DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16563 BrowserJavaVersion: 10.67.2
Run by leungb at 18:09:03 on 2014-08-28
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.4046.1465 [GMT -7:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Host Intrusion Prevention Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\lsm.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k GPSvcGroup
C:\WINDOWS\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Iron Mountain\Connected BackupPC\AgentService.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe
C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\PureLeads\plsapp.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\SysWOW64\rpcnet.exe
C:\Program Files (x86)\McAfee\Real Time\rtsc.exe
C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files (x86)\Secunia\CSI Agent\csia.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Program Files\Websense\Websense Endpoint\wepsvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe
C:\Program Files\Websense\Websense Endpoint\EndPointClassifier.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Websense\Websense Endpoint\FilterSDK\kvoop.exe
C:\Program Files\Websense\Websense Endpoint\FilterSDK\kvoop.exe
C:\Program Files\Websense\Websense Endpoint\FilterSDK\kvoop.exe
C:\Program Files\Websense\Websense Endpoint\FilterSDK\kvoop.exe
C:\Program Files\Websense\Websense Endpoint\FilterSDK\kvoop.exe
C:\Program Files\Websense\Websense Endpoint\FilterSDK\kvoop.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\Dwm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Websense\Websense Endpoint\Dserui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\McAfee\Endpoint Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files (x86)\Iron Mountain\Connected BackupPC\Agent.exe
C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
C:\Program Files (x86)\PureLeads\PureLeadsTray.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\WINDOWS\CCM\CcmExec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\CCM\RemCtrl\CmRcService.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\PureLeads\PureLeads.Service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\CCM\SCNotification.exe
C:\WINDOWS\ccmcache\1z\QTimeReminder.EXE
C:\Users\leungb\AppData\Local\Temp\GLBAEA5.tmp
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\WINDOWS\System32\WUDFHost.exe
C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
C:\WINDOWS\System32\WUDFHost.exe
C:\WINDOWS\system32\WLANExt.exe
C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://qhome.qualcomm.com/web/qhome/home
uSearch Bar = Preserve
mStart Page = hxxps://
www.yahoo.com?fr=hp-avast&type=tdc905
mWinlogon: Userinit = userinit.exe,
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [GoogleChromeAutoLaunch_ABEC2CECA528678B7CAF40B6E8183AA1] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Lync] "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe" /fromrunkey
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [AgentUiRunKey] "C:\Program Files (x86)\Iron Mountain\Connected BackupPC\Agent.exe" -ni -sss -e
http://localhost:16386/
mRun: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
mRun: [PureLeads Tray] "C:\Program Files (x86)\PureLeads\PureLeadsTray.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: DisallowRun = dword:1
uPolicies-DisallowRun: 1 = 1hellbot.exe
uPolicies-DisallowRun: 2 = hellmsn.exe
uPolicies-DisallowRun: 3 = internet.exe
uPolicies-DisallowRun: 4 = rpcsvc.exe
uPolicies-DisallowRun: 5 = starwin32.exe
uPolicies-DisallowRun: 6 = test3.exe
uPolicies-DisallowRun: 7 = wfdmgr.exe
uPolicies-DisallowRun: 8 = wmisg.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: HideSCAHealth = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: legalnoticecaption = DO NOT EXPECT PRIVACY WHEN USING THIS SYSTEM
mPolicies-System: legalnoticetext = You are about to access a Qualcomm e-media system. It is for authorized users only. You should have no expectation of privacy when using this system and may use it only as authorized. To protect Qualcomm's interests, this system and its data may be monitored, intercepted, recorded, read, copied, captured and disclosed, to the fullest extent permitted by law. Use of this system constitutes your consent to these terms.
