Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Ive been hacked before, PC infected.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Ive been hacked before, PC infected.

Unread postby DJSNIFFY » February 15th, 2014, 8:16 am

Good Day

My machine was bought last year and it was deliberately infected by a person. it started when he asked for my home wifi password which was given by my wife to access his facebook via blackberry. He also borrowed my laptop and flash disk which according to him, he'll just transfer and upload pics.
After this incident, my internet connection and PC got very slow. I tried to reinstall my pc to factory settings and even upgraded to 8.1 but I think my PC goes back to being "infected".

My PC has:
- Windows 8.1
- Norton Antivirus

P.S. I cant run dds.scr Error Message "This tool does not your support your Operating System". Also tried dds.exe from dds.com, Error Message "not meant to run in compatibility mode"

Kindly advise what to do next.

Thanks
Last edited by DJSNIFFY on February 15th, 2014, 9:10 am, edited 1 time in total.
DJSNIFFY
Active Member
 
Posts: 3
Joined: February 15th, 2014, 7:54 am
Advertisement
Register to Remove

Re: Ive been hacked before, PC infected.

Unread postby DJSNIFFY » February 15th, 2014, 9:07 am

Here's my OTL log :
OTL logfile created on: 2/15/2014 9:55:04 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\EDWARD\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.89 Gb Total Physical Memory | 2.44 Gb Available Physical Memory | 62.71% Memory free
4.58 Gb Paging File | 3.11 Gb Available in Paging File | 67.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 185.62 Gb Total Space | 162.62 Gb Free Space | 87.61% Space Free | Partition Type: NTFS
Drive D: | 258.15 Gb Total Space | 185.53 Gb Free Space | 71.87% Space Free | Partition Type: NTFS

Computer Name: DJSNIFFY | User Name: EDWARD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/15 18:36:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\EDWARD\Desktop\OTL.exe
PRC - [2014/01/31 09:37:41 | 000,998,944 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\2014.6.0.27\inststub.exe
PRC - [2014/01/17 07:31:52 | 003,825,232 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/12/11 00:12:52 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/12/10 10:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/10 10:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/11/07 19:18:12 | 000,069,144 | ---- | M] (Internet Download Manager, Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\idmBroker.exe
PRC - [2013/11/07 19:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2013/11/01 13:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013/10/08 19:46:16 | 000,262,288 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
PRC - [2013/10/07 22:54:10 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
PRC - [2012/11/20 09:57:20 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2012/09/29 22:49:24 | 000,792,608 | ---- | M] (Symantec) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
PRC - [2012/03/02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/20 04:33:31 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/12 00:04:28 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/12 00:03:19 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/02/06 18:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/10 10:20:28 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/27 17:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/23 12:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/14 15:24:26 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/11/14 15:24:26 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/14 15:21:14 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/11/14 15:21:14 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/11/14 15:21:14 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/08/22 20:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 20:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 20:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 19:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 19:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 19:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 19:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 19:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 18:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 18:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 18:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 17:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 17:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 17:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 17:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 17:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 17:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 17:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 17:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 17:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 17:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 17:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/06/25 04:12:08 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/12/11 00:12:52 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/12/10 10:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/14 15:21:13 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/01 13:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/10/08 19:46:16 | 000,262,288 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe -- (NAV)
SRV - [2013/10/07 22:54:10 | 000,218,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2013/10/01 13:02:42 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 20:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 11:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 10:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/09/29 22:50:02 | 001,160,224 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe -- (SpeedDiskService)
SRV - [2012/09/29 22:49:46 | 001,147,424 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe -- (DiskDoctorService)
SRV - [2012/09/29 22:49:24 | 000,792,608 | ---- | M] (Symantec) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe -- (NU16StartManagerSvc)
SRV - [2012/03/02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/12 00:03:19 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/12 00:03:19 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/02/12 00:03:19 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/02/12 00:03:19 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/02/10 03:03:57 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/01/28 06:21:01 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2014/01/08 09:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/12/20 04:33:31 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/12/05 16:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 08:24:18 | 000,175,480 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/11/14 15:24:25 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 15:21:13 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/11/14 15:21:13 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/11/14 15:21:13 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 15:19:23 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/11/14 15:14:07 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 15:14:04 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/10/09 09:52:16 | 000,020,280 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/10/01 13:02:30 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/27 11:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/27 10:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/27 10:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/26 11:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/26 10:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\ccSetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2013/09/10 10:47:38 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\SymELAM.sys -- (SymELAM)
DRV:64bit: - [2013/09/10 10:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/10 09:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/08/23 06:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/23 06:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 21:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 21:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 20:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 20:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 20:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 20:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 20:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 20:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 20:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 20:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 20:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 20:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 20:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 20:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 20:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 20:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 20:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 20:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 20:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 20:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 20:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 20:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 20:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 20:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 20:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 20:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 20:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 20:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 20:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 20:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 20:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 20:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 20:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 20:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 20:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 20:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 20:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 20:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 19:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 19:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 19:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 19:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 19:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 19:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 19:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 19:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 19:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 19:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 19:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 19:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 19:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 19:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 19:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 19:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 19:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 19:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 19:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 19:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 19:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 19:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 19:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 19:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 16:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/22 02:42:10 | 003,915,264 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/08/13 07:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 08:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/31 02:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 03:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/25 04:12:08 | 000,565,760 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/06/18 22:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/20 09:57:28 | 000,062,848 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/18 10:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV - [2014/02/08 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140214.016\ex64.sys -- (NAVEX15)
DRV - [2014/02/08 01:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/02/08 01:00:00 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/02/08 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140214.016\eng64.sys -- (NAVENG)
DRV - [2014/02/07 17:27:32 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140214.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/01/21 03:37:32 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:tabs
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 97 3C EC E8 2F 1D CF 01 [binary data]
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 97 3C EC E8 2F 1D CF 01 [binary data]
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2064414862-780991476-1926018786-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: D:\Program Files\GarenaHoN\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014/02/10 03:08:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\EDWARD\AppData\Roaming\IDM\idmmzcc5 [2014/02/03 03:20:22 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2014/02/15 19:05:27 | 000,040,114 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.adorika.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.egdating.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
O1 - Hosts: 667 more lines...
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKU\S-1-5-21-2064414862-780991476-1926018786-1001..\Run: [GarenaPlus] D:\Program Files\GarenaHoN\GameData\GarenaMessenger.exe ()
O4 - HKU\S-1-5-21-2064414862-780991476-1926018786-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-2064414862-780991476-1926018786-1002..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2064414862-780991476-1926018786-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 114.108.195.1 114.108.193.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A274015-E3FA-47C5-A61B-4B2CFF19E273}: DhcpNameServer = 114.108.195.1 114.108.193.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A14AE513-6C2D-4C2B-8824-6BF5B2A41CC1}: DhcpNameServer = 114.108.195.1 114.108.193.201
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Last edited by DJSNIFFY on February 15th, 2014, 10:33 am, edited 1 time in total.
DJSNIFFY
Active Member
 
