 newbiie here, think i have some malware |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
 Nov 11 2009, 04:43 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 10 Joined: 11-November 09 Member No.: 401,698  |
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:39:55 PM, on 11/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\RegCure\RegCure.exe C:\Windows\System32\mobsync.exe C:\Program Files\Lexmark 5000 Series\lxdmmon.exe C:\Program Files\Lexmark 5000 Series\lxdmamon.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - (no file) O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - (no file) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: (no name) - {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) O3 - Toolbar: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] "C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe" O4 - HKLM\..\Run: [lxdmmon.exe] "C:\Program Files\Lexmark 5000 Series\lxdmmon.exe" O4 - HKLM\..\Run: [lxdmamon] "C:\Program Files\Lexmark 5000 Series\lxdmamon.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: lxdmCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdmserv.exe O23 - Service: lxdm_device - - C:\Windows\system32\lxdmcoms.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8194 bytes |
 |
 
|
|
Nov 20 2009, 05:41 AM
Post
#2
|
|
 bleepin' _temp_ Group: Malware Response Instructor Posts: 13,121 Joined: 25-January 08 From: At home Member No.: 186,120 |
Hello and welcome to Bleeping Computer
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far. Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine. After 5 days if a topic is not replied to we assume it has been abandoned and it is closed. regards myrti --------------------  Help request via PM will be ignored, unless I am already helping you. Please use the forums! If I have helped you please consider to  to help me continue the malware fight! Thank you!I'll be gone from 30th July - 5th August. Sorry for any incovenience caused. |
|
|
|
icon on your desktop.
button.|
Nov 20 2009, 08:41 PM
Post
#3
|
|
|
New Member Group: Members Posts: 10 Joined: 11-November 09 Member No.: 401,698 |
here are the OTL RESULTS
OTL logfile created on: 11/20/2009 8:33:35 PM - Run 1 OTL by OldTimer - Version 3.1.6.1 Folder = C:\Users\ace\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18828) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232.83 Gb Total Space | 158.09 Gb Free Space | 67.90% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ACE-PC Current User Name: ace Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009/11/20 20:33:17 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\ace\Downloads\OTL(2).exe PRC - [2009/11/06 21:13:37 | 00,487,936 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe PRC - [2009/11/06 12:07:18 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009/10/20 20:34:38 | 00,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe PRC - [2009/10/20 15:58:16 | 00,659,376 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe PRC - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2009/07/30 10:29:42 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe PRC - [2009/05/26 20:06:32 | 04,351,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe PRC - [2009/04/11 01:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/10 23:44:57 | 00,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe PRC - [2008/09/17 22:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008/08/29 13:20:18 | 06,296,192 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe PRC - [2008/02/15 17:25:34 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\stacsv.exe PRC - [2008/01/18 22:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008/01/18 22:33:40 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008/01/18 22:33:10 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008/01/18 22:33:10 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2007/07/06 03:53:08 | 00,455,344 | ---- | M] () -- C:\Program Files\Lexmark 5000 Series\lxdmmon.exe PRC - [2007/06/07 20:05:52 | 00,598,960 | ---- | M] ( ) -- C:\Windows\System32\lxdmcoms.exe PRC - [2007/06/01 07:06:10 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 5000 Series\lxdmamon.exe PRC - [2006/11/05 10:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe PRC - [2006/08/04 15:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe ========== Modules (SafeList) ========== MOD - [2009/11/20 20:33:17 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\ace\Downloads\OTL(2).exe MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2009/11/06 21:13:37 | 00,487,936 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv) SRV - [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2009/10/20 15:58:16 | 00,659,376 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2009/10/20 15:58:16 | 00,659,376 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2009/07/30 10:29:42 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4) SRV - [2009/03/29 23:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/18 13:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2009/02/18 13:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2009/02/18 13:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/10 23:44:57 | 00,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2008/09/17 22:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2008/08/29 13:20:18 | 06,296,192 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe -- (MySQL) SRV - [2008/02/15 17:25:34 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\stacsv.exe -- (STacSV) SRV - [2008/01/18 22:38:26 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/18 22:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008/01/18 22:33:10 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) SRV - [2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007/07/06 17:28:44 | 00,031,768 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoSync\MemeoService.exe -- (AutoSyncService) SRV - [2007/06/07 20:05:52 | 00,598,960 | ---- | M] ( ) -- C:\Windows\System32\lxdmcoms.exe -- (lxdm_device) SRV - [2007/06/07 20:05:44 | 00,099,248 | ---- | M] () -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe -- (lxdmCATSCustConnectService) SRV - [2006/11/05 10:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9) SRV - [2006/11/05 10:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9) SRV - [2006/11/02 07:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched) SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006/09/14 13:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2006/08/04 15:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService) SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2009/11/16 12:42:39 | 00,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2009/11/06 21:13:37 | 00,142,592 | ---- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2) DRV - [2009/10/25 22:11:18 | 00,717,296 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/10/14 21:18:34 | 00,036,880 | ---- | M] (Kaspersky Lab) -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2009/10/02 19:39:36 | 00,019,472 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009/09/14 14:46:36 | 00,021,520 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2009/09/01 15:29:50 | 00,128,016 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009/08/17 20:04:04 | 00,040,576 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) DRV - [2009/04/10 23:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) DRV - [2008/09/17 22:55:00 | 07,379,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/06/18 13:04:44 | 00,047,360 | ---- | M] (VSO Software) -- C:\Windows\System32\drivers\pcouffin.sys -- (pcouffin) DRV - [2008/04/07 18:16:45 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008/02/15 17:27:02 | 00,330,752 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/09/20 13:12:34 | 00,012,800 | ---- | M] (EldoS Corporation) -- C:\Windows\System32\drivers\elrawdsk.sys -- (ElRawDisk) DRV - [2007/08/09 17:12:30 | 00,110,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32) DRV - [2007/02/21 14:49:47 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2007/02/21 14:49:47 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2007/02/21 14:49:47 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/02/09 11:34:16 | 00,051,768 | ---- | M] (Roxio) -- C:\Windows\System32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2007/02/08 19:05:30 | 00,028,120 | ---- | M] (Roxio) -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2007/02/08 19:05:30 | 00,012,856 | ---- | M] (Roxio) -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2007/01/06 00:59:34 | 00,086,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/21 04:25:44 | 00,045,568 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) DRV - [2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 02:41:53 | 00,251,904 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2006/11/02 02:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV) DRV - [2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) DRV - [2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006/10/26 15:22:02 | 00,009,400 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006/10/26 15:21:34 | 00,094,648 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006/10/26 15:21:34 | 00,035,096 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006/10/26 15:21:32 | 00,097,848 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006/10/26 15:21:30 | 00,026,296 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006/10/26 15:21:28 | 00,032,472 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006/10/26 15:21:26 | 00,014,520 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006/10/26 15:21:24 | 00,104,536 | ---- | M] (Roxio) -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006/10/18 09:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006/10/18 09:08:18 | 00,258,048 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2) DRV - [2006/10/18 09:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006/08/04 15:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2006/07/21 10:21:26 | 00,099,176 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2006/06/19 12:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2004/04/16 01:20:14 | 00,090,700 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\P0620Vid.sys -- (PD0620VID) DRV - [2002/10/01 15:43:32 | 00,119,798 | ---- | M] (SP) -- C:\Windows\System32\drivers\SPCA561.SYS -- (CA561) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://news.yahoo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html IE - HKLM\..\URLSearchHook: {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://news.yahoo.com/ [binary data] IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data] IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15153&l=dis IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\..\URLSearchHook: {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\S-1-5-21-892561943-1508116293-3273268530-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaultthis.engineName: "infernalrockradio Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {82b2e8e1-404d-48d6-9599-c6bb1f1bbe3f}:2.3.0.4 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/26 09:29:34 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/20 18:55:13 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/14 10:23:34 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009/11/13 19:38:27 | 00,000,000 | ---D | M] [2009/05/04 22:34:12 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Extensions [2008/06/18 10:11:03 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/03/28 15:34:51 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Extensions\contact@callgraph.in [2009/05/04 22:34:12 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2009/11/20 18:56:31 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\extensions [2009/06/26 13:21:32 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/08/15 18:18:01 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\extensions\{82b2e8e1-404d-48d6-9599-c6bb1f1bbe3f} [2009/10/19 08:39:23 | 00,000,000 | ---D | M] -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2009/09/02 14:52:02 | 00,002,257 | ---- | M] () -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\searchplugins\askcom.xml [2008/10/21 01:11:52 | 00,000,896 | ---- | M] () -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\searchplugins\conduit.xml [2008/06/18 11:55:11 | 00,001,620 | ---- | M] () -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\searchplugins\mozilla-add-ons.xml [2008/10/17 08:50:17 | 00,000,276 | ---- | M] () -- C:\Users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\searchplugins\search.xml [2009/11/20 18:56:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/11/06 12:07:27 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008/08/20 23:34:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2009/10/15 20:14:48 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/11/13 20:34:59 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2009/11/13 19:39:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2009/11/06 12:07:17 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009/11/06 12:07:17 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2007/04/10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll [2009/10/11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2008/06/27 16:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll [2009/11/06 12:07:20 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2008/11/20 19:04:50 | 00,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2009/09/23 15:37:30 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll [2009/08/14 17:58:00 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2009/08/14 17:58:00 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2007/07/26 11:05:16 | 00,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml [2009/08/14 17:58:00 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2009/08/14 17:58:00 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2009/08/14 17:58:00 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009/08/14 17:58:00 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2009/08/14 17:58:00 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: (354673 bytes) - C:\Windows\System32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 11801 more lines... O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found. O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.) O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (no name) - {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - No CLSID value found. O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - No CLSID value found. O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\..\Toolbar\WebBrowser: (no name) - {D84741B3-22E1-4C15-BBD4-6B2ACE2F57DF} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [iolo Startup] C:\Program Files\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC) O4 - HKLM..\Run: [lxdmamon] C:\Program Files\Lexmark 5000 Series\lxdmamon.exe () O4 - HKLM..\Run: [lxdmmon.exe] C:\Program Files\Lexmark 5000 Series\lxdmmon.exe () O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.DLL (NVIDIA Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-892561943-1508116293-3273268530-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-892561943-1508116293-3273268530-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-892561943-1508116293-3273268530-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0 O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab (Reg Error: Value error.) O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP9\mzvkbd3.dll) - C:\ProgramData\AVP9\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP9\kloehk.dll) - C:\ProgramData\AVP9\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (""") - File not found O34 - HKLM BootExecute: (utocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*""") - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2009/11/20 17:12:02 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\QuickScan [2009/11/19 22:08:22 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics [2009/11/18 23:24:26 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters [2009/11/18 23:24:26 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters [2009/11/17 16:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\InCode Solutions [2009/11/17 10:34:06 | 00,000,000 | ---D | C] -- C:\Users\ace\Documents\ConvertXToDVD [2009/11/16 20:08:21 | 01,613,824 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll [2009/11/16 20:08:21 | 00,102,400 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe [2009/11/16 20:06:05 | 00,527,872 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll [2009/11/16 20:06:05 | 00,330,752 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys [2009/11/16 20:06:05 | 00,328,704 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll [2009/11/16 20:06:04 | 00,312,320 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll [2009/11/16 20:06:04 | 00,150,016 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st325866.dll [2009/11/16 19:50:51 | 00,000,000 | ---D | C] -- C:\ProgramData\DriverScanner [2009/11/16 19:50:51 | 00,000,000 | ---D | C] -- C:\ProgramData\DriverScanner [2009/11/16 19:46:45 | 00,000,000 | -H-D | C] -- C:\ProgramData\{66E2F539-12B6-4870-A500-7689CDE75C5E} [2009/11/16 19:46:45 | 00,000,000 | -H-D | C] -- C:\ProgramData\{66E2F539-12B6-4870-A500-7689CDE75C5E} [2009/11/15 20:12:47 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\vlc [2009/11/15 11:30:50 | 00,000,000 | ---D | C] -- C:\Program Files\Sun [2009/11/15 00:02:56 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Local\Axialis [2009/11/14 22:40:15 | 00,000,000 | ---D | C] -- C:\Users\ace\Documents\Kaspersky Skins [2009/11/13 20:34:53 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2009/11/13 20:34:53 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2009/11/13 20:34:53 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2009/11/13 19:38:59 | 00,000,000 | -H-D | C] -- C:\ProgramData\AVP9 [2009/11/13 19:38:59 | 00,000,000 | -H-D | C] -- C:\ProgramData\AVP9 [2009/11/13 19:37:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2009/11/13 19:37:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2009/11/13 19:37:49 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2009/11/13 19:37:31 | 00,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2009/11/13 19:36:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2009/11/13 19:36:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2009/11/11 18:46:39 | 00,000,000 | ---D | C] -- C:\Program Files\Uninstall Tool [2009/11/10 13:56:14 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2009/11/10 13:56:10 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2009/11/09 21:48:35 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Local\Adobe [2009/11/08 15:21:01 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Local\Apple [2009/11/08 13:08:41 | 00,000,000 | R--D | C] -- C:\Users\ace\Documents\Notes [2009/11/08 12:52:15 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\Notepad++ [2009/11/08 12:52:15 | 00,000,000 | ---D | C] -- C:\Program Files\Notepad++ [2009/11/08 00:02:52 | 00,000,000 | ---D | C] -- C:\ProgramData\RegCure [2009/11/08 00:02:52 | 00,000,000 | ---D | C] -- C:\ProgramData\RegCure [2009/11/08 00:02:51 | 00,000,000 | ---D | C] -- C:\Program Files\RegCure [2009/11/07 22:48:05 | 00,000,000 | ---D | C] -- C:\Program Files\Free 3D Castle Screensaver [2009/11/07 14:52:47 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\CleanMyPC Software [2009/11/06 21:13:36 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\Spyware Terminator [2009/11/06 21:13:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator [2009/11/06 21:13:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator [2009/11/06 21:13:32 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator [2009/11/06 20:59:07 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\PC Tools [2009/11/03 09:50:21 | 05,939,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/11/03 09:50:19 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/11/03 00:58:35 | 00,000,000 | ---D | C] -- C:\Windows\FreeFireplace [2009/11/03 00:58:21 | 00,000,000 | ---D | C] -- C:\ProgramData\OurScreensavers [2009/11/03 00:58:21 | 00,000,000 | ---D | C] -- C:\ProgramData\OurScreensavers [2009/11/02 23:39:54 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\TERMINAL Studio [2009/11/02 23:39:48 | 00,092,216 | ---- | C] (Un4seen Developments) -- C:\Windows\System32\bass.dll [2009/11/02 15:48:06 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/11/02 15:48:04 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/11/02 15:48:03 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/10/29 22:24:27 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2009/10/29 22:24:26 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2009/10/29 22:24:26 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll [2009/10/29 22:24:26 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe [2009/10/29 22:24:13 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2009/10/29 22:24:13 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2009/10/29 22:24:13 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2009/10/29 22:24:07 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2009/10/29 22:24:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2009/10/28 07:57:20 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009/10/28 00:03:00 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2009/10/27 23:51:00 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2009/10/27 23:51:00 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2009/10/27 23:50:59 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2009/10/27 23:50:38 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys [2009/10/27 23:50:38 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2009/10/27 23:50:38 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv [2009/10/27 23:50:38 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2009/10/27 23:50:37 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2009/10/27 23:50:37 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2009/10/27 23:50:37 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2009/10/27 23:50:37 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2009/10/27 23:50:37 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2009/10/27 23:50:37 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2009/10/27 23:50:37 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2009/10/27 23:50:37 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2009/10/27 23:50:37 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2009/10/27 23:50:37 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2009/10/27 23:50:37 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2009/10/27 23:50:37 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2009/10/27 23:50:36 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2009/10/27 23:50:36 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2009/10/27 23:50:36 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2009/10/27 23:50:36 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2009/10/27 23:50:36 | 00,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2009/10/27 23:50:36 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2009/10/27 23:50:36 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2009/10/27 23:50:36 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2009/10/27 23:50:36 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2009/10/27 23:50:36 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2009/10/27 23:50:36 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2009/10/27 23:50:16 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdbusenum.dll [2009/10/27 23:50:16 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2009/10/27 23:50:16 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2009/10/27 23:50:15 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2009/10/27 23:50:14 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll [2009/10/27 23:50:14 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WpdUsb.sys [2009/10/27 23:50:14 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll [2009/10/27 23:50:13 | 02,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll [2009/10/27 23:50:13 | 00,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2009/10/27 23:50:13 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2009/10/27 23:50:13 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll [2009/10/27 23:50:13 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2009/10/27 23:50:13 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll [2009/10/27 23:50:12 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2009/10/27 23:50:12 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2009/10/27 23:50:12 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2009/10/27 23:49:30 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2009/10/27 23:49:29 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2009/10/27 23:49:29 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll [2009/10/27 23:47:44 | 10,627,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll [2009/10/27 23:47:39 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2009/10/27 23:47:36 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2009/10/26 17:02:35 | 00,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE [2009/10/26 17:02:35 | 