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: C:\WINDOWS\System32\plsapp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://myvpn.qualcomm.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C5585E26-D273-4C98-874D-90C61B66ED83} : DHCPNameServer = 192.168.1.254
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = EpePcNp64 scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [MfeEpePcMonitor] "C:\Program Files\McAfee\Endpoint Encryption\EpePcMonitor.exe"
x64-Run: [EpeFprTrainer] "C:\Program Files\McAfee\Endpoint Encryption\EpeFprTrainer.exe"
x64-Run: [SpywareClearShield] C:\Program Files (x86)\Spyware Clear\SpywareClearShield.exe
x64-Run: [SpywareClearUpdater] C:\Program Files (x86)\Spyware Clear\SpywareClearUpdate.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 192.35.156.91 myvpn.qualcomm.com
Hosts: 192.35.156.52 skull-ng.qualcomm.com
Hosts: 192.35.156.160 bones.qualcomm.com
Hosts: 192.35.156.22 hostel1.qualcomm.com
Hosts: 192.35.156.235 hostel.qualcomm.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 mfeccde;mfeccde;C:\WINDOWS\System32\drivers\mfeccde.sys [2013-12-13 79144]
R0 MfeEpeOpal;MfeEpeOpal;C:\WINDOWS\System32\drivers\MfeEpeOpal.sys [2013-12-13 79400]
R0 MfeEpePc;MfeEpePc;C:\WINDOWS\System32\drivers\MfeEpePc.sys [2013-12-13 208424]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2012-3-6 782968]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2012-3-6 344176]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2011-9-8 55856]
R1 ctxusbm;Citrix USB Monitor Driver;C:\WINDOWS\System32\drivers\ctxusbm.sys [2013-9-24 97768]
R1 mfenlfk;McAfee NDIS Light Filter;C:\WINDOWS\System32\drivers\mfenlfk.sys [2011-8-16 76224]
R1 QIP;QIP;C:\WINDOWS\System32\drivers\Qip.sys [2013-12-15 78696]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-9-8 89600]
R2 AgentService;AgentService;C:\Program Files (x86)\Iron Mountain\Connected BackupPC\AgentService.exe [2011-6-26 7625120]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2011-8-8 203776]
R2 CmRcService;Configuration Manager Remote Control;C:\Windows\CCM\RemCtrl\CmRcService.exe [2014-5-29 577712]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service;C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2012-7-3 646192]
R2 GobiQDLService;Sierra Wireless QDL Service;C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe [2011-3-16 308592]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-3-17 132152]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-5-13 317496]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2011-5-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-8 13336]
R2 LV_Tracker;LV_Tracker;C:\WINDOWS\System32\drivers\LV_Tracker64.sys [2011-6-26 54824]
R2 McAfee Endpoint Encryption Agent;McAfee Drive Encryption Agent;C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe [2013-12-13 1894432]
R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2013-12-4 127520]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-8-28 242448]
R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [2014-1-15 208416]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-3-6 212664]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2012-3-6 185280]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-8 1128952]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-8-8 113264]
R2 plsapp;plsapp;C:\Program Files (x86)\PureLeads\plsapp.exe [2014-1-23 3690784]
R2 PlsvcV1;PlsvcV1;C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe [2014-1-23 91936]
R2 PlsvcV2;PlsvcV2;C:\Program Files (x86)\PureLeads\PureLeads.Service.exe [2014-1-23 24352]
R2 RTSC;RTSC;C:\Program Files (x86)\McAfee\Real Time\rtsc.exe [2013-5-3 6857592]
R2 Secunia CSI Agent;Secunia CSI Agent;C:\Program Files (x86)\Secunia\CSI Agent\csia.exe [2014-3-19 648704]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2011-8-8 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-8 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\WINDOWS\System32\vcsFPService.exe [2011-3-24 3161904]
R2 WSDLP;Websense Client Agent;C:\Program Files\Websense\Websense Endpoint\wepsvc.exe [2012-12-7 176128]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\WINDOWS\System32\drivers\ArcSoftVCapture.sys [2011-8-8 32192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdW76.sys [2011-8-8 115216]