Posts: 3
Joined: February 15th, 2014, 7:54 am

Re: Ive been hacked before, PC infected.

Unread postby DJSNIFFY » February 15th, 2014, 10:30 am

========== Files/Folders - Created Within 30 Days ==========

[2014/02/15 19:33:52 | 000,000,000 | ---D | C] -- C:\FRST
[2014/02/15 19:33:20 | 002,152,960 | ---- | C] (Farbar) -- C:\Users\EDWARD\Desktop\FRST64.exe
[2014/02/15 19:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/02/15 19:28:13 | 002,347,384 | ---- | C] (ESET) -- C:\Users\EDWARD\Desktop\esetsmartinstaller_enu.exe
[2014/02/15 19:21:01 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\SysNative\drivers\00750283.sys
[2014/02/15 19:17:11 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\EDWARD\Desktop\tdsskiller.exe
[2014/02/15 19:11:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/02/15 19:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2014/02/15 18:58:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/15 18:36:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\EDWARD\Desktop\OTL.exe
[2014/02/15 16:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/02/15 16:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/02/15 16:29:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/02/15 16:27:23 | 000,000,000 | ---D | C] -- C:\history
[2014/02/15 16:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2014/02/15 16:26:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/15 16:26:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2014/02/15 15:58:43 | 018,576,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/15 15:58:41 | 013,949,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/15 15:58:41 | 006,640,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/02/15 15:58:40 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/02/15 15:58:38 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/02/15 15:58:38 | 000,802,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/02/15 15:58:37 | 000,914,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/02/15 15:58:37 | 000,481,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/02/15 15:58:36 | 001,720,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/02/15 15:58:36 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/02/15 15:58:36 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/02/15 15:58:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/02/15 15:58:36 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014/02/15 15:58:36 | 000,770,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/02/15 15:58:36 | 000,749,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/15 15:58:36 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014/02/15 15:58:36 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/15 15:58:36 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/15 15:58:36 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/15 15:58:36 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/15 15:58:36 | 000,419,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/02/15 15:58:36 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/02/15 15:58:36 | 000,381,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/02/15 15:58:36 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/15 15:58:36 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/02/15 15:58:36 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2014/02/15 15:58:36 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/02/15 15:58:36 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014/02/15 15:58:36 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/02/15 15:58:36 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2014/02/15 15:58:36 | 000,131,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014/02/15 15:56:08 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/15 15:56:07 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/15 15:56:06 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/02/15 15:56:05 | 002,142,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/02/15 15:56:05 | 002,131,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/02/15 15:56:03 | 001,371,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/02/15 15:56:02 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/15 15:56:02 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/15 15:56:01 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/15 15:56:00 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/15 15:55:58 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/15 15:55:57 | 000,764,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/02/15 15:55:57 | 000,669,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/02/15 15:55:57 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/15 15:55:57 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/15 15:55:55 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/15 15:55:54 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/15 15:55:54 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/15 15:55:54 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/15 15:55:54 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/15 15:55:54 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/15 15:55:54 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/15 15:55:53 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/15 15:55:53 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/15 15:55:53 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/15 15:55:53 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/15 15:55:53 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/15 15:55:53 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/15 15:55:53 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/15 15:55:53 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/15 15:55:53 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/15 15:55:53 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/15 15:55:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/15 15:55:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/15 15:17:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2014/02/12 13:47:59 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/02/12 13:47:59 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/12 11:46:52 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/02/12 11:45:23 | 007,416,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/02/12 11:45:22 | 013,209,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/02/12 11:45:22 | 004,961,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/02/12 11:45:20 | 011,702,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/02/12 11:45:19 | 001,462,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/02/12 11:45:19 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/02/12 11:45:15 | 001,113,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/02/12 11:45:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/02/12 11:45:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/02/12 11:45:11 | 004,217,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/12 11:45:10 | 002,804,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/02/12 11:45:09 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/02/12 11:45:09 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/02/12 11:45:09 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/02/12 11:45:09 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/02/12 11:45:09 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/02/12 11:45:09 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/12 11:45:09 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/02/12 10:17:00 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/02/12 10:17:00 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/02/12 10:16:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/12 10:16:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/12 10:16:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/12 10:16:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/12 10:16:13 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/12 10:16:13 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/02/12 10:16:13 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/12 10:16:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/12 10:16:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/12 10:16:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/12 10:16:12 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/12 10:16:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/12 10:16:11 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/02/12 10:16:11 