00,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE [2009/10/26 16:54:33 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8 [2009/10/25 10:14:42 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2009/10/25 10:14:42 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2009/10/25 10:14:34 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2009/10/25 09:58:15 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2009/10/25 09:55:01 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll [2009/10/25 09:54:56 | 03,408,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe [2009/10/25 09:54:56 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll [2009/10/25 09:54:49 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll [2009/10/25 09:54:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe [2009/10/25 09:54:46 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll [2009/10/25 09:54:42 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2009/10/25 09:54:40 | 00,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys [2009/10/25 09:54:38 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2009/10/25 09:54:35 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll [2009/10/25 09:54:35 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys [2009/10/25 09:54:34 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2009/10/25 09:54:33 | 00,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll [2009/10/25 09:54:33 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2009/10/25 09:54:31 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll [2009/10/25 09:54:30 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll [2009/10/25 09:54:29 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll [2009/10/25 09:54:29 | 00,558,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll [2009/10/25 09:54:29 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2009/10/25 09:54:29 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll [2009/10/25 09:54:26 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe [2009/10/25 09:54:24 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2009/10/25 09:54:24 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll [2009/10/25 09:54:22 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe [2009/10/25 09:54:22 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe [2009/10/25 09:54:21 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll [2009/10/25 09:54:20 | 00,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2009/10/25 09:54:20 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll [2009/10/25 09:54:19 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2009/10/25 09:54:18 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll [2009/10/25 09:54:17 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll [2009/10/25 09:54:16 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe [2009/10/25 09:54:15 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2009/10/25 09:54:14 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL [2009/10/25 09:54:14 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll [2009/10/25 09:54:13 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll [2009/10/25 09:54:13 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2009/10/25 09:54:13 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2009/10/25 09:54:12 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2009/10/25 09:54:10 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll [2009/10/25 09:54:10 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2009/10/25 09:54:09 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll [2009/10/25 09:54:09 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll [2009/10/25 09:54:08 | 01,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll [2009/10/25 09:54:08 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2009/10/25 09:54:08 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2009/10/25 09:54:08 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2009/10/25 09:54:07 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe [2009/10/25 09:54:07 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2009/10/25 09:54:07 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2009/10/25 09:54:07 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll [2009/10/25 09:54:04 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll [2009/10/25 09:54:04 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll [2009/10/25 09:54:03 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll [2009/10/25 09:54:02 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll [2009/10/25 09:54:01 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME [2009/10/25 09:54:01 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll [2009/10/25 09:54:00 | 01,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll [2009/10/25 09:54:00 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll [2009/10/25 09:54:00 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll [2009/10/25 09:53:59 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll [2009/10/25 09:53:59 | 01,202,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll [2009/10/25 09:53:59 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2009/10/25 09:53:58 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll [2009/10/25 09:53:58 | 00,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2009/10/25 09:53:58 | 00,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe [2009/10/25 09:53:57 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2009/10/25 09:53:57 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll [2009/10/25 09:53:56 | 02,092,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe [2009/10/25 09:53:56 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe [2009/10/25 09:53:56 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll [2009/10/25 09:53:55 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll [2009/10/25 09:53:55 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll [2009/10/25 09:53:54 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2009/10/25 09:53:53 | 00,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll [2009/10/25 09:53:53 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe [2009/10/25 09:53:53 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe [2009/10/25 09:53:52 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll [2009/10/25 09:53:52 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2009/10/25 09:53:52 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll [2009/10/25 09:53:52 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll [2009/10/25 09:53:52 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2009/10/25 09:53:51 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll [2009/10/25 09:53:50 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll [2009/10/25 09:53:50 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll [2009/10/25 09:53:50 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll [2009/10/25 09:53:49 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll [2009/10/25 09:53:49 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll [2009/10/25 09:53:47 | 03,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe [2009/10/25 09:53:47 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll [2009/10/25 09:53:47 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe [2009/10/25 09:53:46 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe [2009/10/25 09:53:46 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll [2009/10/25 09:53:46 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll [2009/10/25 09:53:39 | 01,083,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys [2009/10/25 09:53:39 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll [2009/10/25 09:53:37 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll [2009/10/25 09:53:36 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll [2009/10/25 09:53:36 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll [2009/10/25 09:53:36 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll [2009/10/25 09:53:36 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2009/10/25 09:53:36 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2009/10/25 09:53:35 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll [2009/10/25 09:53:35 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll [2009/10/25 09:53:34 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2009/10/25 09:53:33 | 01,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll [2009/10/25 09:53:33 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll [2009/10/25 09:53:32 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll [2009/10/25 09:53:32 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl [2009/10/25 09:53:32 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll [2009/10/25 09:53:32 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2009/10/25 09:53:31 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll [2009/10/25 09:53:31 | 00,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll [2009/10/25 09:53:31 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2009/10/25 09:53:31 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2009/10/25 09:53:31 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2009/10/25 09:53:30 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2009/10/25 09:53:30 | 00,550,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll [2009/10/25 09:53:28 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll [2009/10/25 09:53:28 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll [2009/10/25 09:53:27 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll [2009/10/25 09:53:26 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll [2009/10/25 09:53:26 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll [2009/10/25 09:53:25 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2009/10/25 09:53:25 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll [2009/10/25 09:53:25 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll [2009/10/25 09:53:25 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll [2009/10/25 09:53:24 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll [2009/10/25 09:53:24 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll [2009/10/25 09:53:24 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll [2009/10/25 09:53:23 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\photowiz.dll [2009/10/25 09:53:23 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2009/10/25 09:53:21 | 00,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\user32.dll [2009/10/25 09:53:21 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll [2009/10/25 09:53:20 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2009/10/25 09:53:20 | 00,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll [2009/10/25 09:53:20 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll [2009/10/25 09:53:19 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2009/10/25 09:53:19 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll [2009/10/25 09:53:19 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll [2009/10/25 09:53:18 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll [2009/10/25 09:53:18 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll [2009/10/25 09:53:18 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IKEEXT.DLL [2009/10/25 09:53:18 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdbss.sys [2009/10/25 09:53:18 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe [2009/10/25 09:53:17 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll [2009/10/25 09:53:17 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll [2009/10/25 09:53:17 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll [2009/10/25 09:53:16 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll [2009/10/25 09:53:16 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll [2009/10/25 09:53:16 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxdav.sys [2009/10/25 09:53:16 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2009/10/25 09:53:15 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll [2009/10/25 09:53:15 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENTRT.DLL [2009/10/25 09:53:15 | 00,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll [2009/10/25 09:53:15 | 00,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2009/10/25 09:53:14 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2009/10/25 09:53:14 | 01,055,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe [2009/10/25 09:53:14 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iphlpsvc.dll [2009/10/25 09:53:13 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll [2009/10/25 09:53:13 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe [2009/10/25 09:53:13 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll [2009/10/25 09:53:13 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2009/10/25 09:53:12 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS [2009/10/25 09:53:11 | 00,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2009/10/25 09:53:11 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2009/10/25 09:53:11 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2009/10/25 09:53:10 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll [2009/10/25 09:53:09 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys [2009/10/25 09:53:08 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll [2009/10/25 09:53:08 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe [2009/10/25 09:53:08 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2009/10/25 09:53:06 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll [2009/10/25 09:53:06 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swprv.dll [2009/10/25 09:53:05 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll [2009/10/25 09:53:05 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll [2009/10/25 09:53:04 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds.exe [2009/10/25 09:53:03 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll [2009/10/25 09:53:03 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll [2009/10/25 09:53:03 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BFE.DLL [2009/10/25 09:53:03 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll [2009/10/25 09:53:03 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe [2009/10/25 09:53:03 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll [2009/10/25 09:53:03 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll [2009/10/25 09:53:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2009/10/25 09:53:03 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll [2009/10/25 09:53:02 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2009/10/25 09:53:01 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll [2009/10/25 09:53:01 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL [2009/10/25 09:53:01 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll [2009/10/25 09:53:00 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\services.exe [2009/10/25 09:53:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime [2009/10/25 09:53:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime [2009/10/25 09:53:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime [2009/10/25 09:53:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime [2009/10/25 09:53:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime [2009/10/25 09:52:59 | 01,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe [2009/10/25 09:52:59 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2009/10/25 09:52:59 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll [2009/10/25 09:52:59 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2009/10/25 09:52:58 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll [2009/10/25 09:52:58 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2009/10/25 09:52:58 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll [2009/10/25 09:52:58 | 00,180,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys [2009/10/25 09:52:57 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll [2009/10/25 09:52:57 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2009/10/25 09:52:57 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll [2009/10/25 09:52:57 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umpnpmgr.dll [2009/10/25 09:52:57 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe [2009/10/25 09:52:57 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll [2009/10/25 09:52:57 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe [2009/10/25 09:52:57 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll [2009/10/25 09:52:57 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2009/10/25 09:52:56 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll [2009/10/25 09:52:56 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2009/10/25 09:52:56 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl [2009/10/25 09:52:55 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2009/10/25 09:52:55 | 00,364,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL [2009/10/25 09:52:55 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys [2009/10/25 09:52:55 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32time.dll [2009/10/25 09:52:55 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll [2009/10/25 09:52:55 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2009/10/25 09:52:55 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2009/10/25 09:52:55 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2009/10/25 09:52:54 | 00,527,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndis.sys [2009/10/25 09:52:54 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll [2009/10/25 09:52:54 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthserv.dll [2009/10/25 09:52:53 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2009/10/25 09:52:53 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll [2009/10/25 09:52:53 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2009/10/25 09:52:53 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe [2009/10/25 09:52:52 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll [2009/10/25 09:52:52 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll [2009/10/25 09:52:52 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll [2009/10/25 09:52:52 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll [2009/10/25 09:52:51 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll [2009/10/25 09:52:51 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll [2009/10/25 09:52:51 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll [2009/10/25 09:52:51 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2009/10/25 09:52:51 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll [2009/10/25 09:52:50 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termsrv.dll [2009/10/25 09:52:50 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2009/10/25 09:52:50 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profsvc.dll [2009/10/25 09:52:50 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2009/10/25 09:52:49 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll [2009/10/25 09:52:49 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe [2009/10/25 09:52:48 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2009/10/25 09:52:48 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll [2009/10/25 09:52:48 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll [2009/10/25 09:52:48 | 00,149,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pci.sys [2009/10/25 09:52:48 | 00,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys [2009/10/25 09:52:47 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2009/10/25 09:52:47 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmans.dll [2009/10/25 09:52:47 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll [2009/10/25 09:52:47 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2009/10/25 09:52:47 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax [2009/10/25 09:52:46 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2009/10/25 09:52:46 | 00,265,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\acpi.sys [2009/10/25 09:52:46 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll [2009/10/25 09:52:46 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe [2009/10/25 09:52:46 | 00,053,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\termdd.sys [2009/10/25 09:52:46 | 00,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys [2009/10/25 09:52:46 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll [2009/10/25 09:52:45 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2009/10/25 09:52:45 | 00,245,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys [2009/10/25 09:52:45 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll [2009/10/25 09:52:45 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll [2009/10/25 09:52:45 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll [2009/10/25 09:52:45 | 00,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys [2009/10/25 09:52:45 | 00,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL [2009/10/25 09:52:44 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl [2009/10/25 09:52:44 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll [2009/10/25 09:52:44 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll [2009/10/25 09:52:44 | 00,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys [2009/10/25 09:52:38 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2009/10/25 09:52:38 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx [2009/10/25 09:52:38 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe [2009/10/25 09:52:37 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll [2009/10/25 09:52:36 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll [2009/10/25 09:52:36 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll [2009/10/25 09:52:36 | 00,048,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mup.sys [2009/10/25 09:52:35 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll [2009/10/25 09:52:35 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2009/10/25 09:52:35 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2009/10/25 09:52:35 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll [2009/10/25 09:52:35 | 00,053,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\disk.sys [2009/10/25 09:52:35 | 00,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll [2009/10/25 09:52:34 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime [2009/10/25 09:52:34 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll [2009/10/25 09:52:34 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe [2009/10/25 09:52:34 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2009/10/25 09:52:34 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spp.dll [2009/10/25 09:52:34 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe [2009/10/25 09:52:34 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2009/10/25 09:52:33 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autochk.exe [2009/10/25 09:52:33 | 00,292,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys [2009/10/25 09:52:33 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2009/10/25 09:52:33 | 00,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2009/10/25 09:52:32 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printui.dll [2009/10/25 09:52:32 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2009/10/25 09:52:32 | 00,226,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volsnap.sys [2009/10/25 09:52:32 | 00,190,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fltMgr.sys [2009/10/25 09:52:32 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll [2009/10/25 09:52:32 | 00,141,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys [2009/10/25 09:52:31 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2009/10/25 09:52:31 | 00,161,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys [2009/10/25 09:52:31 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2009/10/25 09:52:31 | 00,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys [2009/10/25 09:52:30 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll [2009/10/25 09:52:30 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll [2009/10/25 09:52:30 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2009/10/25 09:52:30 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll [2009/10/25 09:52:30 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2009/10/25 09:52:30 | 00,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll [2009/10/25 09:52:29 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll [2009/10/25 09:52:29 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe [2009/10/25 09:52:28 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2009/10/25 09:52:28 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll [2009/10/25 09:52:28 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll [2009/10/25 09:52:28 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys [2009/10/25 09:52:28 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll [2009/10/25 09:52:28 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll [2009/10/25 09:52:27 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe [2009/10/25 09:52:27 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2009/10/25 09:52:27 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2009/10/25 09:52:27 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll [2009/10/25 09:52:27 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll [2009/10/25 09:52:25 