion\Browser Champion.lnk, Quarantined, [0a7353e76a1244f26f6b0020db28eb15], PUP.Optional.BrowserChampion.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Browser Champion\Uninstall.lnk, Quarantined, [0a7353e76a1244f26f6b0020db28eb15], PUP.Optional.DSearchLink.A, C:\ProgramData\DSearchLink\Search.lnk, Quarantined, [a3daf64404786bcbdbb646df976c8b75], PUP.Optional.TornTV.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\TornTV.com\Torntv Downloader.lnk, Quarantined, [730abc7e74083afca84d949427dc1ee2], PUP.Optional.TornTV.A, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\TornTV.com\Uninstall.lnk, Quarantined, [730abc7e74083afca84d949427dc1ee2], PUP.Optional.CrossRider.A, C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profi les\msiix1yg.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "1497e2681d4a74f2f8f6c481c5e886a8")  , Replaced,[c8b548f22b5166d00600b9c054b143bd]Physical Sectors: 0 (No malicious items detected) (end) .
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| trojan horse downloader.tsupdate.I + HJT | sublime78 | Malware Removal | 4 | November 2nd, 2014 07:31 PM |
| Found Trojan Horses Dyfica and Tsupdate | Racerx369 | Malware Removal | 3 | January 18th, 2005 04:40 AM |
| need expert help removing Win32.TSUpdate.f | Igotworms | Malware Removal | 4 | December 10th, 2004 08:12 AM |
All times are GMT +1. The time now is 12:38 PM.