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/02/12 10:16:11 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/12 10:16:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/12 10:16:10 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/02/12 10:16:10 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/12 10:16:10 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/12 10:16:10 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/12 10:16:10 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/12 10:14:31 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/02/12 00:05:36 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/02/12 00:05:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/02/12 00:04:41 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/02/12 00:04:35 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/02/12 00:04:32 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/02/12 00:04:32 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/02/12 00:04:28 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/02/12 00:04:28 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/02/12 00:04:28 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/02/12 00:04:28 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 00:04:28 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 00:04:28 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/02/12 00:04:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/02/12 00:04:22 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/02/12 00:04:18 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/02/12 00:04:18 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/02/12 00:04:18 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/02/12 00:03:19 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/02/12 00:03:19 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/02/12 00:03:19 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/02/12 00:03:19 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/02/12 00:03:19 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/02/12 00:03:19 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/02/12 00:03:19 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/02/12 00:03:19 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/02/12 00:03:19 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/02/12 00:03:19 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/02/12 00:03:19 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/02/12 00:03:19 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/02/12 00:03:19 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/02/12 00:03:19 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/02/12 00:03:19 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/02/12 00:03:19 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/02/12 00:03:19 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/02/12 00:03:19 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/02/12 00:03:19 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/02/12 00:03:19 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/02/12 00:03:19 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/02/12 00:03:19 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/02/12 00:03:19 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/02/12 00:03:19 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/02/12 00:03:19 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/02/12 00:03:19 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/02/12 00:03:19 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/02/12 00:03:19 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/02/12 00:03:19 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/02/12 00:03:19 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/02/12 00:03:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/02/12 00:03:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/02/11 09:18:18 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\SkyDrive
[2014/02/11 09:16:02 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Identities
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\AppData\Local\Temporary Internet Files
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Templates
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Start Menu
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\SendTo
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Recent
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\PrintHood
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\NetHood
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Documents\My Videos
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Documents\My Pictures
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Documents\My Music
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\My Documents
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Local Settings
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\AppData\Local\History
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Cookies
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\Application Data
[2014/02/11 08:13:34 | 000,000,000 | -HSD | C] -- C:\Users\EDWARD\AppData\Local\Application Data
[2014/02/11 08:13:33 | 000,000,000 | --SD | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft
[2014/02/11 08:13:33 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/02/11 08:13:33 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Favorites
[2014/02/11 08:13:33 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Documents
[2014/02/11 08:13:33 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Desktop
[2014/02/11 08:13:33 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/11 08:13:33 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/02/11 08:13:33 | 000,000,000 | -H-D | C] -- C:\Users\EDWARD\AppData
[2014/02/11 08:13:33 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Temp
[2014/02/11 08:13:33 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Microsoft
[2014/02/11 08:13:33 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/11 08:09:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/02/11 08:09:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/02/11 08:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2014/02/11 08:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2014/02/11 08:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/02/11 08:09:02 | 006,671,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2014/02/11 08:09:02 | 003,490,080 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2014/02/11 08:09:02 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2014/02/11 08:09:02 | 001,065,248 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2014/02/11 08:09:02 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2014/02/11 08:09:02 | 000,067,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2014/02/11 08:09:02 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2014/02/11 08:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/02/11 08:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/02/11 08:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/02/11 08:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/02/11 08:08:08 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2014/02/11 08:08:08 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2014/02/11 08:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/02/11 08:07:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/02/11 08:07:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/02/10 21:23:43 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Intel_Corporation
[2014/02/10 15:41:54 | 000,000,000 | ---D | C] -- C:\NBRT
[2014/02/10 06:51:15 | 000,000,000 | ---D | C] -- C:\Download
[2014/02/10 06:51:03 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Samsung
[2014/02/10 06:50:52 | 000,000,000 | ---D | C] -- C:\AllShare
[2014/02/10 06:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2014/02/10 06:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2014/02/10 06:49:33 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Downloaded Installations
[2014/02/10 03:41:11 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Norton Utilities 16
[2014/02/10 03:06:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2014/02/10 03:03:35 | 001,147,480 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymEFA64.sys
[2014/02/10 03:03:35 | 000,858,200 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\srtsp64.sys
[2014/02/10 03:03:35 | 000,590,936 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\symnets.sys