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe [2009/10/25 09:52:25 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe [2009/10/25 09:52:25 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2009/10/25 09:52:24 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll [2009/10/25 09:52:24 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2009/10/25 09:52:24 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2009/10/25 09:52:24 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll [2009/10/25 09:52:24 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2009/10/25 09:52:24 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys [2009/10/25 09:52:24 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll [2009/10/25 09:52:23 | 00,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll [2009/10/25 09:52:23 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll [2009/10/25 09:52:23 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll [2009/10/25 09:52:23 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll [2009/10/25 09:52:23 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe [2009/10/25 09:52:23 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll [2009/10/25 09:52:23 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll [2009/10/25 09:52:23 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll [2009/10/25 09:52:22 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys [2009/10/25 09:52:22 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe [2009/10/25 09:52:22 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2009/10/25 09:52:22 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll [2009/10/25 09:52:22 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys [2009/10/25 09:52:22 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2009/10/25 09:52:21 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll [2009/10/25 09:52:21 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll [2009/10/25 09:52:21 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL [2009/10/25 09:52:20 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll [2009/10/25 09:52:20 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll [2009/10/25 09:52:20 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll [2009/10/25 09:52:20 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll [2009/10/25 09:52:20 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll [2009/10/25 09:52:19 | 01,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll [2009/10/25 09:52:19 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll [2009/10/25 09:52:19 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll [2009/10/25 09:52:19 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll [2009/10/25 09:52:19 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2009/10/25 09:52:19 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll [2009/10/25 09:52:19 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll [2009/10/25 09:52:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll [2009/10/25 09:52:18 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL [2009/10/25 09:52:18 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll [2009/10/25 09:52:18 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2009/10/25 09:52:18 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll [2009/10/25 09:52:18 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys [2009/10/25 09:52:18 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe [2009/10/25 09:52:17 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll [2009/10/25 09:52:17 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll [2009/10/25 09:52:17 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2009/10/25 09:52:17 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe [2009/10/25 09:52:17 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll [2009/10/25 09:52:17 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2009/10/25 09:52:16 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll [2009/10/25 09:52:16 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll [2009/10/25 09:52:15 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll [2009/10/25 09:52:15 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll [2009/10/25 09:52:15 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll [2009/10/25 09:52:15 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys [2009/10/25 09:52:14 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll [2009/10/25 09:52:14 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll [2009/10/25 09:52:13 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2009/10/25 09:52:13 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx [2009/10/25 09:52:13 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll [2009/10/25 09:52:13 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2009/10/25 09:52:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll [2009/10/25 09:52:12 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll [2009/10/25 09:52:12 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2009/10/25 09:52:12 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys [2009/10/25 09:52:12 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll [2009/10/25 09:52:12 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll [2009/10/25 09:52:12 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll [2009/10/25 09:52:12 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2009/10/25 09:52:12 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsbyuv.dll [2009/10/25 09:52:11 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe [2009/10/25 09:52:11 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2009/10/25 09:52:11 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll [2009/10/25 09:52:11 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2009/10/25 09:52:10 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll [2009/10/25 09:52:10 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2009/10/25 09:52:10 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2009/10/25 09:52:09 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authz.dll [2009/10/25 09:52:09 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe [2009/10/25 09:52:08 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2009/10/25 09:52:08 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll [2009/10/25 09:52:08 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll [2009/10/25 09:52:07 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll [2009/10/25 09:52:07 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll [2009/10/25 09:52:07 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll [2009/10/25 09:52:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys [2009/10/25 09:52:06 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2009/10/25 09:52:06 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll [2009/10/25 09:52:06 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll [2009/10/25 09:52:05 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll [2009/10/25 09:52:05 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2009/10/25 09:52:05 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2009/10/25 09:52:04 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll [2009/10/25 09:52:04 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2009/10/25 09:52:04 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime [2009/10/25 09:52:00 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe [2009/10/25 09:52:00 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll [2009/10/25 09:51:59 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll [2009/10/25 09:51:59 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll [2009/10/25 09:51:59 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll [2009/10/25 09:51:59 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll [2009/10/25 09:51:59 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll [2009/10/25 09:51:58 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll [2009/10/25 09:51:58 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2009/10/25 09:51:58 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys [2009/10/25 09:51:58 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2009/10/25 09:51:58 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll [2009/10/25 09:51:58 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll [2009/10/25 09:51:58 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2009/10/25 09:51:58 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll [2009/10/25 09:51:58 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe [2009/10/25 09:51:57 | 01,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2009/10/25 09:51:57 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmsys.cpl [2009/10/25 09:51:57 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2009/10/25 09:51:57 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll [2009/10/25 09:51:57 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe [2009/10/25 09:51:57 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll [2009/10/25 09:51:56 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl [2009/10/25 09:51:56 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2009/10/25 09:51:56 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll [2009/10/25 09:51:56 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe [2009/10/25 09:51:56 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll [2009/10/25 09:51:55 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll [2009/10/25 09:51:55 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2009/10/25 09:51:55 | 00,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll [2009/10/25 09:51:55 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe [2009/10/25 09:51:55 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll [2009/10/25 09:51:55 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe [2009/10/25 09:51:54 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll [2009/10/25 09:51:54 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2009/10/25 09:51:54 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys [2009/10/25 09:51:54 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe [2009/10/25 09:51:54 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll [2009/10/25 09:51:53 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll [2009/10/25 09:51:53 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys [2009/10/25 09:51:53 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll [2009/10/25 09:51:53 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll [2009/10/25 09:51:53 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe [2009/10/25 09:51:53 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe [2009/10/25 09:51:53 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll [2009/10/25 09:51:52 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll [2009/10/25 09:51:52 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2009/10/25 09:51:52 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [2009/10/25 09:51:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys [2009/10/25 09:51:52 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys [2009/10/25 09:51:51 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll [2009/10/25 09:51:51 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe [2009/10/25 09:51:51 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys [2009/10/25 09:51:51 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv [2009/10/25 09:51:51 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll [2009/10/25 09:51:51 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll [2009/10/25 09:51:50 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVidCtl.dll [2009/10/25 09:51:50 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL [2009/10/25 09:51:50 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll [2009/10/25 09:51:50 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp [2009/10/25 09:51:50 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll [2009/10/25 09:51:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys [2009/10/25 09:51:49 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll [2009/10/25 09:51:49 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll [2009/10/25 09:51:49 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll [2009/10/25 09:51:49 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe [2009/10/25 09:51:48 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll [2009/10/25 09:51:48 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys [2009/10/25 09:51:48 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll [2009/10/25 09:51:47 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll [2009/10/25 09:51:47 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll [2009/10/25 09:51:47 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys [2009/10/25 09:51:46 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll [2009/10/25 09:51:46 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll [2009/10/25 09:51:45 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2009/10/25 09:51:45 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll [2009/10/25 09:51:45 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2009/10/25 09:51:44 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2009/10/25 09:51:44 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys [2009/10/25 09:51:44 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2009/10/25 09:51:44 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll [2009/10/25 09:51:43 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll [2009/10/25 09:51:43 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll [2009/10/25 09:51:43 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll [2009/10/25 09:51:43 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll [2009/10/25 09:51:43 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\smss.exe [2009/10/25 09:51:42 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys [2009/10/25 09:51:42 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll [2009/10/25 09:51:41 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll [2009/10/25 09:51:41 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll [2009/10/25 09:51:41 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll [2009/10/25 09:51:41 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll [2009/10/25 09:51:41 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe [2009/10/25 09:51:41 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe [2009/10/25 09:51:41 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll [2009/10/25 09:51:40 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2009/10/25 09:51:40 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe [2009/10/25 09:51:40 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll [2009/10/25 09:51:40 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2009/10/25 09:51:40 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys [2009/10/25 09:51:40 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll [2009/10/25 09:51:39 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll [2009/10/25 09:51:38 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2009/10/25 09:51:38 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll [2009/10/25 09:51:38 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll [2009/10/25 09:51:38 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll [2009/10/25 09:51:38 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys [2009/10/25 09:51:38 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys [2009/10/25 09:51:37 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2009/10/25 09:51:37 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys [2009/10/25 09:51:37 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2009/10/25 09:51:37 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll [2009/10/25 09:51:36 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll [2009/10/25 09:51:36 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe [2009/10/25 09:51:36 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll [2009/10/25 09:51:36 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll [2009/10/25 09:51:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2009/10/25 09:51:36 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll [2009/10/25 09:51:36 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll [2009/10/25 09:51:35 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe [2009/10/25 09:51:34 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys [2009/10/25 09:51:34 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll [2009/10/25 09:51:34 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2009/10/25 09:51:34 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll [2009/10/25 09:51:34 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll [2009/10/25 09:51:33 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2009/10/25 09:51:33 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime [2009/10/25 09:51:33 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys [2009/10/25 09:51:33 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll [2009/10/25 09:51:33 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2009/10/25 09:51:33 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll [2009/10/25 09:51:33 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll [2009/10/25 09:51:33 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll [2009/10/25 09:51:32 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll [2009/10/25 09:51:32 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll [2009/10/25 09:51:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll [2009/10/25 09:51:31 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll [2009/10/25 09:51:31 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll [2009/10/25 09:51:31 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll [2009/10/25 09:51:31 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2009/10/25 09:51:31 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2009/10/25 09:51:31 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe [2009/10/25 09:51:31 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe [2009/10/25 09:51:30 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2009/10/25 09:51:30 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys [2009/10/25 09:51:30 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe [2009/10/25 09:51:30 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2009/10/25 09:51:30 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll [2009/10/25 09:51:30 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe [2009/10/25 09:51:30 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll [2009/10/25 09:51:29 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2009/10/25 09:51:29 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2009/10/25 09:51:29 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2009/10/25 09:51:29 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll [2009/10/25 09:51:28 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2009/10/25 09:51:28 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2009/10/25 09:51:28 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll [2009/10/25 09:51:27 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys [2009/10/25 09:51:27 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys [2009/10/25 09:51:27 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll [2009/10/25 09:51:27 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys [2009/10/25 09:51:27 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv [2009/10/25 09:51:26 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe [2009/10/25 09:51:25 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe [2009/10/25 09:51:25 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe [2009/10/25 09:51:25 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll [2009/10/25 09:51:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll [2009/10/25 09:51:24 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll [2009/10/25 09:51:23 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys [2009/10/25 09:51:23 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2009/10/25 09:51:23 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll [2009/10/25 09:51:23 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2009/10/25 09:51:23 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll [2009/10/25 09:51:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll [2009/10/25 09:51:23 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2009/10/25 09:51:22 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll [2009/10/25 09:51:20 | 00,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys [2009/10/25 09:51:20 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2009/10/25 09:51:19 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bridge.sys [2009/10/25 09:51:19 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbohci.sys [2009/10/25 09:51:18 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys [2009/10/25 09:51:18 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2009/10/25 09:51:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll [2009/10/25 09:51:16 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll [2009/10/25 09:50:57 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll [2009/10/25 09:50:56 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll [2009/10/25 09:50:56 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe [2009/10/25 09:50:53 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2009/10/25 00:07:49 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\MP3SkypeRecorder [2009/10/25 00:06:47 | 00,000,000 | ---D | C] -- C:\Program Files\MP3 Skype Recorder [2009/10/24 23:32:15 | 00,000,000 | ---D | C] -- C:\PerfLogs [2009/10/24 23:01:39 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe [2009/10/24 23:01:37 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll [2009/10/24 23:01:10 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll [2009/10/24 23:00:37 | 00,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe [2009/10/24 23:00:37 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll [2009/10/24 23:00:36 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll [2009/10/24 23:00:36 | 00,031,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mssmbios.sys [2009/10/24 23:00:36 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mstee.sys [2009/10/24 23:00:36 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspclock.sys [2009/10/24 23:00:36 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspqm.sys [2009/10/24 23:00:35 | 01,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll [2009/10/24 23:00:35 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll [2009/10/24 23:00:35 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr [2009/10/24 23:00:35 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL [2009/10/24 23:00:35 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mydocs.dll [2009/10/24 23:00:35 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe [2009/10/24 23:00:35 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll [2009/10/24 23:00:35 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL [2009/10/24 23:00:35 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll [2009/10/24 23:00:35 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll [2009/10/24 23:00:35 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL [2009/10/24 23:00:35 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll [2009/10/24 23:00:35 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll [2009/10/24 23:00:35 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll [2009/10/24 23:00:34 | 00,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll [2009/10/24 23:00:34 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll [2009/10/24 23:00:34 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msfs.sys [2009/10/24 23:00:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll [2009/10/24 23:00:33 | 00,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtckrm.dll [2009/10/24 23:00:33 | 00,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll [2009/10/24 23:00:33 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe [2009/10/24 23:00:33 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll [2009/10/24 23:00:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll [2009/10/24 23:00:33 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll [2009/10/24 23:00:32 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL [2009/10/24 23:00:32 | 00,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2009/10/24 23:00:32 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL [2009/10/24 23:00:32 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll [2009/10/24 23:00:32 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll [2009/10/24 23:00:32 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll [2009/10/24 23:00:32 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtc.exe [2009/10/24 23:00:32 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll [2009/10/24 23:00:32 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll [2009/10/24 23:00:32 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll [2009/10/24 23:00:32 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll [2009/10/24 23:00:32 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mskssrv.sys [2009/10/24 23:00:31 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe [2009/10/24 23:00:31 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll [2009/10/24 23:00:31 