R3 FireNfcp;McAfee Inc. FireNfcp;C:\WINDOWS\System32\drivers\FireNfcp.sys [2012-3-6 52992]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2012-3-6 197576]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2012-3-6 311600]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2012-3-6 496592]
R3 Nep;Nep;C:\WINDOWS\System32\drivers\cwNep.sys [2013-12-15 183144]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\WINDOWS\System32\drivers\nusb3hub.sys [2011-8-8 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\WINDOWS\System32\drivers\nusb3xhc.sys [2011-8-8 181248]
R3 swg3kflt02;Sierra Wireless USB Composite Device Filter Driver 02;C:\WINDOWS\System32\drivers\swg3kflt02.sys [2011-2-3 34304]
R3 swg3kmbb02;Sierra Wireless QMI USB-NDIS 6.20 miniport for HP;C:\WINDOWS\System32\drivers\swg3kmbb02.sys [2011-2-3 424448]
R3 swg3knmea02;Sierra Wireless QMI NMEA Communication - HP;C:\WINDOWS\System32\drivers\swg3knmea02.sys [2011-2-3 256384]
R3 swg3kser02;Sierra Wireless QMI USB Device for Legacy Serial Communication - HP;C:\WINDOWS\System32\drivers\swg3kser02.sys [2011-2-3 256384]
R3 swibus02;Sierra Wireless Bus Enumerator 02;C:\WINDOWS\System32\drivers\swibus02.sys [2011-2-3 73216]
R3 swibusflt02;Sierra Wireless Bus Enumerator Filter 02;C:\WINDOWS\System32\drivers\swibusflt02.sys [2011-2-3 73216]
R3 SzCCID;USB SmartCard Reader Driver;C:\WINDOWS\System32\drivers\SzCCID.sys [2011-1-13 40448]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\WINDOWS\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 btusbflt;Bluetooth USB Filter;C:\WINDOWS\System32\drivers\btusbflt.sys [2010-4-14 54824]
S3 BTWAMPFL;BTWAMPFL;C:\WINDOWS\System32\drivers\btwampfl.sys [2011-9-8 349736]
S3 btwl2cap;Bluetooth L2CAP Service;C:\WINDOWS\System32\drivers\btwl2cap.sys [2011-9-8 39464]
S3 dmvsc;dmvsc;C:\WINDOWS\System32\drivers\dmvsc.sys [2011-8-8 71168]
S3 hpqilo2;hpqilo2;C:\WINDOWS\System32\drivers\hpqilo2.sys [2011-8-8 120320]
S3 JMCR;JMCR;C:\WINDOWS\System32\drivers\jmcr.sys [2011-8-8 174680]
S3 johci;JMicron 1394 Filter Driver;C:\WINDOWS\System32\drivers\johci.sys [2011-8-8 26712]
S3 lpasvc;Microsoft Policy Platform Local Authority;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-8-2 50280]
S3 lppsvc;Microsoft Policy Platform Processor;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-8-2 50280]
S3 mferkdet;McAfee Inc. mferkdet;C:\WINDOWS\System32\drivers\mferkdet.sys [2012-8-28 107032]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\WINDOWS\System32\drivers\NETw5s64.sys [2010-1-13 7675392]
S3 QipTdi;WEP QipTdi Driver;C:\WINDOWS\System32\drivers\QIPTDI.sys [2013-12-15 66920]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\WINDOWS\System32\drivers\rdpvideominiport.sys [2012-11-18 19456]
S3 RNetCore;RF RNetCore Driver;C:\WINDOWS\System32\drivers\RNetCore.sys [2013-12-15 39272]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 StorSvc;Storage Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-4-12 27136]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\WINDOWS\System32\drivers\Synth3dVsc.sys [2011-8-8 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\WINDOWS\System32\drivers\terminpt.sys [2012-11-18 29696]
S3 TsUsbFlt;TsUsbFlt;C:\WINDOWS\System32\drivers\TsUsbFlt.sys [2014-2-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\WINDOWS\System32\drivers\TsUsbGD.sys [2012-11-18 30208]
S3 tsusbhub;Remote Deskotop USB Hub;C:\WINDOWS\System32\drivers\tsusbhub.sys [2011-8-8 117248]
S3 vmxnet3ndis6;vmxnet3 NDIS 6 Ethernet Adapter Driver;C:\WINDOWS\System32\drivers\vmxnet3n61x64.sys [2009-11-30 70192]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\WINDOWS\System32\Wat\WatAdminSvc.exe [2011-4-29 1255736]
S3 WNetCore;WEB WNetCore Driver;C:\WINDOWS\System32\drivers\WNetCore.sys [2013-12-15 76136]
S4 WSPXY;Websense SaaS Service;C:\Program Files\Websense\Websense Endpoint\wepsvc.exe [2012-12-7 176128]
S4 WSRF;Websense Desktop Client;C:\Program Files\Websense\Websense Endpoint\wepsvc.exe [2012-12-7 176128]
.
=============== Created Last 30 ================
.