[2014/02/10 03:03:35 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymDS64.sys
[2014/02/10 03:03:35 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\Ironx64.sys
[2014/02/10 03:03:35 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\ccSetx64.sys
[2014/02/10 03:03:35 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\srtspx64.sys
[2014/02/10 03:03:35 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymELAM.sys
[2014/02/10 03:03:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012
[2014/02/10 02:56:36 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Diagnostics
[2014/02/10 02:41:00 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Documents\Norton Utilities 16
[2014/02/10 02:40:43 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4.dll
[2014/02/10 02:40:43 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4r.dll
[2014/02/10 02:40:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4a.dll
[2014/02/10 02:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
[2014/02/10 02:40:42 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox210.ocx
[2014/02/10 02:40:41 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
[2014/02/10 02:40:41 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox10.ocx
[2014/02/10 02:40:41 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCT2.OCX
[2014/02/10 02:40:41 | 000,512,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml.dll
[2014/02/10 02:40:41 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBoxVB12.ocx
[2014/02/10 02:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2014/02/10 02:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/02/10 02:40:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2014/02/10 02:40:17 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Product_NU16
[2014/02/09 21:24:58 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\NPE
[2014/02/09 20:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/02/09 20:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2014/02/09 20:59:15 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Desktop\SmartGesture_ASUS_Win7_8_VER1036
[2014/02/09 20:40:26 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Desktop\WirelessRadioControl_Win8_64_VER1003
[2014/02/09 20:31:07 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Desktop\WirelessRadioControl_Win8_64_Z1001
[2014/02/09 18:35:41 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Apple Computer
[2014/02/09 18:35:40 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Apple Computer
[2014/02/09 18:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/02/09 18:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/09 18:34:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/09 18:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/02/09 18:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/02/09 18:34:34 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Apple
[2014/02/09 18:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014/02/09 18:34:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014/02/09 18:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/02/09 18:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/02/09 15:26:58 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\GNU
[2014/02/09 15:26:56 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\.kde
[2014/02/09 15:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
[2014/02/09 15:25:34 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\gnupg
[2014/02/09 15:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2014/02/09 15:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2014/02/09 15:05:39 | 029,689,992 | ---- | C] (g10 Code GmbH) -- C:\Users\EDWARD\Desktop\gpg4win-2.2.1.exe
[2014/02/09 14:45:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/02/05 02:06:16 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\CrashDumps
[2014/02/04 05:22:30 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2014/02/04 05:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/02/04 05:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/02/04 05:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014/02/04 04:27:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2014/02/04 04:06:22 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2014/02/04 04:06:22 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2014/02/03 16:11:05 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\ElevatedDiagnostics
[2014/02/03 03:20:01 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\IDM
[2014/02/03 03:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014/02/03 03:20:01 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\DMCache
[2014/02/03 03:19:55 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/02/03 03:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/02/03 03:19:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2014/02/03 03:18:08 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\vlc
[2014/01/31 05:47:14 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Documents\Heroes of Newerth (Garena)
[2014/01/31 05:46:25 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Garena
[2014/01/31 05:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Garena
[2014/01/31 05:41:11 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\GarenaPlus
[2014/01/31 05:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\GarenaMessenger
[2014/01/30 11:46:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/01/30 06:15:31 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2014/01/30 06:15:29 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Documents\VirtualDJ
[2014/01/30 06:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2014/01/30 06:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer
[2014/01/30 06:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pioneer
[2014/01/30 06:00:50 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Documents\Symantec
[2014/01/30 05:59:56 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014/01/30 05:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/01/30 05:58:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NAVx64
[2014/01/30 05:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2014/01/30 05:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/01/30 05:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/01/30 05:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/01/30 04:48:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2014/01/30 04:45:57 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\Documents\Bluetooth Folder
[2014/01/30 04:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2014/01/30 04:38:41 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib64.dll
[2014/01/30 04:38:40 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosade.dll
[2014/01/30 04:38:40 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo264.dll
[2014/01/30 04:38:40 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll
[2014/01/30 04:38:40 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo.dll
[2014/01/30 04:38:40 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\WINDOWS\SysNative\tepeqapo64.dll
[2014/01/30 04:38:39 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll
[2014/01/30 04:38:39 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll
[2014/01/30 04:38:39 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll
[2014/01/30 04:38:36 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\WINDOWS\SysNative\SFSS_APO.dll
[2014/01/30 04:38:35 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll
[2014/01/30 04:38:35 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll
[2014/01/30 04:38:35 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll
[2014/01/30 04:38:35 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll
[2014/01/30 04:38:34 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2014/01/30 04:38:34 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2014/01/30 04:38:34 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtlCPAPI64.dll
[2014/01/30 04:38:33 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCfg64.dll
[2014/01/30 04:38:33 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCoLDR64.dll
[2014/01/30 04:38:32 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2014/01/30 04:38:32 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2014/01/30 04:38:32 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll
[2014/01/30 04:38:31 | 001,269,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2014/01/30 04:38:31 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll
[2014/01/30 04:38:31 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll
[2014/01/30 04:38:31 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll
[2014/01/30 04:38:30 | 010,540,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2014/01/30 04:38:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll
[2014/01/30 04:38:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll
[2014/01/30 04:38:29 | 000,117,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2014/01/30 04:38:28 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll
[2014/01/30 04:38:28 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll
[2014/01/30 04:38:28 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll
[2014/01/30 04:38:28 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll
[2014/01/30 04:38:28 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll
[2014/01/30 04:38:27 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll
[2014/01/30 04:38:26 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek64.dll
[2014/01/30 04:38:26 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ64.dll
[2014/01/30 04:38:26 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek264.dll
[2014/01/30 04:38:25 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPOShell64.dll
[2014/01/30 04:38:25 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll
[2014/01/30 04:38:25 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll
[2014/01/30 04:38:24 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll
[2014/01/30 04:38:19 | 002,703,456 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2014/01/30 04:38:19 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll
[2014/01/30 04:38:19 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll
[2014/01/30 04:38:19 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll
[2014/01/30 04:38:19 | 000,501,192 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll
[2014/01/30 04:38:19 | 000,487,368 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll
[2014/01/30 04:38:19 | 000,415,688 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll
[2014/01/30 04:38:18 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll
[2014/01/30 04:38:18 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll
[2014/01/30 04:38:18 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll
[2014/01/30 04:38:18 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll
[2014/01/30 04:38:18 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll
[2014/01/30 04:38:18 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll
[2014/01/30 04:38:17 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll
[2014/01/30 04:38:17 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll
[2014/01/30 04:38:17 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll
[2014/01/30 04:38:16 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2014/01/30 04:38:16 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2014/01/30 04:38:16 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAR64.dll
[2014/01/30 04:38:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014/01/30 04:38:15 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/01/30 04:37:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014/01/30 04:37:57 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2014/01/30 04:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/01/30 04:37:33 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\NVIDIA Corporation
[2014/01/30 04:33:50 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_43.dll
[2014/01/30 04:33:50 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2014/01/30 04:33:50 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2014/01/30 04:33:50 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2014/01/30 04:33:49 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2014/01/30 04:33:49 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_43.dll
[2014/01/30 04:33:29 | 001,100,248 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2014/01/30 04:33:29 | 000,982,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2014/01/30 04:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/01/30 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\NVIDIA
[2014/01/30 04:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/01/30 04:30:42 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvad64v.sys
[2014/01/30 04:30:42 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2014/01/30 04:30:42 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2014/01/30 04:30:41 | 030,372,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014/01/30 04:30:41 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014/01/30 04:30:41 | 018,310,112 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2014/01/30 04:30:41 | 018,222,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014/01/30 04:30:41 | 015,877,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014/01/30 04:30:41 | 011,554,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014/01/30 04:30:41 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014/01/30 04:30:41 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433221.dll
[2014/01/30 04:30:41 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433221.dll
[2014/01/30 04:30:41 | 001,436,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2014/01/30 04:30:41 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014/01/30 04:30:41 | 000,882,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014/01/30 04:30:41 | 000,879,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014/01/30 04:30:41 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014/01/30 04:30:41 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014/01/30 04:30:41 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014/01/30 04:30:41 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014/01/30 04:30:41 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014/01/30 04:30:41 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014/01/30 04:30:41 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys
[2014/01/30 04:30:40 | 015,230,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014/01/30 04:30:40 | 011,605,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014/01/30 04:30:40 | 009,700,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014/01/30 04:30:40 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014/01/30 04:30:40 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014/01/30 04:30:40 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014/01/30 04:30:40 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014/01/30 04:30:37 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014/01/30 04:30:37 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014/01/30 04:30:37 | 003,071,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2014/01/30 04:30:37 | 002,698,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014/01/30 04:26:09 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/01/30 04:18:07 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll
[2014/01/30 04:12:42 | 000,000,000 | ---D | C] -- C:\Intel
[2014/01/30 04:03:56 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Macromedia
[2014/01/30 04:03:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\softwaredistribution.bak
[2014/01/30 03:15:01 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/30 03:15:01 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Searches
[2014/01/30 03:15:01 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Contacts
[2014/01/30 03:15:01 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/30 03:15:01 | 000,000,000 | -H-D | C] -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/30 03:14:57 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Roaming\Adobe
[2014/01/30 03:14:31 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\VirtualStore
[2014/01/30 03:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2014/01/30 03:14:24 | 000,000,000 | ---D | C] -- C:\Users\EDWARD\AppData\Local\Packages
[2014/01/30 03:14:10 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Videos
[2014/01/30 03:14:10 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Saved Games
[2014/01/30 03:14:10 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Pictures
[2014/01/30 03:14:10 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Music
[2014/01/30 03:14:10 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Links
[2014/01/30 03:14:10 | 000,000,000 | R--D | C] -- C:\Users\EDWARD\Downloads
[2014/01/30 03:05:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/17 07:37:52 | 000,175,480 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\SysNative\drivers\idmwfp.sys