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msieftp.dll [2009/10/24 23:00:31 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll [2009/10/24 23:00:31 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll [2009/10/24 23:00:31 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll [2009/10/24 23:00:30 | 00,016,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys [2009/10/24 23:00:29 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe [2009/10/24 23:00:29 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe [2009/10/24 23:00:28 | 00,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll [2009/10/24 23:00:28 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll [2009/10/24 23:00:27 | 00,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll [2009/10/24 23:00:27 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll [2009/10/24 23:00:26 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2009/10/24 23:00:26 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2009/10/24 23:00:26 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll [2009/10/24 23:00:26 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2009/10/24 23:00:26 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2009/10/24 23:00:25 | 00,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe [2009/10/24 23:00:25 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll [2009/10/24 23:00:25 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll [2009/10/24 23:00:25 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2009/10/24 23:00:25 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nsisvc.dll [2009/10/24 23:00:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys [2009/10/24 23:00:25 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll [2009/10/24 23:00:24 | 00,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll [2009/10/24 23:00:24 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll [2009/10/24 23:00:24 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll [2009/10/24 23:00:24 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll [2009/10/24 23:00:24 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe [2009/10/24 23:00:24 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe [2009/10/24 23:00:24 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\null.sys [2009/10/24 23:00:23 | 00,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE [2009/10/24 23:00:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll [2009/10/24 23:00:23 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2009/10/24 23:00:23 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll [2009/10/24 23:00:23 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll [2009/10/24 23:00:23 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbios.sys [2009/10/24 23:00:23 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndisuio.sys [2009/10/24 23:00:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe [2009/10/24 23:00:22 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe [2009/10/24 23:00:22 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll [2009/10/24 23:00:22 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe [2009/10/24 23:00:22 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll [2009/10/24 23:00:21 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlasvc.dll [2009/10/24 23:00:21 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll [2009/10/24 23:00:20 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe [2009/10/24 23:00:20 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe [2009/10/24 23:00:20 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll [2009/10/24 23:00:19 | 00,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll [2009/10/24 23:00:19 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll [2009/10/24 23:00:19 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys [2009/10/24 23:00:19 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe [2009/10/24 23:00:19 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll [2009/10/24 23:00:17 | 00,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL [2009/10/24 23:00:17 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll [2009/10/24 23:00:17 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll [2009/10/24 23:00:17 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LogonUI.exe [2009/10/24 23:00:16 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe [2009/10/24 23:00:15 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe [2009/10/24 23:00:15 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mcx2Svc.dll [2009/10/24 23:00:15 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\irenum.sys [2009/10/24 23:00:14 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl [2009/10/24 23:00:14 | 00,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itss.dll [2009/10/24 23:00:14 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiexe.dll [2009/10/24 23:00:14 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\irda.sys [2009/10/24 23:00:14 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPBusEnum.dll [2009/10/24 23:00:14 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll [2009/10/24 23:00:14 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll [2009/10/24 23:00:14 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll [2009/10/24 23:00:13 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll [2009/10/24 23:00:13 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipnat.sys [2009/10/24 23:00:13 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll [2009/10/24 23:00:12 | 00,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl [2009/10/24 23:00:12 | 00,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm [2009/10/24 23:00:12 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdsvc.dll [2009/10/24 23:00:12 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll [2009/10/24 23:00:12 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll [2009/10/24 23:00:12 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax [2009/10/24 23:00:12 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KMSVC.DLL [2009/10/24 23:00:12 | 00,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm [2009/10/24 23:00:12 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys [2009/10/24 23:00:12 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax [2009/10/24 23:00:12 | 00,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdclass.sys [2009/10/24 23:00:12 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll [2009/10/24 23:00:12 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe [2009/10/24 23:00:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll [2009/10/24 23:00:11 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprdim.dll [2009/10/24 23:00:11 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys [2009/10/24 23:00:11 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL [2009/10/24 23:00:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL [2009/10/24 23:00:10 | 00,057,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mountmgr.sys [2009/10/24 23:00:10 | 00,034,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouclass.sys [2009/10/24 23:00:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouhid.sys [2009/10/24 23:00:10 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe [2009/10/24 23:00:09 | 00,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2009/10/24 23:00:09 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL [2009/10/24 23:00:09 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL [2009/10/24 23:00:09 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe [2009/10/24 23:00:09 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL [2009/10/24 23:00:08 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL [2009/10/24 23:00:08 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll [2009/10/24 23:00:03 | 00,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll [2009/10/24 23:00:02 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll [2009/10/24 23:00:02 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcshext.dll [2009/10/24 23:00:02 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe [2009/10/24 23:00:01 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcss.dll [2009/10/24 23:00:00 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll [2009/10/24 23:00:00 | 00,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe [2009/10/24 22:59:58 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll [2009/10/24 22:59:54 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll [2009/10/24 22:59:52 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe [2009/10/24 22:59:52 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SessEnv.dll [2009/10/24 22:59:52 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll [2009/10/24 22:59:52 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys [2009/10/24 22:59:52 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe [2009/10/24 22:59:52 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe [2009/10/24 22:59:50 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll [2009/10/24 22:59:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll [2009/10/24 22:59:49 | 00,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll [2009/10/24 22:59:49 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll [2009/10/24 22:59:49 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl [2009/10/24 22:59:49 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll [2009/10/24 22:59:49 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll [2009/10/24 22:59:49 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll [2009/10/24 22:59:48 | 00,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL [2009/10/24 22:59:48 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll [2009/10/24 22:59:48 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll [2009/10/24 22:59:46 | 01,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll [2009/10/24 22:59:46 | 00,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll [2009/10/24 22:59:46 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll [2009/10/24 22:59:46 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe [2009/10/24 22:59:46 | 00,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll [2009/10/24 22:59:46 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll [2009/10/24 22:59:46 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll [2009/10/24 22:59:46 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll [2009/10/24 22:59:46 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll [2009/10/24 22:59:45 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe [2009/10/24 22:59:45 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE [2009/10/24 22:59:44 | 01,502,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pla.dll [2009/10/24 22:59:44 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll [2009/10/24 22:59:44 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll [2009/10/24 22:59:43 | 00,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe [2009/10/24 22:59:43 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll [2009/10/24 22:59:43 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe [2009/10/24 22:59:43 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll [2009/10/24 22:59:43 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys [2009/10/24 22:59:43 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rshx32.dll [2009/10/24 22:59:43 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe [2009/10/24 22:59:43 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll [2009/10/24 22:59:43 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll [2009/10/24 22:59:42 | 00,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr [2009/10/24 22:59:42 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL [2009/10/24 22:59:42 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll [2009/10/24 22:59:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll [2009/10/24 22:59:42 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe [2009/10/24 22:59:42 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll [2009/10/24 22:59:41 | 00,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe [2009/10/24 22:59:40 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe [2009/10/24 22:59:38 | 00,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2009/10/24 22:59:38 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2009/10/24 22:59:37 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll [2009/10/24 22:59:37 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll [2009/10/24 22:59:37 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll [2009/10/24 22:59:37 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL [2009/10/24 22:59:37 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL [2009/10/24 22:59:36 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL [2009/10/24 22:59:36 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll [2009/10/24 22:59:36 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL [2009/10/24 22:59:36 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys [2009/10/24 22:59:35 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\regedit.exe [2009/10/24 22:59:35 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\remotepg.dll [2009/10/24 22:59:35 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe [2009/10/24 22:59:35 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll [2009/10/24 22:59:34 | 00,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll [2009/10/24 22:59:34 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll [2009/10/24 22:59:34 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpdd.dll [2009/10/24 22:59:34 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll [2009/10/24 22:59:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPCDD.sys [2009/10/24 22:59:33 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl [2009/10/24 22:59:33 | 00,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe [2009/10/24 22:59:33 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll [2009/10/24 22:59:33 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll [2009/10/24 22:59:33 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll [2009/10/24 22:59:30 | 00,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll [2009/10/24 22:59:30 | 00,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll [2009/10/24 22:59:30 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll [2009/10/24 22:59:30 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll [2009/10/24 22:59:29 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll [2009/10/24 22:59:29 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe [2009/10/24 22:59:29 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe [2009/10/24 22:59:29 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2009/10/24 22:59:29 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll [2009/10/24 22:59:29 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe [2009/10/24 22:59:28 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe [2009/10/24 22:59:28 | 00,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe [2009/10/24 22:59:28 | 00,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe [2009/10/24 22:59:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe [2009/10/24 22:59:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll [2009/10/24 22:59:28 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe [2009/10/24 22:59:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll [2009/10/24 22:59:27 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe [2009/10/24 22:59:27 | 00,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll [2009/10/24 22:59:27 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll [2009/10/24 22:59:27 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll [2009/10/24 22:59:27 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL [2009/10/24 22:59:27 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll [2009/10/24 22:59:27 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DfsShlEx.dll [2009/10/24 22:59:26 | 01,291,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comres.dll [2009/10/24 22:59:26 | 00,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll [2009/10/24 22:59:26 | 00,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll [2009/10/24 22:59:26 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll [2009/10/24 22:59:26 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll [2009/10/24 22:59:26 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll [2009/10/24 22:59:26 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe [2009/10/24 22:59:25 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll [2009/10/24 22:59:25 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll [2009/10/24 22:59:25 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll [2009/10/24 22:59:25 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL [2009/10/24 22:59:25 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe [2009/10/24 22:59:25 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2009/10/24 22:59:25 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll [2009/10/24 22:59:25 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll [2009/10/24 22:59:25 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe [2009/10/24 22:59:24 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll [2009/10/24 22:59:23 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll [2009/10/24 22:59:23 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe [2009/10/24 22:59:23 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll [2009/10/24 22:59:23 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL [2009/10/24 22:59:23 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapsvc.dll [2009/10/24 22:59:23 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll [2009/10/24 22:59:23 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll [2009/10/24 22:59:22 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll [2009/10/24 22:59:22 | 00,058,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys [2009/10/24 22:59:22 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys [2009/10/24 22:59:22 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fdc.sys [2009/10/24 22:59:22 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll [2009/10/24 22:59:22 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\flpydisk.sys [2009/10/24 22:59:22 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdPHost.dll [2009/10/24 22:59:21 | 02,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe [2009/10/24 22:59:21 | 02,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl [2009/10/24 22:59:21 | 00,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll [2009/10/24 22:59:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll [2009/10/24 22:59:20 | 00,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2009/10/24 22:59:20 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll [2009/10/24 22:59:19 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll [2009/10/24 22:59:19 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll [2009/10/24 22:59:19 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll [2009/10/24 22:59:19 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe [2009/10/24 22:59:19 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe [2009/10/24 22:59:19 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll [2009/10/24 22:59:19 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll [2009/10/24 22:59:19 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll [2009/10/24 22:59:18 | 00,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll [2009/10/24 22:59:18 | 00,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2009/10/24 22:59:18 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll [2009/10/24 22:59:18 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll [2009/10/24 22:59:18 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe [2009/10/24 22:59:18 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dps.dll [2009/10/24 22:59:18 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll [2009/10/24 22:59:18 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE [2009/10/24 22:59:18 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx [2009/10/24 22:59:18 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll [2009/10/24 22:59:18 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll [2009/10/24 22:59:18 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll [2009/10/24 22:59:18 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll [2009/10/24 22:59:18 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2009/10/24 22:59:18 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll [2009/10/24 22:59:18 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll [2009/10/24 22:59:17 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll [2009/10/24 22:59:17 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll [2009/10/24 22:59:17 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys [2009/10/24 22:59:16 | 00,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsuiext.dll [2009/10/24 22:59:16 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll [2009/10/24 22:59:16 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsquery.dll [2009/10/24 22:59:16 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquoui.dll [2009/10/24 22:59:16 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll [2009/10/24 22:59:16 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll [2009/10/24 22:59:16 | 00,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll [2009/10/24 22:59:16 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll [2009/10/24 22:59:16 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll [2009/10/24 22:59:16 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssec.dll [2009/10/24 22:59:16 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll [2009/10/24 22:59:15 | 04,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll [2009/10/24 22:59:15 | 01,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr [2009/10/24 22:59:15 | 00,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll [2009/10/24 22:59:15 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll [2009/10/24 22:59:15 | 00,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll [2009/10/24 22:59:15 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe [2009/10/24 22:59:15 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe [2009/10/24 22:59:15 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe [2009/10/24 22:59:13 | 00,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe [2009/10/24 22:59:13 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe [2009/10/24 22:59:13 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll [2009/10/24 22:59:13 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll [2009/10/24 22:59:13 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll [2009/10/24 22:59:13 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys [2009/10/24 22:59:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\beep.sys [2009/10/24 22:59:12 | 01,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll [2009/10/24 22:59:12 | 00,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll [2009/10/24 22:59:12 | 00,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll [2009/10/24 22:59:12 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll [2009/10/24 22:59:12 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb [2009/10/24 22:59:12 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe [2009/10/24 22:59:12 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll [2009/10/24 22:59:12 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll [2009/10/24 22:59:10 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll [2009/10/24 22:59:09 | 00,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll [2009/10/24 22:59:09 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll [2009/10/24 22:59:09 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll [2009/10/24 22:59:09 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys [2009/10/24 22:59:09 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll [2009/10/24 22:59:09 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll [2009/10/24 22:59:08 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll [2009/10/24 22:59:08 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll [2009/10/24 22:59:08 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\alg.exe [2009/10/24 22:59:08 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appinfo.dll [2009/10/24 22:59:07 | 00,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr [2009/10/24 22:59:07 | 00,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll [2009/10/24 22:59:07 | 00,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll [2009/10/24 22:59:07 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabview.dll [2009/10/24 22:59:07 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll [2009/10/24 22:59:07 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll [2009/10/24 22:59:07 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe [2009/10/24 22:59:06 | 00,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL [2009/10/24 22:59:06 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll [2009/10/24 22:59:06 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll [2009/10/24 22:59:05 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys [2009/10/24 22:59:05 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll [2009/10/24 22:59:04 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browser.dll [2009/10/24 22:59:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe [2009/10/24 22:59:03 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll [2009/10/24 22:59:03 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll [2009/10/24 22:59:03 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll [2009/10/24 22:59:02 | 00,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2009/10/24 22:59:02 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdfs.sys [2009/10/24 22:59:00 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe [2009/10/24 22:58:53 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll [2009/10/24 22:58:53 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll [2009/10/24 22:58:51 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll [2009/10/24 22:58:49 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\i8042prt.sys [2009/10/24 22:58:49 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll [2009/10/24 22:58:49 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe [2009/10/24 22:58:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll [2009/10/24 22:58:47 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll [2009/10/24 22:58:47 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2009/10/24 22:58:46 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll [2009/10/24 22:58:46 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll [2009/10/24 22:58:45 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll [2009/10/24 22:58:45 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe [2009/10/24 22:58:44 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll [2009/10/24 22:58:43 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll [2009/10/24 22:58:43 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll [2009/10/24 22:58:41 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2009/10/24 22:58:41 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys [2009/10/24 22:58:41 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll [2009/10/24 22:58:37 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll [2009/10/24 22:58:37 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe [2009/10/24 22:58:36 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll [2009/10/24 22:58:36 | 00,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys [2009/10/24 22:58:36 | 00,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2009/10/24 22:58:35 | 00,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx [2009/10/24 22:58:35 | 00,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [2009/10/24 22:58:35 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll [2009/10/24 22:58:34 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe [2009/10/24 22:58:34 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll [2009/10/24 22:58:34 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax [2009/10/24 22:58:33 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com [2009/10/24 22:58:25 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2009/10/24 22:58:25 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll [2009/10/24 22:58:24 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll [2009/10/24 22:58:24 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2009/10/24 22:58:24 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll [2009/10/24 22:58:24 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll [2009/10/24 22:58:24 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL [2009/10/24 22:58:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll [2009/10/24 22:58:22 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2009/10/24 22:58:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2009/10/24 22:58:22 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2009/10/24 22:58:21 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll [2009/10/24 22:58:21 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll [2009/10/24 22:58:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll [2009/10/24 22:58:20 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe [2009/10/24 22:58:20 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll [2009/10/24 22:58:19 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll [2009/10/24 22:58:18 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe [2009/10/24 22:58:18 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll [2009/10/24 22:58:18 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl [2009/10/24 22:58:17 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2009/10/24 22:58:17 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecsvc.dll [2009/10/24 22:58:17 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll [2009/10/24 22:58:17 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2009/10/24 22:58:16 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll [2009/10/24 22:58:15 | 01,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll [2009/10/24 22:58:15 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2009/10/24 22:58:15 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll [2009/10/24 22:58:15 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll [2009/10/24 22:58:14 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll [2009/10/24 22:58:14 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe [2009/10/24 22:58:14 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe [2009/10/24 22:58:13 | 00,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XPSSHHDR.dll [2009/10/24 22:58:13 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll [2009/10/24 22:58:13 | 00,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2009/10/24 22:58:13 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe [2009/10/24 22:58:13 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll [2009/10/24 22:58:13 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2009/10/24 22:58:13 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2009/10/24 22:58:13 | 00,083,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFRd.sys [2009/10/24 22:58:13 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll [2009/10/24 22:58:13 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFSvc.dll [2009/10/24 22:58:13 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFPf.sys [2009/10/24 22:58:13 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll [2009/10/24 22:58:13 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll [2009/10/24 22:58:13 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll [2009/10/24 22:58:13 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2009/10/24 22:58:12 | 01,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll [2009/10/24 22:58:12 | 00,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll [2009/10/24 22:58:12 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2009/10/24 22:58:12 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax [2009/10/24 22:58:12 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe [2009/10/24 22:58:12 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2009/10/24 22:58:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2009/10/24 22:58:12 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll [2009/10/24 22:58:12 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2009/10/24 22:58:12 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll [2009/10/24 22:58:12 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL [2009/10/24 22:58:12 | 00,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll [2009/10/24 22:58:11 | 00,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll [2009/10/24 22:58:11 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe [2009/10/24 22:58:11 | 00,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll [2009/10/24 22:58:11 | 00,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys [2009/10/24 22:58:10 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll [2009/10/24 22:58:10 | 00,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll [2009/10/24 22:58:10 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll [2009/10/24 22:58:10 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL [2009/10/24 22:58:10 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll [2009/10/24 22:58:10 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpshell.dll [2009/10/24 22:58:09 | 01,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL [2009/10/24 22:58:09 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll [2009/10/24 22:58:08 | 00,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL [2009/10/24 22:58:07 | 01,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll [2009/10/24 22:58:07 | 01,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2009/10/24 22:58:07 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll [2009/10/24 22:58:07 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll [2009/10/24 22:58:06 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll [2009/10/24 22:58:06 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe [2009/10/24 22:58:05 | 00,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2009/10/24 22:58:05 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe [2009/10/24 22:58:05 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe [2009/10/24 22:58:05 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe [2009/10/24 22:58:05 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdtcp.sys [2009/10/24 22:58:04 | 00,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl [2009/10/24 22:58:04 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe [2009/10/24 22:58:04 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll [2009/10/24 22:58:04 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdpipe.sys [2009/10/24 22:58:01 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll [2009/10/24 22:58:01 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll [2009/10/24 22:58:01 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll [2009/10/24 22:58:01 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe [2009/10/24 22:58:01 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll [2009/10/24 22:58:00 | 00,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll [2009/10/24 22:58:00 | 00,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll [2009/10/24 22:58:00 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr [2009/10/24 22:58:00 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll [2009/10/24 22:58:00 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll [2009/10/24 22:58:00 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe [2009/10/24 22:57:59 | 08,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr [2009/10/24 22:57:58 | 08,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll [2009/10/24 22:57:58 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll [2009/10/24 22:57:58 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll [2009/10/24 22:57:58 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysdm.cpl [2009/10/24 22:57:58 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll [2009/10/24 22:57:58 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe [2009/10/24 22:57:58 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2009/10/24 22:57:58 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll [2009/10/24 22:57:58 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll [2009/10/24 22:57:58 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe [2009/10/24 22:57:58 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll [2009/10/24 22:57:58 | 00,021,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys [2009/10/24 22:57:58 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll [2009/10/24 22:57:58 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll [2009/10/24 22:57:57 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll [2009/10/24 22:57:57 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbscan.sys [2009/10/24 22:57:57 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbprint.sys [2009/10/24 22:57:57 | 00,015,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\swenum.sys [2009/10/24 22:57:56 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll [2009/10/24 22:57:56 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe [2009/10/24 22:57:56 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll [2009/10/24 22:57:55 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll [2009/10/24 22:57:55 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll [2009/10/24 22:57:55 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2009/10/24 22:57:54 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccgp.sys [2009/10/24 22:57:54 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll [2009/10/24 22:57:54 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vga.sys [2009/10/24 22:57:54 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll [2009/10/24 22:57:54 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll [2009/10/24 22:57:53 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL [2009/10/24 22:57:52 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll [2009/10/24 22:57:52 | 00,240,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll [2009/10/24 22:57:52 | 00,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax [2009/10/24 22:57:52 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll [2009/10/24 22:57:52 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll [2009/10/24 22:57:52 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys [2009/10/24 22:57:52 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll [2009/10/24 22:57:52 | 00,052,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys [2009/10/24 22:57:52 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax [2009/10/24 22:57:52 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll [2009/10/24 22:57:51 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll [2009/10/24 22:57:51 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe [2009/10/24 22:57:51 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll [2009/10/24 22:57:51 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe [2009/10/24 22:57:51 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll [2009/10/24 22:57:51 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll [2009/10/24 22:57:51 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe [2009/10/24 22:57:50 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys [2009/10/24 22:57:50 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll [2009/10/24 22:57:49 | 02,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll [2009/10/24 22:57:49 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll [2009/10/24 22:57:49 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys [2009/10/24 22:57:49 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe [2009/10/24 22:57:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umpass.sys [2009/10/24 22:57:48 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll [2009/10/24 22:57:48 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll [2009/10/24 22:57:48 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll [2009/10/24 22:57:48 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe [2009/10/24 22:57:48 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys [2009/10/24 22:57:48 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS [2009/10/24 22:57:48 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll [2009/10/24 22:26:12 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Local\Microsoft Corporation [2009/10/22 19:39:48 | 00,000,000 | ---D | C] -- C:\Users\ace\AppData\Roaming\nod32 updater [2009/10/19 10:14:33 | 00,434,176 | ---- | C] ( ) -- C:\Windows\System32\lxdmhcp.dll [2009/10/19 10:14:33 | 00,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdminpa.dll [2009/10/19 10:14:32 | 00,950,272 | ---- | C] ( ) -- C:\Windows\System32\lxdmusb1.dll [2009/10/19 10:14:32 | 00,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdmiesc.dll [2009/10/19 10:14:31 | 01,200,128 | ---- | C] ( ) -- C:\Windows\System32\lxdmserv.dll [2009/10/19 10:14:31 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdmprox.dll [2009/10/19 10:14:30 | 00,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdmpmui.dll [2009/10/19 10:14:30 | 00,565,248 | ---- | C] ( ) -- C:\Windows\System32\lxdmlmpm.dll [2009/10/19 10:14:28 | 00,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdmhbn3.dll [2009/10/19 10:14:27 | 00,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxdmcomc.dll [2009/10/19 10:14:27 | 00,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdmcomm.dll [2008/06/18 13:04:44 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\ace\AppData\Roaming\pcouffin.sys [2007/08/09 14:50:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Users\ace\AppData\Local\stdole.dll [2007/07/13 14:36:22 | 00,220,184 | ---- | C] ( ) -- C:\Users\ace\AppData\Local\Interop.Microsoft.Office.Core.dll [2004/01/27 23:59:00 | 00,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll [2003/12/09 20:17:00 | 00,057,344 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2009/11/20 20:33:41 | 05,107,712 | ---- | M] () -- C:\Users\ace\ntuser.dat [2009/11/20 19:26:20 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/11/20 19:26:20 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009/11/20 19:26:20 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009/11/20 19:21:22 | 00,000,374 | ---- | M] () -- C:\Windows\tasks\RegCure Startup.job [2009/11/20 19:20:51 | 00,000,434 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job [2009/11/20 19:20:40 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{bb9033cb-d632-11de-9925-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/11/20 19:20:40 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{bb9033cb-d632-11de-9925-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/20 19:20:40 | 00,065,536 | -HS- | M] () -- C:\Users\ace\ntuser.dat{bb9033cb-d632-11de-9925-806e6f6e6963}.TM.blf [2009/11/20 19:19:22 | 00,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/11/20 19:19:22 | 00,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/11/20 19:19:19 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/11/20 19:19:06 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/11/20 19:17:36 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{e630857c-d5e5-11de-b115-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/20 19:17:36 | 00,065,536 | -HS- | M] () -- C:\Users\ace\ntuser.dat{e630857c-d5e5-11de-b115-806e6f6e6963}.TM.blf [2009/11/20 19:13:19 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{e630857c-d5e5-11de-b115-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/11/20 19:13:09 | 03,459,760 | -H-- | M] () -- C:\Users\ace\AppData\Local\IconCache.db [2009/11/20 12:00:00 | 00,000,430 | ---- | M] () -- C:\Windows\tasks\10-19-2009_021529.job [2009/11/20 10:07:34 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{ed9f4ac3-d191-11de-814e-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/20 10:07:34 | 00,065,536 | -HS- | M] () -- C:\Users\ace\ntuser.dat{ed9f4ac3-d191-11de-814e-806e6f6e6963}.TM.blf [2009/11/19 15:37:47 | 00,000,368 | ---- | M] () -- C:\Windows\tasks\RegCure.job [2009/11/19 15:11:00 | 00,001,041 | ---- | M] () -- C:\Users\ace\AppData\Roaming\vso_ts_preview.xml [2009/11/18 21:25:51 | 00,110,080 | ---- | M] () -- C:\Users\ace\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/11/17 18:11:26 | 00,087,608 | ---- | M] () -- C:\Users\ace\AppData\Roaming\inst.exe [2009/11/17 18:11:26 | 00,047,360 | ---- | M] (VSO Software) -- C:\Users\ace\AppData\Roaming\pcouffin.sys [2009/11/17 18:11:26 | 00,007,887 | ---- | M] () -- C:\Users\ace\AppData\Roaming\pcouffin.cat [2009/11/17 18:11:26 | 00,001,144 | ---- | M] () -- C:\Users\ace\AppData\Roaming\pcouffin.inf [2009/11/17 16:45:17 | 00,001,895 | ---- | M] () -- C:\Users\ace\Desktop\RemoveIT Pro v4 - SE.lnk [2009/11/17 10:57:00 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/11/16 12:42:39 | 00,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2009/11/16 00:47:14 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{ed9f4ac3-d191-11de-814e-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/11/15 03:43:00 | 00,000,454 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2009/11/15 02:33:00 | 00,000,410 | ---- | M] () -- C:\Windows\tasks\DriverRobot.job [2009/11/14 21:56:21 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{41bbd62e-c3c5-11de-9311-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/14 21:56:21 | 00,065,536 | -HS- | M] () -- C:\Users\ace\ntuser.dat{41bbd62e-c3c5-11de-9311-806e6f6e6963}.TM.blf [2009/11/14 12:00:00 | 00,000,390 | ---- | M] () -- C:\Windows\tasks\Week of Registry Easy.job [2009/11/13 19:38:50 | 00,108,059 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2009/11/13 19:38:50 | 00,095,259 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2009/11/13 17:06:56 | 00,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml [2009/11/13 17:06:56 | 00,001,905 | ---- | M] () -- C:\Windows\diagerr.xml [2009/11/10 14:02:22 | 00,268,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2009/11/08 00:58:41 | 00,349,156 | ---- | M] () -- C:\Windows\uninstall Deathwin.exe [2009/11/08 00:02:53 | 00,000,784 | ---- | M] () -- C:\Users\ace\Desktop\RegCure.lnk [2009/11/07 17:40:23 | 00,000,042 | ---- | M] () -- C:\Windows\System32\RegistryEasy.lie [2009/11/06 21:13:37 | 00,142,592 | ---- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys [2009/11/06 16:13:38 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2009/11/05 12:36:22 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe [2009/11/02 23:40:10 | 00,004,438 | ---- | M] () -- C:\lma_log.html [2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2009/11/02 15:48:09 | 00,000,836 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/10/28 20:22:42 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{41bbd62e-c3c5-11de-9311-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/10/28 08:28:05 | 00,524,288 | -HS- | M] () -- C:\Users\ace\ntuser.dat{71875904-bc69-11de-a282-00188b64d5d5}.TMContainer00000000000000000001.regtrans-ms [2009/10/28 08:28:05 | 00,065,536 | -HS- | M] () -- C:\Users\ace\ntuser.dat{71875904-bc69-11de-a282-00188b64d5d5}.TM.blf [2009/10/28 08:07:10 | 00,001,670 | ---- | M] () -- C:\Users\ace\Desktop\CCleaner.lnk [2009/10/28 00:02:53 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2009/10/28 00:02:50 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2009/10/25 22:11:18 | 00,717,296 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys [2009/10/25 10:13:08 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/10/25 00:07:48 | 00,002,509 | ---- | M] () -- C:\Users\ace\Desktop\MP3 Skype Recorder.lnk [2009/10/24 23:42:44 | 00,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2009/10/24 23:36:22 | 00,081,920 | ---- | M] () -- C:\Windows\SPInstall.etl [2009/10/24 23:20:39 | 00,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2009/10/24 23:20:36 | 00,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2009/10/22 16:46:04 | 00,093,096 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\IncContxMenu.dll [2009/10/22 16:45:56 | 02,115,496 | ---- | M] () -- C:\Windows\System32\Incinerator.