2014-08-29 00:57:45 -------- d-----w- C:\Users\leungb\AppData\Roaming\SUPERAntiSpyware.com
2014-08-29 00:57:35 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-08-29 00:57:34 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-08-27 23:30:32 33512 ----a-w- C:\WINDOWS\SysWow64\drivers\TrueSight.sys
2014-08-27 23:30:30 -------- d-----w- C:\ProgramData\RogueKiller
2014-08-27 23:07:22 -------- d-----w- C:\ProgramData\bomgar-au
2014-08-27 22:56:31 -------- d-----w- C:\Users\leungb\AppData\Roaming\SparkTrust
2014-08-27 22:56:31 -------- d-----w- C:\Users\leungb\AppData\Roaming\DriverCure
2014-08-27 22:56:15 -------- d-----w- C:\ProgramData\SparkTrust
2014-08-19 01:48:54 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2014-08-19 01:47:21 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2014-08-19 01:46:21 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2014-08-17 16:36:38 99480 ----a-w- C:\WINDOWS\SysWow64\infocardapi.dll
2014-08-17 16:36:38 171160 ----a-w- C:\WINDOWS\System32\infocardapi.dll
2014-08-17 16:36:37 8856 ----a-w- C:\WINDOWS\SysWow64\icardres.dll
2014-08-17 16:36:37 8856 ----a-w- C:\WINDOWS\System32\icardres.dll
2014-08-17 16:36:37 619672 ----a-w- C:\WINDOWS\SysWow64\icardagt.exe
2014-08-17 16:36:37 1389208 ----a-w- C:\WINDOWS\System32\icardagt.exe
2014-08-17 16:36:34 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2014-08-17 16:36:34 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2014-08-17 16:36:10 985536 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2014-08-17 16:35:41 504320 ----a-w- C:\WINDOWS\System32\msihnd.dll
2014-08-17 16:35:41 337408 ----a-w- C:\WINDOWS\SysWow64\msihnd.dll
2014-08-17 16:35:41 3241984 ----a-w- C:\WINDOWS\System32\msi.dll
2014-08-17 16:35:41 2363392 ----a-w- C:\WINDOWS\SysWow64\msi.dll
2014-08-17 16:35:41 1942016 ----a-w- C:\WINDOWS\System32\authui.dll
2014-08-17 16:35:41 1806336 ----a-w- C:\WINDOWS\SysWow64\authui.dll
2014-08-17 16:35:41 112576 ----a-w- C:\WINDOWS\System32\consent.exe
2014-08-17 16:33:05 404480 ----a-w- C:\WINDOWS\System32\gdi32.dll
2014-08-17 16:33:05 3166720 ----a-w- C:\WINDOWS\System32\win32k.sys
2014-08-17 16:33:05 311808 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2014-08-17 16:28:13 529920 ----a-w- C:\WINDOWS\System32\aepdu.dll
2014-08-17 16:28:13 424448 ----a-w- C:\WINDOWS\System32\aeinv.dll
2014-08-17 16:26:14 7168 ----a-w- C:\WINDOWS\SysWow64\KBDYAK.DLL
2014-08-17 16:26:14 7168 ----a-w- C:\WINDOWS\System32\KBDYAK.DLL
2014-08-17 16:26:14 7168 ----a-w- C:\WINDOWS\System32\KBDBASH.DLL
2014-08-17 16:26:14 6656 ----a-w- C:\WINDOWS\SysWow64\KBDBASH.DLL
2014-08-17 16:25:57 2048 ----a-w- C:\WINDOWS\SysWow64\tzres.dll
2014-08-17 16:25:57 2048 ----a-w- C:\WINDOWS\System32\tzres.dll
2014-08-12 15:06:53 -------- d-----w- C:\Program Files\CCleaner
2014-08-11 16:22:22 -------- d-----w- C:\ProgramData\Oracle
2014-08-11 16:21:43 98216 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2014-08-29 00:39:43 122584 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2014-08-29 00:39:06 17920 ----a-w- C:\WINDOWS\System32\rpcnetp.exe
2014-08-29 00:06:06 58288 ----a-w- C:\WINDOWS\SysWow64\rpcnet.dll
2014-07-24 19:12:19 2339328 ----a-w- C:\WINDOWS\System32\jscript9.dll
2014-07-24 19:06:41 1392128 ----a-w- C:\WINDOWS\System32\wininet.dll
2014-07-24 19:05:30 1494016 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2014-07-24 19:04:37 173056 ----a-w- C:\WINDOWS\System32\ieUnatt.exe
2014-07-24 19:04:22 599040 ----a-w- C:\WINDOWS\System32\vbscript.dll
2014-07-24 19:03:22 2382848 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2014-07-24 19:03:10 12800 ----a-w- C:\WINDOWS\System32\mshta.exe
2014-07-24 17:58:33 1810432 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2014-07-24 17:51:52 1129472 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2014-07-24 17:51:19 1427968 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2014-07-24 17:49:47 142848 ----a-w- C:\WINDOWS\SysWow64\ieUnatt.exe
2014-07-24 17:49:38 421376 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2014-07-24 17:48:28 2382848 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2014-07-24 17:48:21 11776 ----a-w- C:\WINDOWS\SysWow64\mshta.exe
2014-07-18 18:37:24 22912 ----a-w- C:\WINDOWS\SysWow64\cshost.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2014-07-13 14:49:37 71344 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-07-13 14:49:37 699056 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-06-18 02:18:30 692736 ----a-w- C:\WINDOWS\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\WINDOWS\SysWow64\osk.exe
2014-06-06 10:10:34 624128 ----a-w- C:\WINDOWS\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\WINDOWS\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\WINDOWS\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\WINDOWS\SysWow64\sspicli.dll
2014-06-02 18:27:50 310272 ----a-w- C:\OpalStatus.efi
.
============= FINISH: 18:09:22.47 ===============