========== Files - Modified Within 30 Days ==========

[2014/02/15 19:33:28 | 002,152,960 | ---- | M] (Farbar) -- C:\Users\EDWARD\Desktop\FRST64.exe
[2014/02/15 19:28:23 | 002,347,384 | ---- | M] (ESET) -- C:\Users\EDWARD\Desktop\esetsmartinstaller_enu.exe
[2014/02/15 19:22:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/15 19:21:27 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\NUAutoUpdate.job
[2014/02/15 19:21:01 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\SysNative\drivers\00750283.sys
[2014/02/15 19:20:43 | 000,000,022 | ---- | M] () -- C:\WINDOWS\S.dirmngr
[2014/02/15 19:20:20 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/02/15 19:20:16 | 3339,931,648 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/15 19:17:22 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\EDWARD\Desktop\tdsskiller.exe
[2014/02/15 19:05:27 | 000,040,114 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014/02/15 18:57:38 | 001,166,132 | ---- | M] () -- C:\Users\EDWARD\Desktop\AdwCleaner.exe
[2014/02/15 18:36:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\EDWARD\Desktop\OTL.exe
[2014/02/15 16:21:22 | 000,818,732 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/02/15 16:21:22 | 000,696,354 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/02/15 16:21:22 | 000,127,946 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/02/15 16:02:39 | 000,335,840 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/02/15 15:58:11 | 004,534,074 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\Cat.DB
[2014/02/15 13:38:25 | 000,001,558 | ---- | M] () -- C:\Users\EDWARD\Desktop\14.xspf
[2014/02/15 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\SpeedDiskSchedule.job
[2014/02/12 00:04:41 | 000,075,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/02/12 00:04:35 | 000,787,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/02/12 00:04:32 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/02/12 00:04:32 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/02/12 00:04:28 | 003,395,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/02/12 00:04:28 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/02/12 00:04:28 | 000,695,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/02/12 00:04:28 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 00:04:28 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 00:04:28 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/02/12 00:04:22 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/02/12 00:04:22 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/02/12 00:04:18 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/02/12 00:04:18 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/02/12 00:04:18 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/02/12 00:03:19 | 007,399,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/02/12 00:03:19 | 002,896,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/02/12 00:03:19 | 002,570,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/02/12 00:03:19 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/02/12 00:03:19 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/02/12 00:03:19 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/02/12 00:03:19 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/02/12 00:03:19 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/02/12 00:03:19 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/02/12 00:03:19 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/02/12 00:03:19 | 001,756,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/02/12 00:03:19 | 001,642,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/02/12 00:03:19 | 001,506,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/02/12 00:03:19 | 001,476,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/02/12 00:03:19 | 001,391,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/02/12 00:03:19 | 001,345,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/02/12 00:03:19 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/02/12 00:03:19 | 000,922,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/02/12 00:03:19 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/02/12 00:03:19 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/02/12 00:03:19 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/02/12 00:03:19 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/02/12 00:03:19 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/02/12 00:03:19 | 000,358,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/02/12 00:03:19 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/02/12 00:03:19 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/02/12 00:03:19 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/02/12 00:03:19 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/02/12 00:03:19 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/02/12 00:03:19 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/02/12 00:03:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/02/12 00:03:19 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/02/11 08:23:46 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/02/11 08:23:46 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/02/11 08:23:32 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/02/11 08:09:17 | 000,083,861 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTWAVES30.dat
[2014/02/10 06:51:03 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2014/02/10 06:50:23 | 000,002,051 | ---- | M] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung AllShare.lnk
[2014/02/10 03:43:50 | 000,001,221 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities 16.lnk
[2014/02/10 03:06:11 | 000,028,778 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\VT20140131.024
[2014/02/10 03:06:02 | 000,002,399 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014/02/10 03:03:57 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014/02/10 03:03:57 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014/02/10 03:03:57 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014/02/10 02:54:06 | 000,001,253 | ---- | M] () -- C:\Users\EDWARD\Desktop\Norton Installation Files.lnk
[2014/02/10 02:15:27 | 000,797,241 | ---- | M] () -- C:\Users\EDWARD\Desktop\Info20140210021219.xml
[2014/02/09 20:30:49 | 000,160,472 | ---- | M] () -- C:\Users\EDWARD\Desktop\WirelessRadioControl_Win8_64_Z1001.zip
[2014/02/09 20:30:15 | 000,161,831 | ---- | M] () -- C:\Users\EDWARD\Desktop\WirelessRadioControl_Win8_64_VER1003.zip
[2014/02/09 18:35:36 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/02/09 17:26:17 | 000,000,437 | ---- | M] () -- C:\WINDOWS\SysNative\VeriSign Commercial Software Publishers CA.crl
[2014/02/09 15:06:35 | 029,689,992 | ---- | M] (g10 Code GmbH) -- C:\Users\EDWARD\Desktop\gpg4win-2.2.1.exe
[2014/02/09 11:36:49 | 000,003,730 | ---- | M] () -- C:\Users\EDWARD\Desktop\29.xspf