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2009/11/20 19:20:40 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{bb9033cb-d632-11de-9925-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/11/20 19:20:40 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{bb9033cb-d632-11de-9925-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/20 19:20:40 | 00,065,536 | -HS- | C] () -- C:\Users\ace\ntuser.dat{bb9033cb-d632-11de-9925-806e6f6e6963}.TM.blf [2009/11/20 10:09:17 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{e630857c-d5e5-11de-b115-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/11/20 10:09:17 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{e630857c-d5e5-11de-b115-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/20 10:09:16 | 00,065,536 | -HS- | C] () -- C:\Users\ace\ntuser.dat{e630857c-d5e5-11de-b115-806e6f6e6963}.TM.blf [2009/11/17 18:11:25 | 00,000,055 | ---- | C] () -- C:\Users\ace\AppData\Roaming\pcouffin.log [2009/11/17 16:45:17 | 00,001,895 | ---- | C] () -- C:\Users\ace\Desktop\RemoveIT Pro v4 - SE.lnk [2009/11/17 16:32:28 | 03,459,760 | -H-- | C] () -- C:\Users\ace\AppData\Local\IconCache.db [2009/11/14 21:58:20 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{ed9f4ac3-d191-11de-814e-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/11/14 21:58:20 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{ed9f4ac3-d191-11de-814e-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/11/14 21:58:20 | 00,065,536 | -HS- | C] () -- C:\Users\ace\ntuser.dat{ed9f4ac3-d191-11de-814e-806e6f6e6963}.TM.blf [2009/11/13 19:38:50 | 00,108,059 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2009/11/13 19:38:50 | 00,095,259 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2009/11/13 17:00:09 | 00,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml [2009/11/13 17:00:09 | 00,001,905 | ---- | C] () -- C:\Windows\diagerr.xml [2009/11/08 00:58:41 | 00,349,156 | ---- | C] () -- C:\Windows\uninstall Deathwin.exe [2009/11/08 00:02:56 | 00,000,434 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job [2009/11/08 00:02:56 | 00,000,374 | ---- | C] () -- C:\Windows\tasks\RegCure Startup.job [2009/11/08 00:02:56 | 00,000,368 | ---- | C] () -- C:\Windows\tasks\RegCure.job [2009/11/08 00:02:53 | 00,000,784 | ---- | C] () -- C:\Users\ace\Desktop\RegCure.lnk [2009/11/07 17:35:29 | 00,000,042 | ---- | C] () -- C:\Windows\System32\RegistryEasy.lie [2009/11/07 17:34:18 | 00,000,390 | ---- | C] () -- C:\Windows\tasks\Week of Registry Easy.job [2009/11/06 21:13:37 | 00,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys [2009/11/06 16:13:38 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/11/02 18:34:58 | 00,004,438 | ---- | C] () -- C:\lma_log.html [2009/11/02 15:48:09 | 00,000,836 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/10/28 08:29:29 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{41bbd62e-c3c5-11de-9311-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2009/10/28 08:29:29 | 00,524,288 | -HS- | C] () -- C:\Users\ace\ntuser.dat{41bbd62e-c3c5-11de-9311-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2009/10/28 08:29:29 | 00,065,536 | -HS- | C] () -- C:\Users\ace\ntuser.dat{41bbd62e-c3c5-11de-9311-806e6f6e6963}.TM.blf [2009/10/28 00:02:53 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2009/10/28 00:02:50 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2009/10/25 22:11:17 | 00,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009/10/25 10:13:08 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/10/25 09:54:59 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2009/10/25 09:53:55 | 00,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2009/10/25 09:53:52 | 00,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man [2009/10/25 09:53:31 | 00,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf [2009/10/25 09:53:26 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/10/25 09:53:25 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/10/25 09:53:21 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls [2009/10/25 09:53:20 | 00,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf [2009/10/25 09:53:13 | 00,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf [2009/10/25 09:52:49 | 00,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2009/10/25 09:52:45 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs [2009/10/25 09:52:07 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/10/25 09:51:22 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2009/10/25 09:51:08 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2009/10/25 00:06:47 | 00,002,509 | ---- | C] () -- C:\Users\ace\Desktop\MP3 Skype Recorder.lnk [2009/10/24 22:59:43 | 00,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc [2009/10/24 22:58:34 | 00,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs [2009/10/24 22:58:22 | 00,195,122 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2009/10/19 10:14:33 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdminst.dll [2009/10/19 10:14:28 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdmgrd.dll [2009/10/18 23:20:07 | 00,034,705 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009/10/18 23:20:07 | 00,034,705 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/10/11 07:11:11 | 02,115,496 | ---- | C] () -- C:\Windows\System32\Incinerator.dll [2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/06/05 14:51:29 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008/12/26 17:15:02 | 00,001,154 | ---- | C] () -- C:\ProgramData\lxdm [2008/12/24 07:55:09 | 00,000,021 | ---- | C] () -- C:\Windows\PI5_SETUP.ini [2008/12/24 07:54:24 | 00,000,021 | ---- | C] () -- C:\Windows\ME_setup.ini [2008/12/22 19:15:21 | 00,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2008/09/26 22:54:19 | 00,001,356 | ---- | C] () -- C:\Users\ace\AppData\Local\d3d9caps.dat [2008/06/19 16:24:59 | 00,110,080 | ---- | C] () -- C:\Users\ace\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/06/19 10:54:29 | 00,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2008/06/18 13:05:41 | 00,001,041 | ---- | C] () -- C:\Users\ace\AppData\Roaming\vso_ts_preview.xml [2008/06/18 13:04:44 | 00,087,608 | ---- | C] () -- C:\Users\ace\AppData\Roaming\inst.exe [2008/06/18 13:04:44 | 00,007,887 | ---- | C] () -- C:\Users\ace\AppData\Roaming\pcouffin.cat [2008/06/18 13:04:44 | 00,001,144 | ---- | C] () -- C:\Users\ace\AppData\Roaming\pcouffin.inf [2008/06/18 11:27:50 | 00,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll [2008/06/18 09:29:06 | 00,000,936 | ---- | C] () -- C:\Windows\wininit.ini [2008/06/18 09:17:46 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdmoem.dll [2008/06/18 09:04:03 | 00,064,048 | ---- | C] () -- C:\Users\ace\AppData\Local\GDIPFONTCACHEV1.DAT [2007/05/22 17:59:38 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxdmdrs.dll [2007/05/22 09:10:12 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxdmcaps.dll [2007/05/03 14:50:10 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdmcoin.dll [2007/04/17 09:17:06 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdmcnv4.dll [2006/11/29 14:08:27 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 07:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006/11/02 07:37:35 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2006/11/02 07:37:35 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2006/11/02 07:37:35 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 05:23:31 | 00,000,264 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 05:23:31 | 00,000,191 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/08/01 00:53:18 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdmvs.dll [2003/10/21 15:40:00 | 00,053,248 | ---- | C] () -- C:\Windows\System32\dsnpstd.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1CA73D29 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:ECF54A0E < End of report > |
|
|
|
|
Nov 20 2009, 08:43 PM
Post
#4
|
|
|
New Member Group: Members Posts: 10 Joined: 11-November 09 Member No.: 401,698 |
OTL Extras logfile created on: 11/20/2009 8:33:35 PM - Run 1
OTL by OldTimer - Version 3.1.6.1 Folder = C:\Users\ace\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18828) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232.83 Gb Total Space | 158.09 Gb Free Space | 67.90% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ACE-PC Current User Name: ace Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1 .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2630FFD4-5C67-477D-A219-C96B4E9000A1}" = lport=56770 | protocol=17 | dir=in | name=pando p2p udp listening port | "{3BCD0503-B89D-4B09-B097-CD90C590F3CE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | "{41345E80-221A-4BB8-9EAB-A1D04BBEA2D5}" = lport=58532 | protocol=6 | dir=in | name=pando p2p tcp listening port | "{6E84985D-2297-4312-8ACB-1E5F06EA9194}" = lport=58711 | protocol=6 | dir=in | name=pando p2p tcp listening port | "{75A7C928-EE6D-4ECB-873B-04C9061FD219}" = lport=1701 | protocol=17 | dir=in | app=system | "{7F6CD7EB-44A1-42C8-906B-EC1293E1C212}" = lport=58532 | protocol=17 | dir=in | name=pando p2p udp listening port | "{90F001B1-1DA6-41ED-AEA6-6D7D17A4D283}" = lport=58711 | protocol=17 | dir=in | name=pando p2p udp listening port | "{95DD6D81-C084-4626-B7E9-7828915D209F}" = lport=56770 | protocol=6 | dir=in | name=pando p2p tcp listening port | "{9630582C-C856-4CED-B29F-C060ACE6B2A9}" = lport=2869 | protocol=6 | dir=in | app=system | "{99ED936C-2A17-4324-8021-DB92B79773F4}" = rport=1701 | protocol=17 | dir=out | app=system | "{A02F56F2-BBFF-4880-8CE1-156A5F43E913}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C58E8AD8-D862-482F-927C-163E39281D32}" = lport=3306 | protocol=6 | dir=in | name=mysql server | "{C6440DEA-50BB-49A7-A877-2656BD820F10}" = lport=1723 | protocol=6 | dir=in | app=system | "{D2408830-1381-4CA7-8C3D-10F62DC46E2F}" = rport=1723 | protocol=6 | dir=out | app=system | "{E19DC59C-F4F1-4673-8520-3C4C2EA79541}" = lport=80 | protocol=6 | dir=in | app=system | "{E4630816-CBDB-45F0-B7F5-83EE7420387E}" = lport=445 | protocol=6 | dir=in | app=system | "{EC2FB760-53D2-47C5-872D-B7010425DF78}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{013D1FD6-DA2B-48D2-965E-8F3D331AB4C4}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | "{01ADD97B-5162-423E-9072-AB18A5C84B1D}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | "{02DA965F-3C8E-43B4-827C-9E19A0934B4F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{0AFF37B6-BD1B-43E3-B039-100E01CC5C85}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0DDF269E-49DF-4FC5-BFB4-945227DB8BF6}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{130E776C-AFE5-45B5-9B0A-AF28CFBA8445}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{142DD84F-673A-4254-81EC-7602DF8D044A}" = protocol=17 | dir=in | app=c:\windows\system32\lxdmcoms.exe | "{16D59FB5-8C7B-4932-AC90-76005E61CB38}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdmpswx.exe | "{1D62E8F9-0AD3-4E5C-AFB1-8B017CD49AE8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{1D7273D8-41B2-4688-8E12-06C0AF8ED4B3}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdmpswx.exe | "{23E0B62C-6133-41BA-B23A-16056646CAF0}" = protocol=6 | dir=in | app=c:\program files\pando networks\pando\pando.exe | "{263897BF-DB35-454C-B9C0-57B6DED922E6}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | "{26CED89A-C4FF-4BD4-867B-0E91A26074AE}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe | "{3D4E2EC3-F12B-4CE7-BDE5-2DC804F3F585}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe | "{471CF11D-F3B8-4B42-AFD8-8FC510B3125F}" = protocol=6 | dir=in | app=c:\windows\system32\lxdmcoms.exe | "{4DD164CF-F312-474D-9690-CFF8D61314D2}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe | "{4E42257A-073C-48F9-A1E1-57745F22C7B9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{4FF2A9DE-DF74-4CB8-8FA8-CD2480A722D2}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | "{54D0DF04-D87F-46C7-B942-34D4D9A09DBC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe | "{5F946D5E-66DB-40D0-9740-A8082A8BD668}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | "{6875C2E3-8911-43A5-B73E-484D4A7EEF1A}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | "{74C52430-C8C1-4431-93E1-B3FC3B2429D0}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{798B7959-F331-4BC8-96C1-F7FD096467DA}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdmtime.exe | "{79B595DC-F69F-443B-86BC-1B85DD9225E1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{864142E8-7E19-43BA-A71E-9A37A6419C78}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{8D190394-3CE3-47BD-8076-DB179EDD4C57}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{963B43DC-078C-451E-8767-B0030C7FA897}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{965FCDD7-696C-4C6C-86C9-D38165E0A546}" = protocol=17 | dir=in | app=c:\program files\lexmark 5000 series\lxdmmon.exe | "{97ED8FCC-E8A3-4DD9-B4CF-0D709299AE0E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{A1B2438B-0899-4EF1-9A60-527AA47449B4}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | "{ABAC9A7D-8AEB-4760-97F9-8FFE90525C5C}" = protocol=17 | dir=in | app=c:\program files\lexmark 5000 series\frun.exe | "{ACB5F066-5156-4F5A-B4A6-DC8A233BD808}" = protocol=6 | dir=in | app=c:\program files\lexmark 5000 series\lxdmfax.exe | "{B06B1D55-6767-4EEE-899A-D358D439B0F2}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | "{C52426CE-4F4C-4FB2-8B5F-A137D8B39F6D}" = protocol=17 | dir=in | app=c:\program files\lexmark 5000 series\lxdmfax.exe | "{CC28AC0A-30F5-49B0-B2A4-C3EFE43A7423}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdmtime.exe | "{D8FF6B6C-CA95-408A-82C6-1E04003F8CAF}" = protocol=6 | dir=in | app=c:\program files\lexmark 5000 series\frun.exe | "{D9FF9450-0A7D-4AA3-8917-47A4B8104341}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{DB528BFD-671B-4A1A-B26B-4D59EAF48441}" = protocol=17 | dir=in | app=c:\program files\pando networks\pando\pando.exe | "{E2EBD527-817D-4D99-8448-F89E7CD20B76}" = protocol=6 | dir=in | app=c:\program files\lexmark 5000 series\lxdmmon.exe | "{ED561241-3AF0-482B-8602-42A0F5919C99}" = protocol=6 | dir=in | app=c:\program files\lexmark 5000 series\lxdmamon.exe | "{EF45B85C-141B-4324-A1B0-7DBA0C6DD3EC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe | "{F9D514DA-A70A-483D-8B9E-FCB6A8CB18A9}" = protocol=17 | dir=in | app=c:\program files\lexmark 5000 series\lxdmamon.exe | "TCP Query User{43CB51BF-FE65-4EBA-84EF-594CAAC950AB}C:\program files\lexmark 5000 series\lxdmmon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 5000 series\lxdmmon.exe | "TCP Query User{5019F4C7-9BDD-4E2D-BE0F-DE98EED20462}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe | "TCP Query User{50419A65-4AE2-4407-96B1-A3074ACB9F69}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe | "TCP Query User{5FBC5792-2C07-4A3E-9D75-0B7371E9D14A}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe | "TCP Query User{6015A498-8381-4026-9892-F2C335A7C164}C:\program files\spacialaudio\sambc\samreporter\samreporter.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\samreporter\samreporter.exe | "TCP Query User{7082873D-AE2F-4552-A2FD-380EAD978CE8}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{745BABCA-3ECB-48F5-8095-DB7D75FFB792}C:\program files\bullguard ltd\bullguard\bullguard.exe" = protocol=6 | dir=in | app=c:\program files\bullguard ltd\bullguard\bullguard.exe | "TCP Query User{78458E6A-E0F5-4E56-A712-2AB478881D6A}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "TCP Query User{7E192189-474D-4D86-9E32-D240792A732C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{857F678C-DA4D-462D-B859-420299503F61}C:\program files\pando networks\pando\pando.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\pando\pando.exe | "TCP Query User{9D8D01E7-B22D-4F8C-9361-E496F98C397D}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{B81D9551-3103-474D-800A-9223406ABCB9}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{C63AB49F-5901-46CE-93CB-3A34EA8C9BAD}C:\program files\incode solutions\removeit pro v4 - se\removeit.exe" = protocol=6 | dir=in | app=c:\program files\incode solutions\removeit pro v4 - se\removeit.exe | "TCP Query User{CFEFC313-9E57-4E8E-9816-1793DE5DD27C}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | "TCP Query User{D090EB81-C79A-4582-A06E-0A0BC7DED21D}C:\program files\call graph\callgraph.exe" = protocol=6 | dir=in | app=c:\program files\call graph\callgraph.exe | "TCP Query User{DA76043E-13A3-4435-81B9-345E41A5A35C}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "TCP Query User{DC233B36-C26A-4B31-91F2-995A5B84260A}C:\program files\reallusion\crazytalk for skype\ct4skype.exe" = protocol=6 | dir=in | app=c:\program files\reallusion\crazytalk for skype\ct4skype.exe | "TCP Query User{E07F9932-74D1-4D42-8A4D-DEBB99552EE2}C:\program files\skypecallrecorder\skypecallrecorder.exe" = protocol=6 | dir=in | app=c:\program files\skypecallrecorder\skypecallrecorder.exe | "TCP Query User{F0F06C4C-AC61-4B5C-B761-6F1295EFA4A2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{1A4CDE1B-527F-4672-AC95-ADFDB4A37DD8}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe | "UDP Query User{21D866EB-482D-4585-B4E3-9E7230657401}C:\program files\call graph\callgraph.exe" = protocol=17 | dir=in | app=c:\program files\call graph\callgraph.exe | "UDP Query User{26B0A8CA-F65F-492C-95FA-30DACAE3EF8C}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | "UDP Query User{2F26E8D8-94B1-4E30-8131-80E88F5CBB04}C:\program files\spacialaudio\sambc\samreporter\samreporter.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\samreporter\samreporter.exe | "UDP Query User{421E470E-4A94-4C9D-B281-2E0BA2C11AF6}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "UDP Query User{4941D578-064A-442B-91C6-4296B2F6C600}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{4B93EDDC-5AC1-435F-9D73-1336E5D331E1}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe | "UDP Query User{6475FF6C-9652-4D8E-8095-43522A96BC9C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{664940F1-A793-45FD-9AB5-B65AC715D6E7}C:\program files\pando networks\pando\pando.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\pando\pando.exe | "UDP Query User{76E7860B-2CB3-4B88-B284-568ACBC60389}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe | "UDP Query User{8FCD1FF1-8D18-49A8-8101-C1BEEB0D591A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{9B0164EE-2474-4A62-83FC-BFB5F1B1DA2B}C:\program files\skypecallrecorder\skypecallrecorder.exe" = protocol=17 | dir=in | app=c:\program files\skypecallrecorder\skypecallrecorder.exe | "UDP Query User{A3826792-2D22-4F9B-A1D0-C50A8BEE2596}C:\program files\bullguard ltd\bullguard\bullguard.exe" = protocol=17 | dir=in | app=c:\program files\bullguard ltd\bullguard\bullguard.exe | "UDP Query User{C15A5558-656B-4642-8998-369F84837532}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{C334CE95-CADF-46F7-BB01-E181DB6CA3C4}C:\program files\lexmark 5000 series\lxdmmon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 5000 series\lxdmmon.exe | "UDP Query User{E7361893-E405-49B0-B342-73985F430203}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{F05AACD6-0EE3-4AE9-9812-A0FAB784C616}C:\program files\incode solutions\removeit pro v4 - se\removeit.exe" = protocol=17 | dir=in | app=c:\program files\incode solutions\removeit pro v4 - se\removeit.exe | "UDP Query User{F0BD7384-91F8-4760-B5E3-1B329BD32948}C:\program files\reallusion\crazytalk for skype\ct4skype.exe" = protocol=17 | dir=in | app=c:\program files\reallusion\crazytalk for skype\ct4skype.exe | "UDP Query User{F66927E1-6AD6-445B-A5D0-A10783AEF431}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{062BFFA1-0CCC-400B-B840-F162328D8C00}" = winLAME prerelease4 "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{1F1C4668-7767-4109-9B5E-19AD056F2CA0}" = MP3 Skype Recorder "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 17 "{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0 "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7 "{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java™ SE Development Kit 6 Update 17 "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{39A908FD-7322-41AE-B374-C7A076B2FC97}" = Memeo AutoBackup "{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.0.1.7 "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.1 "{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic "{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6BCEB97B-F315-455D-BC2D-565A1A6781E8}" = Memeo AutoBackup "{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime "{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}" = HiYo "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1 "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{972C1C85-E18C-4DC0-8CB7-5007DF98DE3A}" = MySQL Server 5.1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE "{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.5.314 "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery "{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync "{FECA6067-869C-4F32-9F6E-574E1496CE44}" = Memeo AutoSync "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Belarc Advisor" = Belarc Advisor 7.2 "CCleaner" = CCleaner "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "ComcastHSI" = Comcast High-Speed Internet Install Wizard "Creative PD0620" = Creative WebCam Instant Driver (1.00.08.0416) "Creative WebCam Center" = Creative WebCam Center "HijackThis" = HijackThis 2.0.2 "HiYo" = HiYo "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "Lexmark 5000 Series" = Lexmark 5000 Series "LimeWire" = LimeWire 5.2.13 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.4)" = Mozilla Firefox (3.0.4) "Notepad++" = Notepad++ "NVIDIA Drivers" = NVIDIA Drivers "Orb" = Winamp Remote "RegCure" = RegCure 2.0.0.0 "RemoveIT Pro v4 - SE" = RemoveIT Pro v4 - SE "SAM3" = SAM Broadcaster (remove only) "Shuangs Audio Joiner_is1" = Shuangs Audio Joiner 1.1 "Spyware Terminator_is1" = Spyware Terminator "TeamViewer 4" = TeamViewer 4 "UninstallTool" = Uninstall Tool "uTorrent" = µTorrent "Virtual Audio Cable 4.9" = Virtual Audio Cable 4.9 "VLC media player" = VLC media player 1.0.3 "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Extras" = Yahoo! Browser Services "Yahoo! IE Suggest" = Yahoo! Search Suggest Add-on for IE7 "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-892561943-1508116293-3273268530-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "InstallShield_{39A908FD-7322-41AE-B374-C7A076B2FC97}" = Memeo AutoBackup "InstallShield_{6BCEB97B-F315-455D-BC2D-565A1A6781E8}" = Memeo AutoBackup "InstallShield_{FECA6067-869C-4F32-9F6E-574E1496CE44}" = Memeo AutoSync ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/7/2009 8:59:44 AM | Computer Name = ace-PC | Source = Windows Search Service | ID = 3013 Description = Error - 11/7/2009 8:59:44 AM | Computer Name = ace-PC | Source = Windows Search Service | ID = 3013 Description = Error - 11/7/2009 6:37:53 PM | Computer Name = ace-PC | Source = SideBySide | ID = 16842811 Description = Activation context generation failed for "C:\Program Files\Registry Easy\RE.exe".Error in manifest or policy file "C:\Program Files\Registry Easy\RE.exe" on line 0. Invalid Xml syntax. Error - 11/7/2009 6:37:54 PM | Computer Name = ace-PC | Source = SideBySide | ID = 16842811 Description = Activation context generation failed for "C:\Program Files\Registry Easy\RE.exe".Error in manifest or policy file "C:\Program Files\Registry Easy\RE.exe" on line 0. Invalid Xml syntax. Error - 11/7/2009 6:38:03 PM | Computer Name = ace-PC | Source = SideBySide | ID = 16842811 Description = Activation context generation failed for "C:\Program Files\Registry Easy\RE.exe".Error in manifest or policy file "C:\Program Files\Registry Easy\RE.exe" on line 0. Invalid Xml syntax. Error - 11/7/2009 6:38:05 PM | Computer Name = ace-PC | Source = SideBySide | ID = 16842811 Description = Activation context generation failed for "C:\Program Files\Registry Easy\RE.exe".Error in manifest or policy file "C:\Program Files\Registry Easy\RE.exe" on line 0. Invalid Xml syntax. Error - 11/7/2009 6:38:51 PM | Computer Name = ace-PC | Source = SideBySide | ID = 16842811 Description = Activation context generation failed for "C:\Program Files\Registry Easy\RE.exe".Error in manifest or policy file "C:\Program Files\Registry Easy\RE.exe" on line 0. Invalid Xml syntax. Error - 11/7/2009 7:33:01 PM | Computer Name = ace-PC | Source = Windows Search Service | ID = 3013 Description = Error - 11/7/2009 7:33:01 PM | Computer Name = ace-PC | Source = Windows Search Service | ID = 3013 Description = Error - 11/7/2009 7:33:01 PM | Computer Name = ace-PC | Source = Windows Search Service | ID = 3013 Description = [ Media Center Events ] Error - 11/2/2008 10:41:36 PM | Computer Name = ace-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 7/25/2009 7:31:42 PM | Computer Name = ace-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 7/30/2009 10:59:27 AM | Computer Name = ace-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide Error - 8/28/2009 7:31:54 PM | Computer Name = ace-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 10/3/2009 10:03:21 PM | Computer Name = ace-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. [ System Events ] Error - 11/20/2009 11:08:31 AM | Computer Name = ace-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 11/20/2009 11:10:19 AM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/20/2009 11:10:19 AM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/20/2009 11:10:19 AM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7026 Description = Error - 11/20/2009 8:02:40 PM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/20/2009 8:13:48 PM | Computer Name = ace-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 11/20/2009 8:18:48 PM | Computer Name = ace-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 11/20/2009 8:20:18 PM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7009 Description = Error - 11/20/2009 8:20:18 PM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7000 Description = Error - 11/20/2009 8:20:18 PM | Computer Name = ace-PC | Source = Service Control Manager | ID = 7026 Description = < End of report > |
|
|
|
|
Nov 22 2009, 02:02 PM
Post
#5
|
|
|
bleepin' _temp_ Group: Malware Response Instructor Posts: 13,121 Joined: 25-January 08 From: At home Member No.: 186,120 |
Hi,
Your log(s) show that you are using so called peer-to-peer or file-sharing programmes (in your case uTorrent). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it. It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology." Registry Cleaners I notice the presence of Easy Registry here Registry Cleaner on your pc. I don't personally recommend the use of ANY registry cleaners. Here is an excerpt from a discussion on regcleaners QUOTE Most reg cleaners aren't "bad" as such, but they aren't perfect and even the best have been known to cause problems. The point we are trying to make is that the risk of using one far outweighs any benefit. If it does work perfectly you will not see any difference If it doesn't work properly you may end up with an expensive doorstop. http://miekiemoes.blogspot.com/2008/02/reg...weaking_13.html http://forums.whatthetech.com/Regcleaner_t42862.html Please run a scan with Malwarebytes and gmer to check further for malware: Please download Malwarebytes Anti-Malware and save it to your desktop. alternate download link 1 alternate download link 2 If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
These are the instructions for gmer: Please download GMER from one of the following locations and save it to your desktop:
Please post back the logs from malwarebytes and gmer in your next reply. regards myrti -------------------- Help request via PM will be ignored, unless I am already helping you. Please use the forums! If I have helped you please consider to to help me continue the malware fight! Thank you!I'll be gone from 30th July - 5th August. Sorry for any incovenience caused. |
|
|
|
|
Nov 22 2009, 03:49 PM
Post
#6
|
|
|
New Member Group: Members Posts: 10 Joined: 11-November 09 Member No.: 401,698 |
Hi i tried 3 times to run Gmer but i would not finish only stopped working was disconnected from the internet as per instructions, but here is the other logs you requested.
Malwarebytes' Anti-Malware 1.41 Database version: 3215 Windows 6.0.6002 Service Pack 2 11/22/2009 3:48:51 PM mbam-log-2009-11-22 (15-48-51).txt Scan type: Quick Scan Objects scanned: 91568 Time elapsed: 5 minute(s), 7 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 2 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
|
|
|
|
Nov 22 2009, 04:10 PM
Post
#7
|
|
|
New Member Group: Members Posts: 10 Joined: 11-November 09 Member No.: 401,698 |
I got the Gmr to work here is the log file sorry i am not pc savvy at all
GMER 1.0.15.15252 - http://www.gmer.net Rootkit scan 2009-11-22 16:07:27 Windows 6.0.6002 Service Pack 2 Running: xqet450p.exe; Driver: C:\Users\ace\AppData\Local\Temp\uwldrpow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x9582DBD0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x9582F52C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x9582F782] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x9582F9FC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x9582E450] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x9582EB32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x9582EF3C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x9582E5F8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x9582EE14] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x9582D7D6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x9582ECD0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x9582D992] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x9582F06E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0x95830CB0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x9582E0EE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x9582ED72] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x958306A2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x95831672] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x9582E752] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x95830734] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x95830D64] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x9582EFDE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x9582E4D2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x9582EEAC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x9582DDD6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x95830CDA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x9582F110] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x9582DCFA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x9582FC3E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x9583107C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x958309CA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x9582F49A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x9582F360] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x95830442] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x95831554] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x9582E86C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x9582E30C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x9582FCF2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x9583082E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x958311BC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x958312A0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x958313C8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x958305CE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x9582DF4E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x9582DEA4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x95830F32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x9582E02E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x9582E1EE] INT 0x51 ? 85C31BF8 INT 0x92 ? 86B0BF00 INT 0xA2 ? 85C31BF8 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 119 822E685C 4 Bytes [D0, DB, 82, 95] .text ntkrnlpa.exe!KeSetEvent + 13D 822E6880 8 Bytes [2C, F5, 82, 95, 82, F7, 82, ...] .text ntkrnlpa.exe!KeSetEvent + 181 822E68C4 4 Bytes [FC, F9, 82, 95] .text ntkrnlpa.exe!KeSetEvent + 1A9 822E68EC 4 Bytes [50, E4, 82, 95] {PUSH EAX; IN AL, 0x82; XCHG EBP, EAX} .text ntkrnlpa.exe!KeSetEvent + 1C1 822E6904 4 Bytes [32, EB, 82, 95] .text ... ? System32\Drivers\spkv.sys The system cannot find the path specified. ! .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x92E0A320, 0x3DE2A7, 0xE8000020] .text USBPORT.SYS!DllUnload 8BB4641B 5 Bytes JMP 86B0B4E0 ---- User code sections - GMER 1.0.15 ---- ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] C:\Windows\system32\ntdll.dll time/date stamp mismatch; ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] C:\Windows\system32\kernel32.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] USER32.dll!SetScrollInfo + 7A8 76CE7980 4 Bytes [70, 11, 33, 6D] ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] C:\Windows\system32\ntdll.dll time/date stamp mismatch; ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] C:\Windows\system32\kernel32.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] USER32.dll!SetScrollInfo + 7A8 76CE7980 4 Bytes [70, 11, 33, 6D] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00170240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 001702B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00170320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001705C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D30860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00D308D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00D30940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00D309B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00D30A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00D30A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 001706A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 00170710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 001707F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00170860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 001708D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00170940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00D30B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00D30B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 001709B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00D30BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00D30C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00D30CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00D30D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00170B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00170BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D30DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00D30E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00170C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00170CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00170D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00170DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00D30E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00170E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00D30EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00D30F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 77180550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771805C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 77180630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 771806A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 77180710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 77180780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00170E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00170EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771807F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 77180860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 771808D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 77180940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 771809B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 77180A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 77180F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00D40010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00D40080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00D400F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00D40160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00D401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 77340780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 773407F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 77340860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 77340940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00D40240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00D402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D40320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00D40390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 77340A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77340BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77340C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D404E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00D40550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77340CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 77340D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00D405C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00D40630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00D406A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00D40710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00D40780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00D407F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00D40860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77340DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00D408D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77340EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00D40940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00D409B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77340F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00180080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00D40A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D40A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00D40B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00D40B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00D40BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00D40C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00D40CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 00180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 001802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00D40D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 00180320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00D40DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00180390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D40E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00D40E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00D40EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00D40F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00D90010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00D90080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00D900F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00180470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 001804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77340010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA0160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00DA01D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00DA0240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 00DA02B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00DA0320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00DA0390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA06A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00DA0A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00DA0B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00DA0B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00DA0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA0C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00DA0CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 77340010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 77180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 77180390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77340240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 771801D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 77180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 77340320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 77180390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 771801D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 77340010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77340010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 77180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 77180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] 77180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 77180470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA] 77180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] 77180390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[1992] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW] 771801D0 IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74087817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [740DA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7408BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7407F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [740875E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7407E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [740B8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7408DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7407FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7407FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [740771CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7410CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [740AC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7407D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74076853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7407687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2708] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74082AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00170240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 001702B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00170320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001705C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CD0860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00CD08D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00CD0940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00CD09B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00CD0A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00CD0A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 001706A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 00170710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 001707F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00170860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 001708D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00170940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00CD0B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00CD0B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 001709B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00CD0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00CD0C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00CD0CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00CD0D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00170B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00170BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CD0DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00CD0E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00170C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00170CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00170D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00170DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00CD0E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00170E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00CD0EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00CD0F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 77180550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771805C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 77180630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 771806A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 77180710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 77180780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00170E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00170EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771807F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 77180860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 771808D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 77180940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 771809B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 77180A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 77180F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00CE0010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00CE0080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00CE00F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00CE0160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00CE01D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 77340780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 773407F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 77340860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 77340940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00CE0240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00CE02B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CE0320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00CE0390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 77340A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77340BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77340C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CE04E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00CE0550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77340CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 77340D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00CE05C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00CE0630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00CE06A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00CE0710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00CE0780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00CE07F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00CE0860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77340DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00CE08D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77340EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00CE0940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00CE09B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77340F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00180080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00CE0A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CE0A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00CE0B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00CE0B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00CE0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00CE0C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00CE0CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 00180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 001802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00CE0D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 00180320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00CE0DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00180390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CE0E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00CE0E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00CE0EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00CE0F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00CF0010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00CF0080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00CF00F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00180470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 001804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77340010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D00160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00D001D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00D00240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 00D002B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00D00320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00D00390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00D009B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00D00DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00D00E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00D00E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00D00EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D00F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00D10010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77340010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77340080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 77180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 77180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 773402B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 77180160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 771804E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 771800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 773401D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 77180240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 771802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 77180390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77340240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 771801D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 77180400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 773402B0 ---- Devices - GMER 1.0.15 ---- Device 85C371F8 Device Ntfs.sys (NT File System Driver/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl 85C331F8 Device \Driver\usbohci \Device\USBPDO-0 86B8B500 Device \Driver\usbehci \Device\USBPDO-1 86B551F8 AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) Device \Driver\volmgr \Device\HarddiskVolume1 85C331F8 Device \Driver\volmgr \Device\HarddiskVolume2 85C331F8 Device \Driver\cdrom \Device\CdRom0 86B86500 Device \Driver\netbt \Device\NetBt_Wins_Export 871F9500 Device \Driver\Smb \Device\NetbiosSmb 8619A1F8 Device \Driver\nvstor32 \Device\0000005b 85C361F8 Device \Driver\nvstor32 \Device\0000005c 85C361F8 Device \Driver\nvstor32 \Device\RaidPort0 85C361F8 AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) Device \Driver\nvstor32 \Device\RaidPort1 85C361F8 AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) Device \Driver\iScsiPrt \Device\RaidPort2 86C7B500 Device \Driver\USBSTOR \Device\0000006b 872AC1F8 Device \Driver\usbohci \Device\USBFDO-0 86B8B500 Device \Driver\USBSTOR \Device\0000006d 872AC1F8 Device \Driver\usbehci \Device\USBFDO-1 86B551F8 Device \Driver\netbt \Device\NetBT_Tcpip_{2D478241-F0B5-4C66-A95D-92486BAF670C} 871F9500 Device \FileSystem\cdfs \Cdfs 877A2500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 ---- EOF - GMER 1.0.15 ---- |
|
|
|
|
Nov 22 2009, 09:07 PM
Post
#8
|
|
|
bleepin' _temp_ Group: Malware Response Instructor Posts: 13,121 Joined: 25-January 08 From: At home Member No.: 186,120 |
Hi,
please run Combofix: Please download ComboFix from one of these locations: Link 2 Link 3 * IMPORTANT !!! Save ComboFix.exe to your Desktop
 Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:  Click on Yes, to continue scanning for malware. When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply. This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper If you need help, see this link: http://www.bleepingcomputer.com/combofix/how-to-use-combofix regards myrti -------------------- Help request via PM will be ignored, unless I am already helping you. Please use the forums! If I have helped you please consider to to help me continue the malware fight! Thank you!I'll be gone from 30th July - 5th August. Sorry for any incovenience caused. |
|
|
|
|
Nov 23 2009, 01:37 AM
Post
#9
|
|
|
New Member Group: Members Posts: 10 Joined: 11-November 09 Member No.: 401,698 |
Ok here is the ComboFix log
ComboFix 09-11-22.04 - ace 11/23/2009 0:42.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3518.2677 [GMT -5:00] Running from: c:\users\ace\Desktop\ComboFix.exe AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448} SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\ace\AppData\Roaming\inst.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_RKHIT ((((((((((((((((((((((((( Files Created from 2009-10-23 to 2009-11-23 ))))))))))))))))))))))))))))))) . 2009-11-23 06:12 . 2009-11-23 06:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-11-23 04:46 . 2009-11-23 04:46 -------- d-----w- c:\program files\VS Revo Group 2009-11-23 04:36 . 2009-11-23 04:36 -------- d-----w- c:\users\ace\AppData\Local\Adobe 2009-11-22 20:21 . 2009-11-22 20:21 -------- d-----w- c:\users\ace\AppData\Local\Apple 2009-11-22 02:33 . 2009-11-22 02:46 4096 d-----w- c:\program files\TweakVI 2009-11-21 23:26 . 2009-11-21 23:26 -------- d-----w- c:\program files\Secunia 2009-11-21 22:44 . 2009-11-21 22:44 -------- d-----w- c:\program files\Sophos 2009-11-20 22:12 . 2009-11-20 23:53 -------- d-----w- c:\users\ace\AppData\Roaming\QuickScan 2009-11-20 03:08 . 2009-11-20 03:08 -------- d-----w- c:\program files\Auslogics 2009-11-19 04:24 . 2009-11-19 04:24 -------- d-----w- c:\programdata\PC Drivers HeadQuarters 2009-11-17 21:45 . 2009-11-17 21:45 -------- d-----w- c:\program files\InCode Solutions 2009-11-17 01:08 . 2008-02-15 22:25 102400 ----a-w- c:\windows\system32\stacsv.exe 2009-11-17 01:08 . 2008-02-15 22:22 1613824 ----a-w- c:\windows\system32\stlang.dll 2009-11-17 01:06 . 2008-02-15 22:27 330752 ----a-w- c:\windows\system32\drivers\stwrt.sys 2009-11-17 01:06 . 2008-02-15 22:26 328704 ----a-w- c:\windows\system32\stcplx.dll 2009-11-17 01:06 . 2008-02-15 22:25 527872 ----a-w- c:\windows\system32\stapo.dll 2009-11-17 01:06 . 2008-02-15 22:24 150016 ----a-w- c:\windows\system32\st325866.dll 2009-11-17 01:06 . 2008-02-15 22:23 312320 ----a-w- c:\windows\system32\stapi32.dll 2009-11-17 00:49 . 2006-12-01 20:54 626688 -c--a-w- c:\programdata\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\b2rg91xw.1p4\msvcr80.dll 2009-11-17 00:46 . 2009-11-17 00:50 4096 dc-h--w- c:\programdata\{66E2F539-12B6-4870-A500-7689CDE75C5E} 2009-11-16 17:42 . 2009-11-16 17:42 397328 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\oeas.dll 2009-11-16 17:42 . 2009-11-16 17:42 17936 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\kloehk.dll 2009-11-16 17:42 . 2009-11-16 17:42 109072 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll 2009-11-16 17:42 . 2009-11-16 17:42 311312 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\i386\6.0\klif.sys 2009-11-16 01:12 . 2009-11-23 05:16 4096 d-----w- c:\users\ace\AppData\Roaming\vlc 2009-11-15 05:02 . 2009-11-15 23:47 -------- d-----w- c:\users\ace\AppData\Local\Axialis 2009-11-14 00:43 . 2009-11-14 00:43 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll 2009-11-14 00:43 . 2009-11-14 00:43 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll 2009-11-14 00:43 . 2009-11-14 00:43 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll 2009-11-14 00:43 . 2009-11-14 00:43 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll 2009-11-14 00:43 . 2009-11-14 00:43 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll 2009-11-14 00:38 . 2009-11-14 00:38 -------- d--h--we c:\programdata\AVP9 2009-11-14 00:38 . 2009-11-14 00:38 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-11-14 00:38 . 2009-11-14 00:38 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-11-14 00:37 . 2009-11-23 06:26 -------- d-----w- c:\programdata\Kaspersky Lab 2009-11-14 00:37 . 2009-11-14 00:37 -------- d-----w- c:\program files\Kaspersky Lab 2009-11-14 00:36 . 2009-11-14 00:36 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-11-13 00:36 . 2009-11-13 00:36 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys 2009-11-11 23:46 . 2009-11-11 23:46 -------- d-----w- c:\program files\Uninstall Tool 2009-11-10 18:56 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2009-11-10 18:56 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-08 17:52 . 2009-11-08 17:52 -------- d-----w- c:\users\ace\AppData\Roaming\Notepad++ 2009-11-08 17:52 . 2009-11-08 17:52 4096 d-----w- c:\program files\Notepad++ 2009-11-08 05:58 . 2009-11-08 05:58 349156 ----a-w- c:\windows\uninstall Deathwin.exe 2009-11-08 05:02 . 2009-11-08 05:02 -------- d-----w- c:\programdata\RegCure 2009-11-08 05:02 . 2009-11-08 05:07 12288 d-----w- c:\program files\RegCure 2009-11-08 03:48 . 2009-11-17 23:17 4096 d-----w- c:\program files\Free 3D Castle Screensaver 2009-11-07 19:52 . 2009-11-07 19:52 -------- d-----w- c:\users\ace\AppData\Roaming\CleanMyPC Software 2009-11-07 02:13 . 2009-11-07 02:13 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe 2009-11-07 02:13 . 2009-11-07 02:13 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys 2009-11-07 02:13 . 2009-11-19 19:13 4096 d-----w- c:\users\ace\AppData\Roaming\Spyware Terminator 2009-11-07 02:13 . 2009-11-19 19:13 4096 d-----w- c:\programdata\Spyware Terminator 2009-11-07 02:13 . 2009-11-17 01:30 4096 d-----w- c:\program files\Spyware Terminator 2009-11-07 01:59 . 2009-11-07 01:59 -------- d-----w- c:\users\ace\AppData\Roaming\PC Tools 2009-11-06 07:19 . 2009-11-06 07:19 -------- d-----w- c:\users\Default\AppData\Roaming\iolo 2009-11-03 05:58 . 2009-11-03 05:58 -------- d-----w- c:\windows\FreeFireplace 2009-11-03 05:58 . 2009-11-11 23:49 -------- d-----w- c:\programdata\OurScreensavers 2009-11-03 04:39 . 2009-11-03 04:39 -------- d-----w- c:\users\ace\AppData\Roaming\TERMINAL Studio 2009-11-03 04:39 . 2006-02-15 21:26 92216 ----a-w- c:\windows\system32\bass.dll 2009-11-02 20:48 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-02 20:48 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-02 20:48 . 2009-11-02 20:48 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-30 03:24 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-30 03:24 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-30 03:24 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-30 03:24 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-30 03:24 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-30 03:24 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-30 03:24 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-30 03:24 . 2009-08-06 23:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-30 03:24 . 2009-08-06 22:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-28 05:03 . 2009-10-28 05:03 -------- d-----w- c:\program files\Windows Portable Devices 2009-10-28 04:51 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-10-28 04:51 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-10-28 04:49 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-10-28 04:49 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-10-28 04:49 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-10-28 04:47 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe 2009-10-28 04:47 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-10-26 22:02 . 2009-10-26 22:02 -------- d-----w- c:\programdata\XoftSpySE 2009-10-26 21:54 . 2009-10-26 22:02 4096 d-----w- c:\windows\BDOSCAN8 2009-10-26 03:11 . 2009-10-26 03:11 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-10-25 15:14 . 2009-10-25 15:16 -------- d-----w- c:\windows\system32\ca-ES 2009-10-25 15:14 . 2009-10-25 15:15 -------- d-----w- c:\windows\system32\eu-ES 2009-10-25 15:14 . 2009-10-25 15:15 -------- d-----w- c:\windows\system32\vi-VN 2009-10-25 14:58 . 2009-10-25 14:58 -------- d-----w- c:\windows\system32\EventProviders 2009-10-25 14:55 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll 2009-10-25 14:53 . 2009-04-11 06:28 301568 ----a-w- c:\windows\system32\srchadmin.dll 2009-10-25 14:52 . 2009-04-11 06:28 347648 ----a-w- c:\windows\system32\wbem\wbemess.dll 2009-10-25 14:51 . 2009-04-11 06:28 532992 ----a-w- c:\windows\system32\wpcao.dll 2009-10-25 14:50 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll 2009-10-25 14:50 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll 2009-10-25 14:50 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll 2009-10-25 14:50 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll 2009-10-25 14:50 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll 2009-10-25 14:50 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll 2009-10-25 14:50 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll 2009-10-25 14:50 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2009-10-25 14:50 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-10-25 14:50 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-10-25 14:50 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-10-25 05:07 . 2009-10-25 05:07 -------- d-----w- c:\users\ace\AppData\Roaming\MP3SkypeRecorder 2009-10-25 05:06 . 2009-10-25 05:06 375162 ----a-r- c:\users\ace\AppData\Roaming\Microsoft\Installer\{1F1C4668-7767-4109-9B5E-19AD056F2CA0}\_62C7126616B954B0A3B534.exe 2009-10-25 05:06 . 2009-10-25 05:06 375162 ----a-r- c:\users\ace\AppData\Roaming\Microsoft\Installer\{1F1C4668-7767-4109-9B5E-19AD056F2CA0}\_0F7A346F42AC9EA04D958A.exe 2009-10-25 05:06 . 2009-10-25 05:06 4096 d-----w- c:\program files\MP3 Skype Recorder 2009-10-25 04:32 . 2009-11-12 05:28 -------- d-----w- C:\PerfLogs 2009-10-25 04:01 . 2008-01-19 03:33 193024 ----a-w- c:\windows\system32\recdisc.exe 2009-10-25 04:01 . 2008-01-19 03:36 6656 ----a-w- c:\windows\system32\sdspres.dll 2009-10-25 04:01 . 2008-01-19 03:36 28160 ----a-w- c:\windows\system32\sxproxy.dll 2009-10-25 03:59 . 2008-01-19 03:36 105984 ----a-w- c:\windows\system32\shrink.dll 2009-10-25 03:58 . 2008-01-19 03:34 153088 ----a-w- c:\windows\system32\imagehlp.dll 2009-10-25 03:57 . 2008-01-19 03:33 8139264 ----a-w- c:\windows\system32\ssBranded.scr 2009-10-25 03:26 . 2009-10-25 03:26 -------- d-----w- c:\users\ace\AppData\Local\Microsoft Corporation . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-23 05:21 . 2008-06-18 15:29 4096 d-----w- c:\users\ace\AppData\Roaming\uTorrent 2009-11-22 20:21 . 2008-06-18 18:04 4096 d-----w- c:\users\ace\AppData\Roaming\Vso 2009-11-22 19:24 . 2008-06-18 16:27 4096 d-----w- c:\programdata\iolo 2009-11-22 01:13 . 2009-10-16 01:14 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-22 01:02 . 2008-06-18 14:39 4096 d--h--w- c:\program files\InstallShield Installation Information 2009-11-22 01:01 . 2008-10-03 17:54 -------- d-s---w- c:\programdata\Memeo 2009-11-22 01:00 . 2008-06-18 14:42 4096 d-----w- c:\program files\Java 2009-11-21 22:34 . 2008-12-22 20:12 4096 d-----w- c:\users\ace\AppData\Roaming\Skype 2009-11-21 04:35 . 2008-06-18 16:32 518 ----a-w- c:\users\ace\AppData\Roaming\iolo\Registry\Last\restore.bat 2009-11-21 04:01 . 2008-06-18 14:25 4096 d-----w- c:\program files\Roxio 2009-11-21 03:05 . 2008-07-25 16:43 4096 d-----w- c:\users\ace\AppData\Roaming\LimeWire 2009-11-21 02:16 . 2008-06-19 21:27 16384 d-----w- c:\users\ace\AppData\Roaming\dvdcss 2009-11-17 23:11 . 2008-06-18 18:04 -------- d-----w- c:\program files\VSO 2009-11-17 23:11 . 2008-06-18 18:04 47360 ----a-w- c:\users\ace\AppData\Roaming\pcouffin.sys 2009-11-17 23:11 . 2008-06-18 18:04 47360 ----a-w- c:\users\ace\AppData\Roaming\pcouffin.sys 2009-11-17 20:32 . 2008-06-18 16:32 1295 ----a-w- c:\users\ace\AppData\Roaming\iolo\restore.bat 2009-11-17 02:56 . 2009-11-17 00:50 -------- d-----w- c:\programdata\DriverScanner 2009-11-16 17:42 . 2009-10-21 01:35 397328 ----a-w- c:\programdata\AVP9\oeas.dll 2009-11-16 17:42 . 2009-10-21 01:35 109072 ----a-w- c:\programdata\AVP9\mzvkbd3.dll 2009-11-16 17:42 . 2009-10-21 01:34 17936 ----a-w- c:\programdata\AVP9\kloehk.dll 2009-11-13 23:15 . 2008-06-18 16:27 4096 d-----w- c:\users\ace\AppData\Roaming\iolo 2009-11-10 18:59 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-07 01:59 . 2009-04-23 00:51 -------- d-----w- c:\programdata\PC Tools 2009-11-03 01:42 . 2009-10-02 15:46 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-02 20:48 . 2009-05-30 04:41 -------- d-----w- c:\users\ace\AppData\Roaming\Malwarebytes 2009-11-02 20:48 . 2009-05-30 04:41 -------- d-----w- c:\programdata\Malwarebytes 2009-10-30 17:57 . 2009-10-16 01:22 -------- d-----w- c:\programdata\NOS 2009-10-29 04:52 . 2008-06-18 21:53 4096 d-----w- c:\program files\Common Files\Adobe 2009-10-28 05:02 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-10-28 05:02 . 2009-10-28 05:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2009-10-28 05:02 . 2009-10-28 05:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-10-25 15:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-10-25 15:16 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-10-25 15:16 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration 2009-10-25 15:16 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal 2009-10-25 15:16 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery 2009-10-25 15:16 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender 2009-10-25 15:13 . 2009-10-25 15:13 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2009-10-25 05:07 . 2009-04-06 00:57 4096 d-----w- c:\program files\SkypeCallRecorder 2009-10-25 04:20 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-10-25 04:20 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-10-23 01:23 . 2009-03-31 00:02 -------- d-----r- c:\program files\Skype 2009-10-23 01:23 . 2008-09-13 00:23 4096 d-----w- c:\programdata\Skype 2009-10-23 00:39 . 2009-10-23 00:39 -------- d-----w- c:\users\ace\AppData\Roaming\nod32 updater 2009-10-22 22:54 . 2008-09-13 00:26 -------- d-----w- c:\users\ace\AppData\Roaming\skypePM 2009-10-22 21:46 . 2009-10-11 12:11 93096 ----a-w- c:\windows\system32\IncContxMenu.dll 2009-10-22 21:45 . 2009-10-11 12:11 2115496 ----a-w- c:\windows\system32\Incinerator.dll 2009-10-21 01:51 . 2009-10-21 01:51 23624 ----a-w- c:\programdata\AVP9\wmifw.exe 2009-10-21 01:51 . 2009-10-21 01:51 23624 ----a-w- c:\programdata\AVP9\wmias.exe 2009-10-21 01:51 . 2009-10-21 01:51 23624 ----a-w- c:\programdata\AVP9\wmiav.exe 2009-10-21 01:39 . 2009-10-21 01:39 17616 ----a-w- c:\programdata\AVP9\kldw.exe 2009-10-21 01:39 . 2009-10-21 01:39 340456 ----a-w- c:\programdata\AVP9\avp.exe 2009-10-21 01:39 . 2009-10-21 01:39 19472 ----a-w- c:\programdata\AVP9\avp.com 2009-10-21 01:36 . 2009-10-21 01:36 150032 ----a-w- c:\programdata\AVP9\ckahstat.dll 2009-10-21 01:34 . 2009-10-21 01:34 248336 ----a-w- c:\programdata\AVP9\klwtblc.dll 2009-10-21 01:22 . 2009-10-21 01:22 626688 ----a-w- c:\programdata\AVP9\msvcr80.dll 2009-10-21 01:22 . 2009-10-21 01:22 548864 ----a-w- c:\programdata\AVP9\msvcp80.dll 2009-10-21 01:22 . 2009-10-21 01:22 479232 ----a-w- c:\programdata\AVP9\msvcm80.dll 2009-10-21 01:22 . 2009-10-21 01:22 401462 ----a-w- c:\programdata\AVP9\msvcp60.dll 2009-10-21 01:22 . 2009-10-21 01:22 1080656 ----a-w- c:\programdata\AVP9\dbghelp.dll 2009-10-21 01:22 . 2009-10-21 01:22 1019959 ----a-w- c:\programdata\AVP9\mfc42.dll 2009-10-21 01:22 . 2009-10-21 01:22 247312 ----a-w- c:\programdata\AVP9\Load46St.dll 2009-10-20 16:54 . 2009-10-20 16:54 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe 2009-10-19 21:08 . 2009-10-19 21:08 -------- d-----w- c:\program files\MSSOAP 2009-10-19 15:20 . 2008-06-19 11:55 -------- d-----w- c:\users\ace\AppData\Roaming\Lexmark Productivity Studio 2009-10-19 15:15 . 2009-10-19 15:14 69632 d-----w- c:\program files\Lexmark 5000 Series 2009-10-19 13:54 . 2008-06-18 14:21 4096 d-----w- c:\programdata\Lx_cats 2009-10-19 13:39 . 2009-10-19 13:39 -------- d-----w- c:\programdata\McAfee Security Scan 2009-10-19 13:39 . 2009-10-19 13:39 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe 2009-10-19 06:32 . 2009-10-19 06:32 -------- d-----w- c:\program files\uTorrent 2009-10-19 05:59 . 2009-05-06 15:04 4096 d-----w- c:\users\ace\AppData\Roaming\Winamp 2009-10-19 05:59 . 2009-07-22 01:55 4096 d-----w- c:\programdata\Yahoo! Companion 2009-10-19 05:15 . 2009-10-19 04:20 34705 ----a-w- c:\programdata\nvModes.dat 2009-10-19 04:23 . 2008-06-18 20:48 -------- d-----w- c:\programdata\NVIDIA 2009-10-19 04:03 . 2008-09-27 03:54 1356 ----a-w- c:\users\ace\AppData\Local\d3d9caps.dat 2009-10-17 17:52 . 2009-10-17 17:52 4096 d-----w- c:\program files\Desktop Architect 2009-10-15 02:18 . 2009-10-15 02:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-10-15 02:18 . 2009-10-15 02:18 36880 ----a-w- c:\programdata\AVP9\KLIFX86\klbg.sys 2009-10-14 16:12 . 2009-10-14 16:12 311312 ----a-w- c:\programdata\AVP9\KLIFX86\klif.sys 2009-10-12 00:22 . 2009-10-12 00:22 -------- d-----w- c:\program files\Microsoft ATS 2009-10-11 18:35 . 2009-10-11 18:35 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2009-10-11 18:21 . 2008-06-18 15:42 4096 d-----w- c:\programdata\Spybot - Search & Destroy 2009-10-11 12:11 . 2009-10-11 12:11 -------- d-----w- c:\program files\iolo 2009-10-07 13:16 . 2009-10-07 13:16 -------- d-----w- c:\program files\Lexmark Toolbar 2009-10-06 01:00 . 2009-10-06 01:00 -------- d-----w- c:\program files\CCleaner 2009-10-03 00:39 . 2009-10-03 00:39 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys 2009-10-03 00:39 . 2009-10-03 00:39 19472 ----a-w- c:\programdata\AVP9\KLIFX86\klmouflt.sys 2009-10-01 01:02 . 2009-10-28 04:50 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-10-01 01:02 . 2009-10-28 04:50 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-10-01 01:02 . 2009-10-28 04:50 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-10-01 01:02 . 2009-10-28 04:50 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-10-01 01:02 . 2009-10-28 04:50 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-10-01 01:01 . 2009-10-28 04:50 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-10-01 01:01 . 2009-10-28 04:50 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-10-01 01:01 . 2009-10-28 04:50 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-10-01 01:01 . 2009-10-28 04:50 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-10-01 01:01 . 2009-10-28 04:50 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-10-01 01:01 . 2009-10-28 04:50 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-10-01 01:01 . 2009-10-28 04:50 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-10-01 01:01 . 2009-10-28 04:50 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys 2007-02-21 19:49 . 2007-02-21 19:49 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-11-19 289584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iolo Startup"="c:\program files\iolo\Common\Lib\ioloLManager.exe" [2009-10-21 313784] "lxdmmon.exe"="c:\program files\Lexmark 5000 Series\lxdmmon.exe" [2007-07-06 455344] "lxdmamon"="c:\program files\Lexmark 5000 Series\lxdmamon.exe" [2007-06-01 20480] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 340456] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-22 149280] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\AVP9\mzvkbd3.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ """autocheck autochk *"""\0autocheck smrgdf c:\users\ace\AppData\Roaming\iolo\ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Users^ace^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Call Graph.lnk] backup=c:\windows\pss\Call Graph.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^ace^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk] backup=c:\windows\pss\Memeo AutoBackup Launcher.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^ace^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoSync Launcher.lnk] backup=c:\windows\pss\Memeo AutoSync Launcher.lnk.Startup backupExtension=.Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CallGraph HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype Call Recorder HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(  :2a,c2,0f,e8,86,55,ca,01R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [10/14/2009 9:18 PM 36880] R1 ElRawDisk;ElRawDisk;c:\windows\System32\drivers\elrawdsk.sys [6/18/2008 11:30 AM 12800] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [9/14/2009 2:46 PM 21520] R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [11/6/2009 9:13 PM 142592] R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [10/11/2009 7:11 AM 659376] R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [10/11/2009 7:11 AM 659376] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/2/2009 3:48 PM 269648] R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [7/30/2009 10:29 AM 185640] R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\System32\drivers\vrtaucbl.sys [8/17/2009 8:04 PM 40576] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [10/2/2009 7:39 PM 19472] R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [11/2/2009 3:48 PM 19160] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [6/20/2008 2:30 PM 21504] S3 PSI;PSI;c:\windows\System32\drivers\psi_mf.sys [6/17/2009 7:20 AM 12648] S3 VST_DPV;VST_DPV;c:\windows\System32\drivers\VSTDPV3.SYS [11/2/2006 5:25 AM 987648] S3 VSTHWBS2;VSTHWBS2;c:\windows\System32\drivers\VSTBS23.SYS [11/2/2006 5:25 AM 251904] S4 AutoSyncService;Memeo AutoSync ;c:\program files\Memeo\AutoSync\MemeoService.exe [7/6/2007 5:28 PM 31768] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder 2009-11-23 c:\windows\Tasks\RegCure Program Check.job - c:\program files\RegCure\RegCure.exe [2009-11-08 23:58] 2009-11-23 c:\windows\Tasks\RegCure Startup.job - c:\program files\RegCure\RegCure.exe [2009-11-08 23:58] 2009-11-19 c:\windows\Tasks\RegCure.job - c:\program files\RegCure\RegCure.exe [2009-11-08 23:58] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.ask.com?o=15153&l=dis mStart Page = about:blank mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm FF - ProfilePath - c:\users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - component: c:\users\ace\AppData\Roaming\Mozilla\Firefox\Profiles\mqwrmi6i.default\extensions\{82b2e8e1-404d-48d6-9599-c6bb1f1bbe3f}\components\FFExternalAlert.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - (no file) BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) BHO-{d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - (no file) Toolbar-{d84741b3-22e1-4c15-bbd4-6b2ace2f57df} - (no file) Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) WebBrowser-{D84741B3-22E1-4C15-BBD4-6B2ACE2F57DF} - (no file) ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file) SafeBoot-mcmscsvc SafeBoot-MCODS ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-23 01:25 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85C321F8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0x8bbacd24 \Driver\ACPI -> acpi.sys @ 0x8073fd68 IoDeviceObjectType ->\Device\Harddisk0\DR0 ->user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\D61.tmp" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(628) c:\program files\ArcSoft\PhotoImpression 5\share\pihook.dll c:\program files\Roxio\Drag-to-Disc\Shellex.dll c:\windows\system32\DLAAPI_W.DLL c:\program files\Roxio\Drag-to-Disc\ShellRes.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe c:\windows\system32\lxdmcoms.exe c:\program files\MySQL\MySQL Server 5.1\bin\mysqld.exe c:\program files\Spyware Terminator\sp_rsser.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_6fa9efce\STacSV.exe c:\windows\system32\DRIVERS\xaudio.exe c:\windows\ehome\ehmsas.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe . ************************************************************************** . Completion time: 2009-11-23 01:34 - machine was rebooted ComboFix-quarantined-files.txt 2009-11-23 06:34 Pre-Run: 170,612,772,864 bytes free Post-Run: 169,997,959,168 bytes free Current=2 Default=2 Failed=1 LastKnownGood=6 Sets=1,2,5,6 - - End Of File - - AC0D39BD201FD574C9C4546FF1B07F63 |
|
|
|
|
Nov 24 2009, 02:32 PM
Post
#10
|
|
|
bleepin' _temp_ Group: Malware Response Instructor Posts: 13,121 Joined: 25-January 08 From: At home Member No.: 186,120 |
Hi,
the PC looks clean to me. Just to be safe I would like you to run an online scan with Eset: I'd like us to scan your machine with ESET OnlineScan
Please try the following tool to disable unneeded startup item to speed up your PC: Download and Run StartupLite This program will identify and give you the option to remove uneeded startup items to free memory.
regards myrti -------------------- Help request via PM will be ignored, unless I am already helping you. Please use the forums! If I have helped you please consider to to help me continue the malware fight! Thank you!I'll be gone from 30th July - 5th August. Sorry for any incovenience caused. |
|
|
|
button.
to download the ESET Smart Installer. Save it to your desktop.
icon on your desktop.
button.
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
button.
|
Nov 29 2009, 03:28 PM
Post
#11
|
|
|
bleepin' _temp_ Group: Malware Response Instructor Posts: 13,121 Joined: 25-January 08 From: At home Member No.: 186,120 |
Due to lack of feedback, this topic is now Closed
If you need this topic reopened, please send me a PM. Please include the address of this thread in your request. This applies only to the original topic starter. Everyone else please start a new topic. With Regards, myrti -------------------- Help request via PM will be ignored, unless I am already helping you. Please use the forums! If I have helped you please consider to to help me continue the malware fight! Thank you!I'll be gone from 30th July - 5th August. Sorry for any incovenience caused. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 29th July 2010 - 09:39 AM |
© 2003-2010 All Rights Reserved Bleeping Computer LLC.