[2014/02/06 19:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/06 19:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/06 19:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/06 18:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/06 18:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/06 18:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/06 18:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/06 18:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/02/06 18:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/06 18:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/02/06 18:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/06 18:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/06 17:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/02/06 17:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/06 17:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/06 17:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/06 17:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/06 17:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/06 17:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/06 16:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/06 16:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/02/04 06:38:55 | 000,118,044 | -H-- | M] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2014/02/04 05:44:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/02/03 16:06:50 | 000,001,426 | ---- | M] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/03 16:06:50 | 000,000,223 | -HS- | M] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2014/02/03 05:37:27 | 000,004,040 | ---- | M] () -- C:\Users\EDWARD\Desktop\22.xspf
[2014/01/31 04:47:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/01/31 04:47:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/30 06:15:31 | 000,000,966 | ---- | M] () -- C:\Users\EDWARD\Desktop\VirtualDJ LE (DDJ-WeGO).lnk
[2014/01/30 05:35:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/01/30 04:34:58 | 000,001,349 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/01/28 06:21:01 | 000,652,344 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorA.sys
[2014/01/28 06:19:06 | 002,080,120 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib64.dll
[2014/01/28 06:19:06 | 001,361,336 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosade.dll
[2014/01/28 06:19:06 | 000,836,544 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo264.dll
[2014/01/28 06:19:06 | 000,518,896 | ---- | M] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll
[2014/01/28 06:19:06 | 000,211,184 | ---- | M] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll
[2014/01/28 06:19:06 | 000,155,888 | ---- | M] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll
[2014/01/28 06:19:06 | 000,148,416 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo.dll
[2014/01/28 06:19:06 | 000,065,944 | ---- | M] (TOSHIBA CORPORATION.) -- C:\WINDOWS\SysNative\tepeqapo64.dll
[2014/01/28 06:19:05 | 000,198,896 | ---- | M] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll
[2014/01/28 06:19:04 | 000,772,224 | ---- | M] (Sony Corporation) -- C:\WINDOWS\SysNative\SFSS_APO.dll
[2014/01/28 06:19:04 | 000,221,024 | ---- | M] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll
[2014/01/28 06:19:03 | 002,743,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2014/01/28 06:19:03 | 001,561,744 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2014/01/28 06:19:03 | 000,331,880 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtlCPAPI64.dll
[2014/01/28 06:19:03 | 000,081,248 | ---- | M] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll
[2014/01/28 06:19:03 | 000,078,688 | ---- | M] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll
[2014/01/28 06:19:03 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll
[2014/01/28 06:19:02 | 003,673,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2014/01/28 06:19:02 | 000,149,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCfg64.dll
[2014/01/28 06:19:02 | 000,014,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCoLDR64.dll
[2014/01/28 06:19:01 | 010,540,032 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2014/01/28 06:19:01 | 001,269,904 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2014/01/28 06:19:01 | 000,881,808 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2014/01/28 06:19:01 | 000,377,453 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2014/01/28 06:19:01 | 000,375,128 | ---- | M] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll
[2014/01/28 06:19:01 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll
[2014/01/28 06:19:01 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll
[2014/01/28 06:19:01 | 000,204,120 | ---- | M] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll
[2014/01/28 06:19:01 | 000,101,208 | ---- | M] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll
[2014/01/28 06:19:01 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll
[2014/01/28 06:19:00 | 000,117,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2014/01/28 06:18:58 | 009,546,616 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek64.dll
[2014/01/28 06:18:58 | 001,460,600 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek264.dll
[2014/01/28 06:18:58 | 000,394,616 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll
[2014/01/28 06:18:57 | 002,028,920 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ64.dll
[2014/01/28 06:18:57 | 000,869,752 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPOShell64.dll
[2014/01/28 06:18:56 | 000,603,984 | ---- | M] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll
[2014/01/28 06:18:56 | 000,394,616 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll
[2014/01/28 06:18:56 | 000,318,808 | ---- | M] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll
[2014/01/28 06:18:52 | 002,703,456 | ---- | M] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2014/01/28 06:18:52 | 000,693,352 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll
[2014/01/28 06:18:52 | 000,501,192 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll
[2014/01/28 06:18:52 | 000,415,688 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll
[2014/01/28 06:18:51 | 001,756,264 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll
[2014/01/28 06:18:51 | 001,568,360 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll
[2014/01/28 06:18:51 | 000,712,296 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll
[2014/01/28 06:18:51 | 000,487,368 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll
[2014/01/28 06:18:50 | 001,486,952 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll
[2014/01/28 06:18:50 | 000,728,680 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll
[2014/01/28 06:18:50 | 000,491,112 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll
[2014/01/28 06:18:50 | 000,432,744 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll
[2014/01/28 06:18:50 | 000,428,648 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll
[2014/01/28 06:18:50 | 000,242,792 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll
[2014/01/28 06:18:50 | 000,242,792 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll
[2014/01/28 06:18:50 | 000,241,768 | ---- | M] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll
[2014/01/28 06:18:50 | 000,110,592 | ---- | M] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2014/01/28 06:18:49 | 000,202,336 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2014/01/28 06:18:49 | 000,108,640 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAR64.dll
[2014/01/28 06:18:36 | 001,706,640 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2014/01/28 06:07:59 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll

========== Files Created - No Company Name ==========

[2014/02/15 19:20:43 | 000,000,022 | ---- | C] () -- C:\WINDOWS\S.dirmngr
[2014/02/15 18:57:33 | 001,166,132 | ---- | C] () -- C:\Users\EDWARD\Desktop\AdwCleaner.exe
[2014/02/15 15:58:36 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/02/15 15:58:36 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/15 15:55:53 | 000,385,614 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/15 13:38:25 | 000,001,558 | ---- | C] () -- C:\Users\EDWARD\Desktop\14.xspf
[2014/02/12 11:45:18 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/12 11:45:18 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/11 09:16:08 | 000,001,444 | ---- | C] () -- C:\Users\EDWARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/11 08:23:32 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/02/11 08:13:50 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/02/11 08:13:50 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/02/11 08:13:34 | 000,000,352 | ---- | C] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/02/11 08:13:34 | 000,000,334 | ---- | C] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/02/11 08:09:17 | 000,083,861 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTWAVES30.dat
[2014/02/11 08:09:02 | 003,539,040 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014/02/10 22:54:04 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\SpeedDiskSchedule.job
[2014/02/10 06:51:03 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2014/02/10 06:50:23 | 000,002,051 | ---- | C] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung AllShare.lnk
[2014/02/10 03:43:50 | 000,001,221 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities 16.lnk
[2014/02/10 03:06:11 | 004,534,074 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\Cat.DB
[2014/02/10 03:06:11 | 000,028,778 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\VT20140131.024
[2014/02/10 03:03:56 | 000,002,399 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014/02/10 03:03:25 | 000,014,818 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymVTcer.dat
[2014/02/10 03:03:25 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymELAM64.cat
[2014/02/10 03:03:25 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\ccSetx64.cat
[2014/02/10 03:03:25 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\srtspx64.cat
[2014/02/10 03:03:25 | 000,008,194 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymEFA64.cat
[2014/02/10 03:03:25 | 000,008,192 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\symnet64.cat
[2014/02/10 03:03:25 | 000,008,192 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\srtsp64.cat
[2014/02/10 03:03:25 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymDS64.cat
[2014/02/10 03:03:25 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\iron.cat
[2014/02/10 03:03:25 | 000,003,433 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymEFA.inf
[2014/02/10 03:03:25 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymDS.inf
[2014/02/10 03:03:25 | 000,001,440 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\SymNet.inf
[2014/02/10 03:03:25 | 000,001,437 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\srtsp64.inf
[2014/02/10 03:03:25 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\srtspx64.inf
[2014/02/10 03:03:25 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\symELAM.inf
[2014/02/10 03:03:25 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\ccSetx64.inf
[2014/02/10 03:03:25 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\Iron.inf
[2014/02/10 03:03:25 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NAVx64\1501000.012\isolate.ini
[2014/02/10 02:41:00 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\NUAutoUpdate.job
[2014/02/10 02:40:42 | 000,040,992 | ---- | C] () -- C:\WINDOWS\SysNative\CleanMFT64.exe
[2014/02/10 02:15:01 | 000,797,241 | ---- | C] () -- C:\Users\EDWARD\Desktop\Info20140210021219.xml
[2014/02/09 21:28:54 | 000,001,253 | ---- | C] () -- C:\Users\EDWARD\Desktop\Norton Installation Files.lnk
[2014/02/09 20:30:56 | 000,160,472 | ---- | C] () -- C:\Users\EDWARD\Desktop\WirelessRadioControl_Win8_64_Z1001.zip
[2014/02/09 20:30:15 | 000,161,831 | ---- | C] () -- C:\Users\EDWARD\Desktop\WirelessRadioControl_Win8_64_VER1003.zip
[2014/02/09 18:35:36 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/02/09 18:34:33 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/02/09 17:26:10 | 000,000,437 | ---- | C] () -- C:\WINDOWS\SysNative\VeriSign Commercial Software Publishers CA.crl
[2014/02/09 11:36:49 | 000,003,730 | ---- | C] () -- C:\Users\EDWARD\Desktop\29.xspf
[2014/02/04 06:38:55 | 000,118,044 | -H-- | C] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2014/02/04 05:44:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/02/03 16:06:50 | 000,001,426 | ---- | C] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/03 05:37:27 | 000,004,040 | ---- | C] () -- C:\Users\EDWARD\Desktop\22.xspf
[2014/01/30 06:15:31 | 000,000,966 | ---- | C] () -- C:\Users\EDWARD\Desktop\VirtualDJ LE (DDJ-WeGO).lnk
[2014/01/30 05:59:56 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014/01/30 05:59:56 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014/01/30 05:35:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/01/30 04:38:30 | 000,377,453 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2014/01/30 04:34:58 | 000,001,349 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/01/30 04:30:41 | 000,023,754 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014/01/30 03:14:10 | 000,000,223 | -HS- | C] () -- C:\Users\EDWARD\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2014/01/30 03:10:40 | 3339,931,648 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/30 03:05:55 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013/10/01 13:02:30 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/01 13:02:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/01 13:02:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 23:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 23:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 22:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 15:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 11:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 07:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 07:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/07/26 04:22:56 | 000,733,840 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012/07/26 04:22:56 | 000,492,340 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/09 16:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/09 12:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 17:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 10:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 17:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/02/09 15:32:38 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\.kde
[2014/02/15 21:37:27 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\DMCache
[2014/01/31 05:46:25 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\Garena
[2014/02/15 18:32:24 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\GarenaPlus
[2014/02/11 07:44:55 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\gnupg
[2014/02/09 04:49:12 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\IDM
[2014/02/10 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\Product_NU16
[2014/02/10 06:51:03 | 000,000,000 | ---D | M] -- C:\Users\EDWARD\AppData\Roaming\Samsung

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\EDWARD\SkyDrive:ms-properties
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:792D4CF1

< End of report >
DJSNIFFY
Active Member
 
Posts: 3
Joined: February 15th, 2014, 7:54 am

Re: Ive been hacked before, PC infected.

Unread postby Cypher » February 16th, 2014, 6:35 am

Bumping or Replying to Your Own Topic

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to or try to bump your topic.
Please submit a new log and wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 20 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware