Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Owner - File Missing (numerous entries)


  • This topic is locked This topic is locked
10 replies to this topic

#1 dafitza

dafitza

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 July 2009 - 05:43 PM

Hello. My nephew was on my computer and when I took it back over I noticed the hard drive being continuously accessed. I ran hijackthis and noticed numerous "file missing" and "unknown user" entries that seemed suspicious. Any help is greatly appreciated.

I am running Vista 64 SP 2.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:35:57 PM, on 7/9/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
O4 - HKLM\..\Run: [OrderReminder] "C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 8974 bytes

Edited by dafitza, 09 July 2009 - 06:05 PM.


BC AdBot (Login to Remove)

 


#2 dafitza

dafitza
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 July 2009 - 06:30 PM

I attempted to delete all entire with (file missing) in the log. Upon reboot Norton detected and blocked "Bloodhound.MBR" which it classified as a heuristic virus. However, the entries with the (file missing) notations are present once more. Here is an new log file.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:45:42 PM, on 7/9/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
O4 - HKLM\..\Run: [OrderReminder] "C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 8974 bytes

#3 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:08:03 PM

Posted 18 July 2009 - 02:31 AM

Hello dafitza and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:03 PM

Posted 23 July 2009 - 01:20 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:03 PM

Posted 23 July 2009 - 04:20 PM

Thread reopened for topic starter. :thumbup2:
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#6 dafitza

dafitza
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 23 July 2009 - 05:44 PM

I dled DDS but it stated it does not support my OS. I am running Vista 64.

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:03 PM

Posted 24 July 2009 - 03:52 PM

Hi dafitza,

Please forgive us for the occasional lapse. 64 Bit is new and some of the most used tools suddenly don't work. If I do post one that isn't compatible then just let me know.

We need to scan for Rootkits with GMER
  • Please download GMER from one of the following locations, and save it to your desktop, please rename it as gamer.exe.
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Close any and all open programs, as this process may crash your computer.
  • Double click Posted Image or Posted Image on your desktop.
  • Allow the gmer.sys driver to load if asked.
  • You may see this window. If you do, click No.
    Posted Image
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.


Then please run OTL (This is the emergency DDS :) )

We need to create an OTL Report
  • Please download OTL from the mirror:
    [http://oldtimer.geekstogo.com/OTL.exe]This is THE Mirror[/url]
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:[list]
    OTListIt.txt <-- Will be opened
    Extra.txt <-- Will be minimized
Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#8 dafitza

dafitza
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 26 July 2009 - 02:22 PM

Thank you very much for your help. To give you some additional background knowledge on the situation, a friend of mine looked at it and found a trojan (according to them) in a TEMP folder located in windows/system 32/. They also had difficulty removing those files I had posted here and evntually resorted to using the recovery disk to attempt to repair the boot sector(?) but was unable to so they rebuilt(?) the boot sector. As least that is my understanding of it. Also, early on in the issue I was viewing "my computer" and a volume icon mysteriously appeared for a drive when no external drives (thumb drives, etc.) were connected to the computer and then disappeared again after a few seconds. Figured I would let you know.

Thank you so much for your help. The gmer scan ended with a "this scan was stopped" and the file was empty so I did not post. Here is the contents of the OTL scan:

OTL logfile created on: 7/26/2009 2:57:47 PM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Users\fitz\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 63.72% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.32 Gb Total Space | 177.48 Gb Free Space | 61.55% Space Free | Partition Type: NTFS
Drive D: | 5.54 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FITZ-PC
Current User Name: fitz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008/11/07 18:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/04/15 20:54:42 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/07/11 20:23:45 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
PRC - [2007/02/12 04:43:44 | 00,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2009/01/26 18:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/07/11 20:23:45 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
PRC - [2008/04/15 20:54:40 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/03/05 19:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/04/29 13:55:24 | 03,338,240 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
PRC - [2008/03/28 21:43:42 | 00,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2009/05/21 11:34:07 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/01/06 17:06:36 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2008/07/29 20:53:18 | 04,917,760 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2009/01/06 17:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2008/02/21 18:02:53 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2009/03/08 07:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe
PRC - [2009/07/26 14:50:26 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\fitz\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/06/11 15:18:30 | 00,024,576 | ---- | M] () -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService [Auto | Running])
SRV:64bit: - [2009/07/15 18:14:52 | 01,038,088 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64 [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 22:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2009/03/30 17:19:56 | 02,297,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc [Auto | Running])
SRV:64bit: - [2008/01/20 22:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV:64bit: - [2007/10/18 18:37:22 | 00,412,672 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService [Auto | Running])
SRV:64bit: - [2006/11/02 07:16:05 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RUNDLL32.EXE -- (yksvc [Auto | Running])
SRV - [2008/11/07 18:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/02/21 18:02:53 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2009/03/30 00:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/03/30 00:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008/01/20 22:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/20 22:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 11:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/07/15 19:58:19 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/02/18 14:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/15 20:54:42 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/02/18 14:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/01/06 17:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/02 05:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running])
SRV - [2008/09/05 15:52:32 | 03,220,856 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2006/11/02 09:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2009/04/11 02:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2009/07/11 20:23:45 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe -- (Norton AntiVirus [Auto | Running])
SRV - [2009/01/06 18:52:04 | 00,255,008 | ---- | M] (NVIDIA) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService [Auto | Running])
SRV - [2007/02/12 04:43:44 | 00,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash [Auto | Running])
SRV - [2008/11/04 04:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/26 18:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running])
SRV - [2009/01/07 19:20:18 | 00,169,504 | ---- | M] (NVIDIA) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService [Auto | Running])
SRV - [2006/11/02 02:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/02 02:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2008/06/27 07:51:10 | 00,088,632 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs [Auto | Running])
DRV:64bit: - [2009/07/11 20:23:48 | 00,332,848 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.sys -- (BHDrvx64 [System | Running])
DRV:64bit: - [2008/03/25 19:47:06 | 00,294,400 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL [On_Demand | Running])
DRV:64bit: - [2009/07/11 20:23:48 | 00,582,704 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\ccHPx64.sys -- (ccHP [System | Running])
DRV:64bit: - [2008/01/20 22:46:51 | 00,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt [On_Demand | Running])
DRV:64bit: - [2008/06/02 03:50:04 | 00,264,192 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService [On_Demand | Running])
DRV:64bit: - [2006/11/02 01:28:10 | 00,273,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:57 | 00,286,720 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV:64bit: - [2008/03/25 19:51:16 | 01,487,872 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV:64bit: - [2008/04/15 20:54:16 | 00,388,120 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV:64bit: - [2006/06/19 01:27:24 | 00,017,024 | ---- | M] (Conexant) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV:64bit: - [2008/11/17 19:50:30 | 04,751,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64 [On_Demand | Running])
DRV:64bit: - [2009/04/30 21:43:34 | 00,081,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA [On_Demand | Running])
DRV:64bit: - [2008/05/13 00:48:38 | 00,062,424 | ---- | M] (O2Micro ) -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR [On_Demand | Running])
DRV:64bit: - [2008/06/11 21:29:30 | 00,051,800 | ---- | M] (O2Micro ) -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR [On_Demand | Running])
DRV:64bit: - [2008/05/20 19:33:36 | 00,028,416 | ---- | M] (Research In Motion Limited) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb [On_Demand | Stopped])
DRV:64bit: - [2007/01/18 15:10:22 | 00,030,336 | ---- | M] (Research in Motion Ltd) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort [On_Demand | Running])
DRV:64bit: - [2008/01/20 22:49:47 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV:64bit: - [2008/01/20 22:46:55 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus [Disabled | Stopped])
DRV:64bit: - [2009/07/11 20:23:49 | 00,476,720 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SRTSP64.SYS -- (SRTSP [On_Demand | Running])
DRV:64bit: - [2009/07/11 20:23:49 | 00,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SRTSPX64.SYS -- (SRTSPX [System | Running])
DRV:64bit: - [2009/07/11 20:23:49 | 00,402,992 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SYMEFA64.SYS -- (SymEFA [Boot | Running])
DRV:64bit: - [2009/07/11 20:23:56 | 00,172,080 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent [On_Demand | Running])
DRV:64bit: - [2009/07/11 20:23:49 | 00,138,288 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SYMFW.SYS -- (SYMFW [On_Demand | Running])
DRV:64bit: - [2009/02/19 15:31:42 | 00,028,720 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM [System | Running])
DRV:64bit: - [2009/07/11 20:23:49 | 00,046,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running])
DRV:64bit: - [2009/07/11 20:23:49 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV:64bit: - [2008/01/17 23:31:30 | 00,320,560 | ---- | M] (Synaptics, Inc.) -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV:64bit: - [2008/01/20 22:50:35 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\umpass.sys -- (UMPass [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:47:27 | 00,168,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo [On_Demand | Running])
DRV:64bit: - [2008/06/26 20:24:20 | 00,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR [On_Demand | Running])
DRV:64bit: - [2008/03/25 19:45:44 | 00,740,864 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV:64bit: - [2007/10/18 18:37:10 | 00,010,240 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio [Auto | Running])
DRV:64bit: - [2008/07/24 13:03:00 | 00,392,192 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64 [On_Demand | Running])
DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2009/07/11 09:02:30 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl [System | Running])
DRV - [2009/07/11 09:02:30 | 00,131,632 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])
DRV - [2009/07/11 15:34:06 | 00,397,360 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090715.003\IDSvia64.sys -- (IDSVia64 [System | Running])
DRV - [2008/06/11 15:13:24 | 00,017,952 | ---- | M] (Acer, Inc.) -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15 [Auto | Running])
DRV - [2006/06/19 01:26:50 | 00,094,208 | ---- | M] (Conexant) -- C:\Windows\SysWow64\mdmxsdk.dll -- (mdmxsdk [Auto | Running])
DRV - [2006/09/18 17:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2009/07/11 09:02:30 | 00,136,752 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090726.005\ENG64.SYS -- (NAVENG [On_Demand | Running])
DRV - [2009/07/11 09:02:30 | 01,461,808 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090726.005\EX64.SYS -- (NAVEX15 [On_Demand | Running])
DRV - [2009/01/06 18:51:58 | 00,040,480 | ---- | M] (NVIDIA Corp.) -- C:\Windows\nvoclk64.sys -- (NVR0Dev [On_Demand | Running])
DRV - [2009/01/07 19:20:16 | 00,040,992 | ---- | M] (NVIDIA Corp.) -- C:\Windows\nvflsh64.sys -- (NVR0FLASHDev [Auto | Running])
DRV - [2006/09/18 17:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...-7805u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 03:00:42 | 00,000,000 | ---D | M]


O1 HOSTS File: (319247 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 10949 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.5.0.134\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\fitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk = C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe (Research In Motion Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.71.230 68.87.73.246
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\Explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/29 22:57:16 | 00,054,544 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/21 18:22:16 | 00,000,045 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{36cf41e9-6c90-11de-a10e-001d72e942af}\Shell - "" = AutoRun
O33 - MountPoints2\{36cf41e9-6c90-11de-a10e-001d72e942af}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{3f00b3e0-5cc0-11de-bbc1-001d72e942af}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{615c05c9-1490-11de-9a04-001d72e942af}\Shell\AutoRun\command - "" = E:\Recycled.exe -- File not found
O33 - MountPoints2\{b8c681fb-cbfd-11dd-9cdb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b8c681fb-cbfd-11dd-9cdb-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2009/04/29 22:57:16 | 00,054,544 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/07/26 14:50:07 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\fitz\Desktop\OTL.exe
[2009/07/26 14:34:27 | 00,286,208 | ---- | C] () -- C:\Users\fitz\Desktop\gmer.exe
[2009/07/24 12:57:37 | 00,000,000 | ---D | C] -- C:\Users\fitz\Documents\RPS Web Site
[2009/07/23 07:28:55 | 00,011,346 | ---- | C] () -- C:\Users\fitz\Documents\ELL Module A Assignment.docx
[2009/07/20 15:23:18 | 00,030,329 | ---- | C] () -- C:\Users\fitz\Documents\Category Training Report.docx
[2009/07/18 22:50:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Macrovision Corporation
[2009/07/18 22:38:59 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\Berlitz
[2009/07/18 17:11:41 | 00,608,768 | ---- | C] () -- C:\Windows\SysWow64\Berlitz.scr
[2009/07/18 17:11:41 | 00,086,870 | ---- | C] () -- C:\Windows\SysWow64\BerlitzSCR.dat
[2009/07/18 17:11:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Berlitz
[2009/07/18 17:10:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Berlitz
[2009/07/18 15:34:03 | 00,023,888 | ---- | C] () -- C:\Users\fitz\AppData\Roaming\UserTile.png
[2009/07/18 15:23:45 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Local\BuildAGadget Content
[2009/07/17 19:30:02 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\Windows SideBar
[2009/07/17 19:20:24 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\App Launcher Gadget
[2009/07/17 12:58:24 | 00,000,000 | ---D | C] -- C:\ProgramData\ALM
[2009/07/17 09:50:28 | 00,000,000 | ---D | C] -- C:\Users\fitz\Documents\My Money
[2009/07/15 23:04:18 | 00,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2009/07/15 20:11:39 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2009/07/15 20:02:56 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2009/07/15 19:58:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/07/15 19:58:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2009/07/15 19:17:38 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\Download Manager
[2009/07/15 18:19:54 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/07/15 18:14:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/07/15 09:44:20 | 00,000,000 | ---D | C] -- C:\Users\fitz\Documents\Community Promise
[2009/07/15 06:12:20 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2009/07/15 06:12:19 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2009/07/15 06:12:18 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009/07/15 06:12:17 | 00,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2009/07/15 06:12:17 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009/07/15 06:12:17 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009/07/15 06:12:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2009/07/15 06:12:17 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2009/07/13 17:43:28 | 01,056,768 | ---- | C] () -- C:\Windows\SysNative\defltbase.sdb
[2009/07/13 17:39:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\WMI Tools
[2009/07/13 17:39:31 | 00,001,955 | ---- | C] () -- C:\Users\fitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk
[2009/07/13 15:04:38 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office Outlook Connector
[2009/07/13 15:03:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2009/07/13 15:02:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2009/07/13 15:01:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/07/13 14:37:07 | 00,000,000 | ---D | C] -- C:\Users\fitz\Documents\CCCleaner Backups
[2009/07/13 14:29:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2009/07/13 14:07:11 | 00,125,008 | ---- | C] () -- C:\MGlogs.zip
[2009/07/11 20:24:11 | 02,015,982 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\Cat.DB
[2009/07/11 20:23:56 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec
[2009/07/11 20:23:49 | 00,476,720 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtsp64.sys
[2009/07/11 20:23:49 | 00,402,992 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymEFA64.sys
[2009/07/11 20:23:49 | 00,310,320 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symtdi.sys
[2009/07/11 20:23:49 | 00,138,288 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symfw.sys
[2009/07/11 20:23:49 | 00,046,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symndisv.sys
[2009/07/11 20:23:49 | 00,044,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symids.sys
[2009/07/11 20:23:49 | 00,043,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symndis.sys
[2009/07/11 20:23:49 | 00,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtspx64.sys
[2009/07/11 20:23:48 | 00,582,704 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\cchpx64.sys
[2009/07/11 20:23:48 | 00,332,848 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.sys
[2009/07/11 20:23:33 | 00,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymEFA.inf
[2009/07/11 20:23:33 | 00,001,837 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\ccHPx64.inf
[2009/07/11 20:23:33 | 00,001,557 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymNet.inf
[2009/07/11 20:23:33 | 00,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtsp64.inf
[2009/07/11 20:23:33 | 00,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtspx64.inf
[2009/07/11 20:23:33 | 00,000,640 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.inf
[2009/07/11 20:23:33 | 00,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\isolate.ini
[2009/07/11 20:23:16 | 00,009,423 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymNet.cat
[2009/07/11 20:23:16 | 00,007,774 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymEFA64.cat
[2009/07/11 20:23:16 | 00,007,376 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtsp64.cat
[2009/07/11 20:23:16 | 00,007,367 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtspx64.cat
[2009/07/11 20:23:16 | 00,007,328 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.CAT
[2009/07/11 20:23:16 | 00,007,311 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\ccHPx64.cat
[2009/07/11 20:23:16 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1005000.086
[2009/07/11 20:23:16 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2009/07/11 20:23:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2009/07/11 20:22:06 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2009/07/10 20:20:19 | 00,000,324 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
[2009/07/10 08:53:43 | 00,000,000 | ---D | C] -- C:\MGtools
[2009/07/10 08:34:38 | 01,343,190 | ---- | C] () -- C:\MGtools.exe
[2009/07/10 08:06:40 | 03,085,805 | -H-- | C] () -- C:\Users\fitz\AppData\Local\IconCache.db
[2009/07/10 02:40:48 | 00,024,576 | ---- | C] () -- C:\BCD_Backup
[2009/07/10 01:54:08 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/07/10 01:53:26 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\SUPERAntiSpyware.com
[2009/07/10 01:50:47 | 42,896,09728 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/10 00:14:05 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\Malwarebytes
[2009/07/10 00:13:52 | 00,022,040 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/07/09 22:09:31 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\CyberLink
[2009/07/09 22:09:31 | 00,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2009/07/09 21:42:48 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/07/09 21:42:48 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/07/09 21:42:48 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/07/09 18:14:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/07/09 16:18:42 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Local\Symantec
[2009/07/09 07:39:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia
[2009/07/09 07:37:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2009/07/08 13:54:55 | 00,017,068 | ---- | C] () -- C:\Users\fitz\Documents\Youth Summit Student Pane1.docx
[2009/07/07 10:42:30 | 00,009,819 | ---- | C] () -- C:\Users\fitz\Documents\MCAS Prep Assessments.xlsx
[2009/07/07 09:02:53 | 00,011,461 | ---- | C] () -- C:\Users\fitz\Documents\High School Now Assessments.xlsx
[2009/07/06 21:42:51 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\Blackberry Desktop
[2009/07/06 21:41:40 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\Research In Motion
[2009/07/06 21:32:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion
[2009/07/06 20:46:15 | 00,000,000 | ---D | C] -- C:\Users\fitz\Documents\css templates
[2009/07/06 15:40:16 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/07/05 22:00:26 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Local\Microsoft Corporation
[2009/07/01 19:58:09 | 00,000,000 | ---D | C] -- C:\Users\fitz\AppData\Roaming\GetRightToGo
[2009/07/01 16:56:47 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2009/07/01 16:56:47 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2009/07/01 16:56:47 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2009/07/01 16:56:47 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2009/07/01 16:56:47 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2009/07/01 16:56:47 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2009/07/01 16:28:41 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2009/07/01 16:23:54 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2009/07/01 16:23:54 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009/07/01 16:23:47 | 02,582,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLsvc.exe
[2009/07/01 16:23:47 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2009/07/01 16:23:46 | 02,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2009/07/01 16:23:46 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2009/07/01 16:23:44 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2009/07/01 16:23:44 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009/07/01 16:23:40 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2009/07/01 16:23:40 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2009/07/01 16:23:40 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2009/07/01 16:23:39 | 04,699,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/07/01 16:23:39 | 02,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2009/07/01 16:23:39 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2009/07/01 16:23:39 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2009/07/01 16:23:39 | 00,019,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2009/07/01 16:23:35 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2009/07/01 16:23:31 | 01,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2009/07/01 16:23:31 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2009/07/01 16:23:31 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2009/07/01 16:23:31 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2009/07/01 16:23:30 | 02,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2009/07/01 16:23:30 | 00,948,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hdaudbus.sys
[2009/07/01 16:23:29 | 01,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2009/07/01 16:23:29 | 01,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009/07/01 16:23:29 | 01,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2009/07/01 16:23:29 | 00,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2009/07/01 16:23:28 | 00,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2009/07/01 16:23:27 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2009/07/01 16:23:27 | 00,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2009/07/01 16:23:26 | 03,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2009/07/01 16:23:26 | 01,688,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2009/07/01 16:23:25 | 01,426,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/07/01 16:23:25 | 00,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmain.dll
[2009/07/01 16:23:24 | 01,515,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ntfs.sys
[2009/07/01 16:23:24 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2009/07/01 16:23:23 | 12,897,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2009/07/01 16:23:21 | 01,582,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2009/07/01 16:23:21 | 00,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2009/07/01 16:23:21 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2009/07/01 16:23:20 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2009/07/01 16:23:20 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2009/07/01 16:23:20 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2009/07/01 16:23:20 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2009/07/01 16:23:19 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2009/07/01 16:23:18 | 03,547,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2009/07/01 16:23:17 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2009/07/01 16:23:17 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2009/07/01 16:23:16 | 03,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2009/07/01 16:23:16 | 01,804,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2009/07/01 16:23:15 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2009/07/01 16:23:15 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2009/07/01 16:23:14 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2009/07/01 16:23:14 | 01,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2009/07/01 16:23:14 | 00,836,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\p2psvc.dll
[2009/07/01 16:23:13 | 02,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2009/07/01 16:23:13 | 01,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2009/07/01 16:23:13 | 00,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2009/07/01 16:23:13 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2009/07/01 16:23:12 | 02,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2009/07/01 16:23:12 | 01,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2009/07/01 16:23:11 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchIndexer.exe
[2009/07/01 16:23:10 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2009/07/01 16:23:10 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2009/07/01 16:23:10 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2009/07/01 16:23:08 | 13,424,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009/07/01 16:23:07 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2009/07/01 16:23:07 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2009/07/01 16:23:06 | 01,915,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2009/07/01 16:23:06 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2009/07/01 16:23:06 | 00,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2009/07/01 16:23:05 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shell32.dll
[2009/07/01 16:23:05 | 03,433,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfsr.exe
[2009/07/01 16:23:05 | 00,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2009/07/01 16:23:05 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2009/07/01 16:23:04 | 00,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2009/07/01 16:23:04 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\p2psvc.dll
[2009/07/01 16:23:03 | 02,607,774 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2009/07/01 16:23:03 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2009/07/01 16:23:03 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2009/07/01 16:23:03 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchIndexer.exe
[2009/07/01 16:23:03 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2009/07/01 16:23:03 | 00,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2009/07/01 16:23:03 | 00,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2009/07/01 16:23:03 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/07/01 16:23:03 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2009/07/01 16:23:03 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2009/07/01 16:23:02 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2009/07/01 16:23:01 | 00,858,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kernel32.dll
[2009/07/01 16:23:01 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2009/07/01 16:23:01 | 00,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv.sys
[2009/07/01 16:23:01 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2009/07/01 16:23:01 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscoree.dll
[2009/07/01 16:23:00 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2009/07/01 16:23:00 | 01,165,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntdll.dll
[2009/07/01 16:23:00 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2009/07/01 16:23:00 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2009/07/01 16:23:00 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2009/07/01 16:23:00 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2009/07/01 16:22:59 | 00,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2009/07/01 16:22:59 | 00,403,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscoree.dll
[2009/07/01 16:22:59 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2009/07/01 16:22:58 | 03,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2009/07/01 16:22:58 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2009/07/01 16:22:58 | 00,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2009/07/01 16:22:58 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2009/07/01 16:22:57 | 02,900,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2009/07/01 16:22:57 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2009/07/01 16:22:57 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2009/07/01 16:22:57 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2009/07/01 16:22:57 | 00,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2009/07/01 16:22:56 | 00,606,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\http.sys
[2009/07/01 16:22:56 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2009/07/01 16:22:56 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
[2009/07/01 16:22:56 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2009/07/01 16:22:56 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2009/07/01 16:22:55 | 10,625,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/07/01 16:22:55 | 01,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2009/07/01 16:22:55 | 01,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2009/07/01 16:22:55 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2009/07/01 16:22:55 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2009/07/01 16:22:55 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2009/07/01 16:22:55 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLC.dll
[2009/07/01 16:22:55 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009/07/01 16:22:54 | 01,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2009/07/01 16:22:54 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2009/07/01 16:22:54 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2009/07/01 16:22:53 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2009/07/01 16:22:53 | 01,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2009/07/01 16:22:53 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2009/07/01 16:22:53 | 01,491,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtsvc.dll
[2009/07/01 16:22:53 | 00,581,632 | ---- | C] (Microsoft) -- C:\Windows\SysNative\IasMigPlugin.dll
[2009/07/01 16:22:53 | 00,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2009/07/01 16:22:53 | 00,049,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009/07/01 16:22:52 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6.dll
[2009/07/01 16:22:52 | 00,738,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndis.sys
[2009/07/01 16:22:52 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2009/07/01 16:22:52 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2009/07/01 16:22:52 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2009/07/01 16:22:51 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2009/07/01 16:22:51 | 01,081,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qmgr.dll
[2009/07/01 16:22:51 | 01,078,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2009/07/01 16:22:51 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2009/07/01 16:22:51 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2009/07/01 16:22:51 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2009/07/01 16:22:50 | 01,064,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2009/07/01 16:22:50 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2009/07/01 16:22:50 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user32.dll
[2009/07/01 16:22:50 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2009/07/01 16:22:50 | 00,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2009/07/01 16:22:50 | 00,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2009/07/01 16:22:50 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2009/07/01 16:22:50 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorShell.dll
[2009/07/01 16:22:49 | 01,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2009/07/01 16:22:49 | 01,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2009/07/01 16:22:49 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ole32.dll
[2009/07/01 16:22:49 | 01,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2009/07/01 16:22:49 | 00,719,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcss.dll
[2009/07/01 16:22:49 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IasMigReader.exe
[2009/07/01 16:22:49 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2009/07/01 16:22:49 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2009/07/01 16:22:48 | 03,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/07/01 16:22:48 | 01,733,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2009/07/01 16:22:48 | 00,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2009/07/01 16:22:48 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2009/07/01 16:22:47 | 01,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2009/07/01 16:22:47 | 01,433,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VSSVC.exe
[2009/07/01 16:22:47 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3.dll
[2009/07/01 16:22:47 | 00,654,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kerberos.dll
[2009/07/01 16:22:47 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2009/07/01 16:22:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2009/07/01 16:22:46 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2009/07/01 16:22:46 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2009/07/01 16:22:46 | 01,357,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2009/07/01 16:22:46 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdi32.dll
[2009/07/01 16:22:46 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2009/07/01 16:22:46 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2009/07/01 16:22:46 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2009/07/01 16:22:45 | 01,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2009/07/01 16:22:45 | 01,650,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browseui.dll
[2009/07/01 16:22:45 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2009/07/01 16:22:45 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2009/07/01 16:22:45 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\IasMigPlugin.dll
[2009/07/01 16:22:45 | 00,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\afd.sys
[2009/07/01 16:22:45 | 00,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009/07/01 16:22:44 | 01,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2009/07/01 16:22:44 | 01,092,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmSvc.dll
[2009/07/01 16:22:44 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2009/07/01 16:22:44 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2009/07/01 16:22:43 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2009/07/01 16:22:43 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009/07/01 16:22:43 | 00,379,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2009/07/01 16:22:43 | 00,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2009/07/01 16:22:43 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcrypt.dll
[2009/07/01 16:22:43 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchProtocolHost.exe
[2009/07/01 16:22:43 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2009/07/01 16:22:43 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchFilterHost.exe
[2009/07/01 16:22:42 | 02,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2009/07/01 16:22:42 | 02,424,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2009/07/01 16:22:42 | 00,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2009/07/01 16:22:42 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2009/07/01 16:22:42 | 00,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2009/07/01 16:22:42 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrecst.dll
[2009/07/01 16:22:41 | 02,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2009/07/01 16:22:41 | 00,843,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedsvc.dll
[2009/07/01 16:22:41 | 00,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiosrv.dll
[2009/07/01 16:22:41 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2009/07/01 16:22:40 | 01,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2009/07/01 16:22:40 | 01,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2009/07/01 16:22:40 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2009/07/01 16:22:40 | 00,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
[2009/07/01 16:22:40 | 00,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2009/07/01 16:22:40 | 00,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2009/07/01 16:22:40 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2009/07/01 16:22:40 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\es.dll
[2009/07/01 16:22:40 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2009/07/01 16:22:40 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2009/07/01 16:22:40 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2009/07/01 16:22:40 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2009/07/01 16:22:39 | 01,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2009/07/01 16:22:39 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2009/07/01 16:22:39 | 00,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2009/07/01 16:22:39 | 00,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2009/07/01 16:22:39 | 00,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2009/07/01 16:22:39 | 00,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2009/07/01 16:22:39 | 00,275,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fltMgr.sys
[2009/07/01 16:22:39 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\es.dll
[2009/07/01 16:22:39 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2009/07/01 16:22:38 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advapi32.dll
[2009/07/01 16:22:38 | 00,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2009/07/01 16:22:38 | 00,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2009/07/01 16:22:38 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2009/07/01 16:22:38 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2009/07/01 16:22:38 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2009/07/01 16:22:38 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2009/07/01 16:22:38 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebClnt.dll
[2009/07/01 16:22:38 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2009/07/01 16:22:38 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2009/07/01 16:22:38 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2009/07/01 16:22:38 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2009/07/01 16:22:37 | 01,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2009/07/01 16:22:37 | 01,570,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2009/07/01 16:22:37 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2009/07/01 16:22:37 | 00,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2009/07/01 16:22:37 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2009/07/01 16:22:37 | 00,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2009/07/01 16:22:37 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2009/07/01 16:22:37 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2009/07/01 16:22:37 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2009/07/01 16:22:36 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2009/07/01 16:22:36 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vssapi.dll
[2009/07/01 16:22:36 | 00,581,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcncsvc.dll
[2009/07/01 16:22:36 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2009/07/01 16:22:36 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srvnet.sys
[2009/07/01 16:22:36 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2009/07/01 16:22:36 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2009/07/01 16:22:35 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2009/07/01 16:22:35 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2009/07/01 16:22:35 | 01,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2009/07/01 16:22:35 | 01,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2009/07/01 16:22:35 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2009/07/01 16:22:35 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2009/07/01 16:22:34 | 00,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2009/07/01 16:22:34 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2009/07/01 16:22:34 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2009/07/01 16:22:34 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2009/07/01 16:22:34 | 00,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32time.dll
[2009/07/01 16:22:34 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009/07/01 16:22:34 | 00,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2009/07/01 16:22:34 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolsv.exe
[2009/07/01 16:22:34 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebClnt.dll
[2009/07/01 16:22:34 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2009/07/01 16:22:33 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2009/07/01 16:22:33 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propsys.dll
[2009/07/01 16:22:33 | 00,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpsvc.dll
[2009/07/01 16:22:33 | 00,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2009/07/01 16:22:33 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2009/07/01 16:22:33 | 00,354,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2009/07/01 16:22:33 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbt.sys
[2009/07/01 16:22:33 | 00,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2009/07/01 16:22:33 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrecst.dll
[2009/07/01 16:22:33 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2009/07/01 16:22:32 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009/07/01 16:22:32 | 01,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2009/07/01 16:22:32 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\crypt32.dll
[2009/07/01 16:22:32 | 00,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2009/07/01 16:22:32 | 00,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2009/07/01 16:22:32 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umpnpmgr.dll
[2009/07/01 16:22:32 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2009/07/01 16:22:31 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupapi.dll
[2009/07/01 16:22:31 | 00,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2009/07/01 16:22:31 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2009/07/01 16:22:30 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2009/07/01 16:22:30 | 00,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2009/07/01 16:22:30 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdbss.sys
[2009/07/01 16:22:29 | 01,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2009/07/01 16:22:29 | 00,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPSSVC.dll
[2009/07/01 16:22:29 | 00,480,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\swprv.dll
[2009/07/01 16:22:29 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2009/07/01 16:22:29 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2009/07/01 16:22:29 | 00,265,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/07/01 16:22:29 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2009/07/01 16:22:28 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2009/07/01 16:22:28 | 00,841,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2009/07/01 16:22:28 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2009/07/01 16:22:28 | 00,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2009/07/01 16:22:28 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shlwapi.dll
[2009/07/01 16:22:28 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2009/07/01 16:22:28 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2009/07/01 16:22:28 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2009/07/01 16:22:28 | 00,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/07/01 16:22:28 | 00,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2009/07/01 16:22:27 | 01,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2009/07/01 16:22:27 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browseui.dll
[2009/07/01 16:22:27 | 00,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
[2009/07/01 16:22:27 | 00,885,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009/07/01 16:22:27 | 00,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2009/07/01 16:22:27 | 00,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2009/07/01 16:22:27 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassdo.dll
[2009/07/01 16:22:27 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbhub.sys
[2009/07/01 16:22:27 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2009/07/01 16:22:26 | 01,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
[2009/07/01 16:22:26 | 00,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2009/07/01 16:22:26 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2009/07/01 16:22:26 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2009/07/01 16:22:25 | 03,662,128 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2009/07/01 16:22:25 | 03,662,128 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2009/07/01 16:22:25 | 02,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2009/07/01 16:22:25 | 00,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2009/07/01 16:22:25 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2009/07/01 16:22:25 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBSTOR.SYS
[2009/07/01 16:22:24 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2009/07/01 16:22:24 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
[2009/07/01 16:22:24 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaut32.dll
[2009/07/01 16:22:24 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2009/07/01 16:22:24 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2009/07/01 16:22:24 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
[2009/07/01 16:22:23 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2009/07/01 16:22:23 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
[2009/07/01 16:22:23 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2009/07/01 16:22:23 | 00,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kerberos.dll
[2009/07/01 16:22:23 | 00,462,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2009/07/01 16:22:23 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENTRT.DLL
[2009/07/01 16:22:23 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winhttp.dll
[2009/07/01 16:22:23 | 00,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mswsock.dll
[2009/07/01 16:22:23 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/07/01 16:22:23 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2009/07/01 16:22:22 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctf.dll
[2009/07/01 16:22:22 | 00,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2009/07/01 16:22:22 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcrt.dll
[2009/07/01 16:22:22 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2009/07/01 16:22:22 | 00,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2009/07/01 16:22:22 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxdav.sys
[2009/07/01 16:22:22 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2009/07/01 16:22:21 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2009/07/01 16:22:21 | 01,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2009/07/01 16:22:21 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2009/07/01 16:22:21 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\emdmgmt.dll
[2009/07/01 16:22:21 | 00,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2009/07/01 16:22:21 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2009/07/01 16:22:20 | 00,992,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2009/07/01 16:22:20 | 00,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2009/07/01 16:22:20 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2009/07/01 16:22:20 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2009/07/01 16:22:20 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2009/07/01 16:22:20 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2009/07/01 16:22:20 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2009/07/01 16:22:20 | 00,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2009/07/01 16:22:20 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll
[2009/07/01 16:22:19 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2009/07/01 16:22:19 | 00,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2009/07/01 16:22:19 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPSECSVC.DLL
[2009/07/01 16:22:19 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2009/07/01 16:22:19 | 00,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
[2009/07/01 16:22:19 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2009/07/01 16:22:18 | 02,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
[2009/07/01 16:22:18 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shdocvw.dll
[2009/07/01 16:22:18 | 00,981,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2009/07/01 16:22:18 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2009/07/01 16:22:17 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2009/07/01 16:22:17 | 00,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDApi.dll
[2009/07/01 16:22:17 | 00,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2009/07/01 16:22:17 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasnap.dll
[2009/07/01 16:22:17 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
[2009/07/01 16:22:16 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2009/07/01 16:22:16 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmSvc.dll
[2009/07/01 16:22:16 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usp10.dll
[2009/07/01 16:22:16 | 00,215,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msiscsi.sys
[2009/07/01 16:22:16 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2009/07/01 16:22:16 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2009/07/01 16:22:15 | 01,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2009/07/01 16:22:15 | 01,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2009/07/01 16:22:14 | 01,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2009/07/01 16:22:14 | 00,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2009/07/01 16:22:14 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2009/07/01 16:22:14 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2009/07/01 16:22:14 | 00,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll
[2009/07/01 16:22:14 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassam.dll
[2009/07/01 16:22:14 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2009/07/01 16:22:14 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2009/07/01 16:22:14 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll
[2009/07/01 16:22:14 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
[2009/07/01 16:22:14 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2009/07/01 16:22:13 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
[2009/07/01 16:22:13 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll
[2009/07/01 16:22:13 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2009/07/01 16:22:13 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wldap32.dll
[2009/07/01 16:22:13 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009/07/01 16:22:13 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2009/07/01 16:22:13 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/07/01 16:22:13 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll
[2009/07/01 16:22:13 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2009/07/01 16:22:12 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2009/07/01 16:22:12 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2009/07/01 16:22:12 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2009/07/01 16:22:12 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds.exe
[2009/07/01 16:22:12 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2009/07/01 16:22:12 | 00,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2009/07/01 16:22:12 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDApi.dll
[2009/07/01 16:22:12 | 00,269,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volsnap.sys
[2009/07/01 16:22:12 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2009/07/01 16:22:12 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
[2009/07/01 16:22:12 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2009/07/01 16:22:12 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2009/07/01 16:22:11 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
[2009/07/01 16:22:11 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2009/07/01 16:22:11 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2009/07/01 16:22:11 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.dll
[2009/07/01 16:22:11 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcncsvc.dll
[2009/07/01 16:22:11 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\services.exe
[2009/07/01 16:22:11 | 00,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2009/07/01 16:22:11 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2009/07/01 16:22:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2009/07/01 16:22:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2009/07/01 16:22:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2009/07/01 16:22:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2009/07/01 16:22:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2009/07/01 16:22:11 | 00,073,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\partmgr.sys
[2009/07/01 16:22:11 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2009/07/01 16:22:11 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2009/07/01 16:22:10 | 01,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2009/07/01 16:22:10 | 00,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2009/07/01 16:22:10 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2009/07/01 16:22:10 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2009/07/01 16:22:10 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2009/07/01 16:22:10 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2009/07/01 16:22:10 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2009/07/01 16:22:09 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2009/07/01 16:22:09 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
[2009/07/01 16:22:09 | 00,514,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecdd.sys
[2009/07/01 16:22:09 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2009/07/01 16:22:09 | 00,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmans.dll
[2009/07/01 16:22:09 | 00,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2009/07/01 16:22:09 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2009/07/01 16:22:09 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskeng.exe
[2009/07/01 16:22:09 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnsapi.dll
[2009/07/01 16:22:09 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2009/07/01 16:22:09 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasl2tp.sys
[2009/07/01 16:22:09 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2009/07/01 16:22:09 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2009/07/01 16:22:08 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2009/07/01 16:22:08 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2009/07/01 16:22:08 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2009/07/01 16:22:08 | 00,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaservc.dll
[2009/07/01 16:22:08 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
[2009/07/01 16:22:08 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2009/07/01 16:22:08 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2009/07/01 16:22:08 | 00,361,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfs.sys
[2009/07/01 16:22:08 | 00,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2009/07/01 16:22:08 | 00,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
[2009/07/01 16:22:08 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2009/07/01 16:22:08 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2009/07/01 16:22:07 | 00,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2009/07/01 16:22:07 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2009/07/01 16:22:07 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2009/07/01 16:22:07 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rsaenh.dll
[2009/07/01 16:22:07 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2009/07/01 16:22:07 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2009/07/01 16:22:07 | 00,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2009/07/01 16:22:07 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiswan.sys
[2009/07/01 16:22:07 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2009/07/01 16:22:07 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2009/07/01 16:22:07 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspptp.sys
[2009/07/01 16:22:07 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2009/07/01 16:22:06 | 00,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2009/07/01 16:22:06 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcomm.dll
[2009/07/01 16:22:06 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netapi32.dll
[2009/07/01 16:22:06 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2009/07/01 16:22:06 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2009/07/01 16:22:06 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2009/07/01 16:22:06 | 00,178,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pci.sys
[2009/07/01 16:22:06 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fundisc.dll
[2009/07/01 16:22:06 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptsvc.dll
[2009/07/01 16:22:06 | 00,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msiexec.exe
[2009/07/01 16:22:06 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2009/07/01 16:22:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2009/07/01 16:22:06 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hidserv.dll
[2009/07/01 16:22:05 | 01,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2009/07/01 16:22:05 | 00,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2009/07/01 16:22:05 | 00,325,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpi.sys
[2009/07/01 16:22:05 | 00,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2009/07/01 16:22:05 | 00,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrad.dll
[2009/07/01 16:22:05 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc6.dll
[2009/07/01 16:22:05 | 00,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2009/07/01 16:22:05 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2009/07/01 16:22:05 | 00,062,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\termdd.sys
[2009/07/01 16:22:05 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2009/07/01 16:22:05 | 00,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2009/07/01 16:22:04 | 01,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2009/07/01 16:22:04 | 01,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2009/07/01 16:22:04 | 00,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
[2009/07/01 16:22:04 | 00,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termsrv.dll
[2009/07/01 16:22:04 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2009/07/01 16:22:04 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2009/07/01 16:22:04 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2009/07/01 16:22:04 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2009/07/01 16:22:04 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
[2009/07/01 16:22:04 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUINotify.dll
[2009/07/01 16:22:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasdatastore.dll
[2009/07/01 16:22:03 | 01,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
[2009/07/01 16:22:03 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2009/07/01 16:22:03 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2009/07/01 16:22:03 | 00,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2009/07/01 16:22:03 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassdo.dll
[2009/07/01 16:22:03 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsvcs.dll
[2009/07/01 16:22:03 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2009/07/01 16:22:03 | 00,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2009/07/01 16:22:03 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imm32.dll
[2009/07/01 16:22:03 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2009/07/01 16:22:03 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msiexec.exe
[2009/07/01 16:22:02 | 02,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2009/07/01 16:22:02 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2009/07/01 16:22:02 | 00,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2009/07/01 16:22:02 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc.dll
[2009/07/01 16:22:02 | 00,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2009/07/01 16:22:02 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasads.dll
[2009/07/01 16:22:02 | 00,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2009/07/01 16:22:01 | 02,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2009/07/01 16:22:01 | 00,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2009/07/01 16:22:01 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2009/07/01 16:22:01 | 00,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
[2009/07/01 16:22:01 | 00,408,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgrx.sys
[2009/07/01 16:22:01 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2009/07/01 16:22:01 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2009/07/01 16:22:01 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2009/07/01 16:22:01 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2009/07/01 16:22:01 | 00,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2009/07/01 16:22:01 | 00,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2009/07/01 16:22:01 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2009/07/01 16:22:01 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
[2009/07/01 16:22:01 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
[2009/07/01 16:22:00 | 01,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2009/07/01 16:22:00 | 01,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2009/07/01 16:22:00 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2009/07/01 16:22:00 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
[2009/07/01 16:22:00 | 00,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
[2009/07/01 16:22:00 | 00,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2009/07/01 16:22:00 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2009/07/01 16:22:00 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc.dll
[2009/07/01 16:22:00 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2009/07/01 16:22:00 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SCardSvr.dll
[2009/07/01 16:22:00 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2009/07/01 16:22:00 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2009/07/01 16:22:00 | 00,059,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mup.sys
[2009/07/01 16:21:59 | 01,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
[2009/07/01 16:21:59 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2009/07/01 16:21:59 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2009/07/01 16:21:59 | 00,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2009/07/01 16:21:59 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2009/07/01 16:21:59 | 00,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansvc.dll
[2009/07/01 16:21:59 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2009/07/01 16:21:59 | 00,310,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msrpc.sys
[2009/07/01 16:21:59 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2009/07/01 16:21:59 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winspool.drv
[2009/07/01 16:21:59 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2009/07/01 16:21:59 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2009/07/01 16:21:59 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2009/07/01 16:21:59 | 00,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2009/07/01 16:21:59 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipfltdrv.sys
[2009/07/01 16:21:58 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2009/07/01 16:21:58 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winlogon.exe
[2009/07/01 16:21:57 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2009/07/01 16:21:57 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2009/07/01 16:21:57 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
[2009/07/01 16:21:57 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/01 16:21:57 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2009/07/01 16:21:57 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2009/07/01 16:21:57 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncrypt.dll
[2009/07/01 16:21:57 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassam.dll
[2009/07/01 16:21:57 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spp.dll
[2009/07/01 16:21:57 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iashlpr.dll
[2009/07/01 16:21:57 | 00,067,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/01 16:21:57 | 00,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2009/07/01 16:21:56 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcomm.dll
[2009/07/01 16:21:56 | 00,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2009/07/01 16:21:56 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2009/07/01 16:21:56 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2009/07/01 16:21:56 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2009/07/01 16:21:56 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2009/07/01 16:21:56 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2009/07/01 16:21:56 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2009/07/01 16:21:56 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2009/07/01 16:21:56 | 00,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2009/07/01 16:21:56 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2009/07/01 16:21:56 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2009/07/01 16:21:55 | 01,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2009/07/01 16:21:55 | 00,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2009/07/01 16:21:55 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2009/07/01 16:21:55 | 00,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2009/07/01 16:21:55 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2009/07/01 16:21:55 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2009/07/01 16:21:55 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2009/07/01 16:21:55 | 00,155,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ecache.sys
[2009/07/01 16:21:55 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2009/07/01 16:21:55 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassvcs.dll
[2009/07/01 16:21:55 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
[2009/07/01 16:21:55 | 00,067,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgr.sys
[2009/07/01 16:21:54 | 01,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2009/07/01 16:21:54 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2009/07/01 16:21:54 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2009/07/01 16:21:54 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2009/07/01 16:21:54 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2009/07/01 16:21:54 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll
[2009/07/01 16:21:54 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvsvc.dll
[2009/07/01 16:21:54 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2009/07/01 16:21:54 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasnap.dll
[2009/07/01 16:21:53 | 01,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2009/07/01 16:21:53 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2009/07/01 16:21:53 | 01,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2009/07/01 16:21:53 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2009/07/01 16:21:53 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll
[2009/07/01 16:21:53 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2009/07/01 16:21:53 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2009/07/01 16:21:53 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
[2009/07/01 16:21:53 | 00,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
[2009/07/01 16:21:52 | 01,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2009/07/01 16:21:52 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswsock.dll
[2009/07/01 16:21:52 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2009/07/01 16:21:52 | 00,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2009/07/01 16:21:52 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2009/07/01 16:21:52 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2009/07/01 16:21:52 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userenv.dll
[2009/07/01 16:21:52 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2009/07/01 16:21:52 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasacct.dll
[2009/07/01 16:21:52 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2009/07/01 16:21:52 | 00,022,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2009/07/01 16:21:52 | 00,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spldr.sys
[2009/07/01 16:21:51 | 03,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2009/07/01 16:21:51 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2009/07/01 16:21:51 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
[2009/07/01 16:21:51 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2009/07/01 16:21:51 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regsvc.dll
[2009/07/01 16:21:51 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmm.dll
[2009/07/01 16:21:51 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2009/07/01 16:21:51 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\exfat.sys
[2009/07/01 16:21:51 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsrslvr.dll
[2009/07/01 16:21:50 | 01,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2009/07/01 16:21:50 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2009/07/01 16:21:50 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2009/07/01 16:21:50 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2009/07/01 16:21:50 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2009/07/01 16:21:50 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tapisrv.dll
[2009/07/01 16:21:50 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2009/07/01 16:21:50 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2009/07/01 16:21:50 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2009/07/01 16:21:50 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2009/07/01 16:21:49 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
[2009/07/01 16:21:49 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\stobject.dll
[2009/07/01 16:21:49 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsvcs.dll
[2009/07/01 16:21:49 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2009/07/01 16:21:49 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2009/07/01 16:21:49 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2009/07/01 16:21:49 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2009/07/01 16:21:49 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apphelp.dll
[2009/07/01 16:21:49 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2009/07/01 16:21:49 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2009/07/01 16:21:49 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2009/07/01 16:21:49 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2009/07/01 16:21:48 | 00,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2009/07/01 16:21:48 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2009/07/01 16:21:48 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2009/07/01 16:21:48 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsound.dll
[2009/07/01 16:21:48 | 00,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioEng.dll
[2009/07/01 16:21:48 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2009/07/01 16:21:48 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3svc.dll
[2009/07/01 16:21:48 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2009/07/01 16:21:48 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscript.exe
[2009/07/01 16:21:48 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2009/07/01 16:21:48 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2009/07/01 16:21:48 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2009/07/01 16:21:48 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2009/07/01 16:21:48 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2009/07/01 16:21:48 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2009/07/01 16:21:48 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasdatastore.dll
[2009/07/01 16:21:48 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
[2009/07/01 16:21:47 | 01,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2009/07/01 16:21:47 | 01,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2009/07/01 16:21:47 | 00,881,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2009/07/01 16:21:47 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
[2009/07/01 16:21:47 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2009/07/01 16:21:47 | 00,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2009/07/01 16:21:47 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2009/07/01 16:21:47 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
[2009/07/01 16:21:47 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2009/07/01 16:21:47 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2009/07/01 16:21:47 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2009/07/01 16:21:47 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2009/07/01 16:21:47 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
[2009/07/01 16:21:47 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2009/07/01 16:21:47 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2009/07/01 16:21:47 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdProxy.dll
[2009/07/01 16:21:47 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2009/07/01 16:21:46 | 00,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
[2009/07/01 16:21:46 | 00,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2009/07/01 16:21:46 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2009/07/01 16:21:46 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
[2009/07/01 16:21:46 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IKEEXT.DLL
[2009/07/01 16:21:46 | 00,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2009/07/01 16:21:46 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2009/07/01 16:21:46 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscript.exe
[2009/07/01 16:21:46 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2009/07/01 16:21:46 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2009/07/01 16:21:46 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2009/07/01 16:21:46 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdx.sys
[2009/07/01 16:21:46 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2009/07/01 16:21:46 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpapi.dll
[2009/07/01 16:21:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iashlpr.dll
[2009/07/01 16:21:46 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2009/07/01 16:21:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2009/07/01 16:21:45 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2009/07/01 16:21:45 | 00,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2009/07/01 16:21:45 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
[2009/07/01 16:21:45 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2009/07/01 16:21:45 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2009/07/01 16:21:45 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasapi32.dll
[2009/07/01 16:21:45 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2009/07/01 16:21:45 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2009/07/01 16:21:45 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrad.dll
[2009/07/01 16:21:45 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2009/07/01 16:21:45 | 00,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2009/07/01 16:21:45 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2009/07/01 16:21:45 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
[2009/07/01 16:21:45 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshbth.dll
[2009/07/01 16:21:45 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
[2009/07/01 16:21:45 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2009/07/01 16:21:44 | 02,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2009/07/01 16:21:44 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2009/07/01 16:21:44 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2009/07/01 16:21:44 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2009/07/01 16:21:44 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
[2009/07/01 16:21:44 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2009/07/01 16:21:44 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2009/07/01 16:21:44 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2009/07/01 16:21:44 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2009/07/01 16:21:44 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
[2009/07/01 16:21:44 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2009/07/01 16:21:44 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbehci.sys
[2009/07/01 16:21:43 | 06,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
[2009/07/01 16:21:43 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2009/07/01 16:21:43 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2009/07/01 16:21:43 | 00,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2009/07/01 16:21:43 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2009/07/01 16:21:43 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2009/07/01 16:21:43 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2009/07/01 16:21:43 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
[2009/07/01 16:21:43 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pacer.sys
[2009/07/01 16:21:43 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassvcs.dll
[2009/07/01 16:21:42 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2009/07/01 16:21:42 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2009/07/01 16:21:42 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2009/07/01 16:21:42 | 00,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2009/07/01 16:21:42 | 00,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2009/07/01 16:21:42 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2009/07/01 16:21:42 | 00,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\udfs.sys
[2009/07/01 16:21:42 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2009/07/01 16:21:42 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2009/07/01 16:21:42 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wanarp.sys
[2009/07/01 16:21:42 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2009/07/01 16:21:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2009/07/01 16:21:41 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2009/07/01 16:21:41 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
[2009/07/01 16:21:41 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2009/07/01 16:21:41 | 00,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2009/07/01 16:21:41 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2009/07/01 16:21:41 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2009/07/01 16:21:41 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2009/07/01 16:21:41 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2009/07/01 16:21:41 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntmarta.dll
[2009/07/01 16:21:41 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powrprof.dll
[2009/07/01 16:21:41 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2009/07/01 16:21:41 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasacct.dll
[2009/07/01 16:21:41 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasads.dll
[2009/07/01 16:21:41 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
[2009/07/01 16:21:41 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
[2009/07/01 16:21:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsbyuv.dll
[2009/07/01 16:21:40 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2009/07/01 16:21:40 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2009/07/01 16:21:40 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2009/07/01 16:21:40 | 00,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2009/07/01 16:21:40 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2009/07/01 16:21:40 | 00,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2009/07/01 16:21:40 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2009/07/01 16:21:40 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2009/07/01 16:21:40 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authz.dll
[2009/07/01 16:21:40 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2009/07/01 16:21:40 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2009/07/01 16:21:40 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
[2009/07/01 16:21:40 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lpk.dll
[2009/07/01 16:21:40 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2009/07/01 16:21:40 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2009/07/01 16:21:39 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2009/07/01 16:21:39 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2009/07/01 16:21:39 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2009/07/01 16:21:39 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2009/07/01 16:21:39 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2009/07/01 16:21:39 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BFE.DLL
[2009/07/01 16:21:39 | 00,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
[2009/07/01 16:21:39 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2009/07/01 16:21:39 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2009/07/01 16:21:39 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2009/07/01 16:21:39 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\npfs.sys
[2009/07/01 16:21:39 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hidserv.dll
[2009/07/01 16:21:39 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
[2009/07/01 16:21:38 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2009/07/01 16:21:38 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2009/07/01 16:21:38 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2009/07/01 16:21:38 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2009/07/01 16:21:38 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\samlib.dll
[2009/07/01 16:21:38 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
[2009/07/01 16:21:38 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2009/07/01 16:21:38 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iaspolcy.dll
[2009/07/01 16:21:38 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
[2009/07/01 16:21:37 | 02,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2009/07/01 16:21:37 | 00,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2009/07/01 16:21:37 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
[2009/07/01 16:21:37 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2009/07/01 16:21:37 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2009/07/01 16:21:37 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tapisrv.dll
[2009/07/01 16:21:37 | 00,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fastfat.sys
[2009/07/01 16:21:37 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
[2009/07/01 16:21:37 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2009/07/01 16:21:37 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2009/07/01 16:21:37 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2009/07/01 16:21:37 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2009/07/01 16:21:37 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2009/07/01 16:21:37 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2009/07/01 16:21:37 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
[2009/07/01 16:21:37 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2009/07/01 16:21:37 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2009/07/01 16:21:36 | 02,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2009/07/01 16:21:36 | 01,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2009/07/01 16:21:36 | 00,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2009/07/01 16:21:36 | 00,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
[2009/07/01 16:21:36 | 00,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2009/07/01 16:21:36 | 00,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
[2009/07/01 16:21:36 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2009/07/01 16:21:36 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
[2009/07/01 16:21:36 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certprop.dll
[2009/07/01 16:21:35 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2009/07/01 16:21:35 | 00,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2009/07/01 16:21:35 | 00,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winhttp.dll
[2009/07/01 16:21:35 | 00,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2009/07/01 16:21:35 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2009/07/01 16:21:35 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2009/07/01 16:21:35 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2009/07/01 16:21:35 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2009/07/01 16:21:35 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2009/07/01 16:21:35 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioSes.dll
[2009/07/01 16:21:35 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2009/07/01 16:21:35 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2009/07/01 16:21:35 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2009/07/01 16:21:35 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpr.dll
[2009/07/01 16:21:35 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
[2009/07/01 16:21:35 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iaspolcy.dll
[2009/07/01 16:21:35 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
[2009/07/01 16:21:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2009/07/01 16:21:35 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
[2009/07/01 16:21:35 | 00,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2009/07/01 16:21:35 | 00,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2009/07/01 16:21:34 | 01,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
[2009/07/01 16:21:34 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
[2009/07/01 16:21:34 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
[2009/07/01 16:21:34 | 00,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2009/07/01 16:21:34 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2009/07/01 16:21:34 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2009/07/01 16:21:34 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
[2009/07/01 16:21:34 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2009/07/01 16:21:34 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
[2009/07/01 16:21:34 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
[2009/07/01 16:21:34 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2009/07/01 16:21:33 | 03,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2009/07/01 16:21:33 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2009/07/01 16:21:33 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
[2009/07/01 16:21:33 | 00,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2009/07/01 16:21:33 | 00,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpwd.sys
[2009/07/01 16:21:33 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2009/07/01 16:21:33 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2009/07/01 16:21:33 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2009/07/01 16:21:33 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2009/07/01 16:21:33 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
[2009/07/01 16:21:33 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
[2009/07/01 16:21:33 | 00,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2009/07/01 16:21:33 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
[2009/07/01 16:21:32 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2009/07/01 16:21:32 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2009/07/01 16:21:32 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
[2009/07/01 16:21:32 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
[2009/07/01 16:21:32 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2009/07/01 16:21:32 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2009/07/01 16:21:32 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2009/07/01 16:21:32 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
[2009/07/01 16:21:32 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2009/07/01 16:21:32 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2009/07/01 16:21:32 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
[2009/07/01 16:21:32 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
[2009/07/01 16:21:32 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
[2009/07/01 16:21:32 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreg.sys
[2009/07/01 16:21:32 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxsms.dll
[2009/07/01 16:21:32 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
[2009/07/01 16:21:31 | 02,535,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSVidCtl.dll
[2009/07/01 16:21:31 | 02,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
[2009/07/01 16:21:31 | 00,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2009/07/01 16:21:31 | 00,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
[2009/07/01 16:21:31 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
[2009/07/01 16:21:31 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2009/07/01 16:21:31 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdmaud.drv
[2009/07/01 16:21:31 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2009/07/01 16:21:31 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2009/07/01 16:21:31 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SCardSvr.dll
[2009/07/01 16:21:31 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rassstp.sys
[2009/07/01 16:21:31 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscsvc.dll
[2009/07/01 16:21:31 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
[2009/07/01 16:21:31 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
[2009/07/01 16:21:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
[2009/07/01 16:21:30 | 01,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2009/07/01 16:21:30 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVidCtl.dll
[2009/07/01 16:21:30 | 00,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2009/07/01 16:21:30 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2009/07/01 16:21:30 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
[2009/07/01 16:21:30 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2009/07/01 16:21:30 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2009/07/01 16:21:30 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2009/07/01 16:21:30 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2009/07/01 16:21:30 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nwifi.sys
[2009/07/01 16:21:30 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
[2009/07/01 16:21:30 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
[2009/07/01 16:21:30 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
[2009/07/01 16:21:29 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2009/07/01 16:21:29 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2009/07/01 16:21:29 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2009/07/01 16:21:29 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
[2009/07/01 16:21:29 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
[2009/07/01 16:21:29 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
[2009/07/01 16:21:29 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2009/07/01 16:21:29 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
[2009/07/01 16:21:29 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2009/07/01 16:21:29 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2009/07/01 16:21:28 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2009/07/01 16:21:28 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2009/07/01 16:21:28 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
[2009/07/01 16:21:28 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2009/07/01 16:21:28 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2009/07/01 16:21:28 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
[2009/07/01 16:21:28 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
[2009/07/01 16:21:28 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2009/07/01 16:21:28 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2009/07/01 16:21:28 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2009/07/01 16:21:27 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2009/07/01 16:21:27 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2009/07/01 16:21:27 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2009/07/01 16:21:27 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2009/07/01 16:21:27 | 00,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2009/07/01 16:21:27 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2009/07/01 16:21:27 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2009/07/01 16:21:27 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2009/07/01 16:21:27 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
[2009/07/01 16:21:27 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2009/07/01 16:21:27 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
[2009/07/01 16:21:27 | 00,072,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ohci1394.sys
[2009/07/01 16:21:27 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
[2009/07/01 16:21:27 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2009/07/01 16:21:26 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkexplorer.dll
[2009/07/01 16:21:26 | 00,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2009/07/01 16:21:26 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2009/07/01 16:21:26 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2009/07/01 16:21:26 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2009/07/01 16:21:26 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2009/07/01 16:21:26 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
[2009/07/01 16:21:26 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2009/07/01 16:21:26 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcsvc.dll
[2009/07/01 16:21:26 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2009/07/01 16:21:26 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2009/07/01 16:21:26 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2009/07/01 16:21:26 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
[2009/07/01 16:21:26 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2009/07/01 16:21:26 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
[2009/07/01 16:21:26 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2009/07/01 16:21:25 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2009/07/01 16:21:25 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2009/07/01 16:21:25 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2009/07/01 16:21:25 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
[2009/07/01 16:21:25 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
[2009/07/01 16:21:25 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2009/07/01 16:21:25 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2009/07/01 16:21:25 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimtf.dll
[2009/07/01 16:21:25 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2009/07/01 16:21:24 | 00,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2009/07/01 16:21:24 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2009/07/01 16:21:24 | 00,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2009/07/01 16:21:24 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2009/07/01 16:21:24 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
[2009/07/01 16:21:24 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olepro32.dll
[2009/07/01 16:21:24 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2009/07/01 16:21:24 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2009/07/01 16:21:24 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009/07/01 16:21:24 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidusb.sys
[2009/07/01 16:21:23 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/07/01 16:21:23 | 00,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2009/07/01 16:21:23 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2009/07/01 16:21:23 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2009/07/01 16:21:23 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2009/07/01 16:21:23 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2009/07/01 16:21:23 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2009/07/01 16:21:23 | 00,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
[2009/07/01 16:21:23 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2009/07/01 16:21:23 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smb.sys
[2009/07/01 16:21:23 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
[2009/07/01 16:21:23 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2009/07/01 16:21:23 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
[2009/07/01 16:21:23 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshbth.dll
[2009/07/01 16:21:23 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2009/07/01 16:21:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2009/07/01 16:21:23 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\version.dll
[2009/07/01 16:21:23 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2009/07/01 16:21:22 | 02,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2009/07/01 16:21:22 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2009/07/01 16:21:22 | 00,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2009/07/01 16:21:22 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
[2009/07/01 16:21:22 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdmaud.drv
[2009/07/01 16:21:22 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2009/07/01 16:21:22 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
[2009/07/01 16:21:22 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
[2009/07/01 16:21:22 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2009/07/01 16:21:22 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2009/07/01 16:21:22 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
[2009/07/01 16:21:22 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2009/07/01 16:21:22 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2009/07/01 16:21:22 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
[2009/07/01 16:21:22 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscapi.dll
[2009/07/01 16:21:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
[2009/07/01 16:21:22 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2009/07/01 16:21:21 | 00,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2009/07/01 16:21:21 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2009/07/01 16:21:21 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2009/07/01 16:21:21 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2009/07/01 16:21:21 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2009/07/01 16:21:21 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2009/07/01 16:21:21 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2009/07/01 16:21:21 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2009/07/01 16:21:21 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
[2009/07/01 16:21:21 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2009/07/01 16:21:21 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
[2009/07/01 16:21:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2009/07/01 16:21:21 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2009/07/01 16:21:21 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2009/07/01 16:21:21 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
[2009/07/01 16:21:21 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2009/07/01 16:21:21 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2009/07/01 16:21:21 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2009/07/01 16:21:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscdll.dll
[2009/07/01 16:21:21 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2009/07/01 16:21:21 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
[2009/07/01 16:21:20 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2009/07/01 16:21:20 | 00,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2009/07/01 16:21:20 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
[2009/07/01 16:21:20 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2009/07/01 16:21:20 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2009/07/01 16:21:20 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2009/07/01 16:21:20 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2009/07/01 16:21:20 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2009/07/01 16:21:20 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2009/07/01 16:21:20 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWCN.dll
[2009/07/01 16:21:20 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tscupgrd.exe
[2009/07/01 16:21:20 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2009/07/01 16:21:20 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2009/07/01 16:21:20 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2009/07/01 16:21:20 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2009/07/01 16:21:20 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
[2009/07/01 16:21:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkitemfactory.dll
[2009/07/01 16:21:20 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
[2009/07/01 16:21:20 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
[2009/07/01 16:21:20 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2009/07/01 16:21:20 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
[2009/07/01 16:21:19 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2009/07/01 16:21:19 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2009/07/01 16:21:19 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2009/07/01 16:21:19 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscupgrd.exe
[2009/07/01 16:21:19 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2009/07/01 16:21:19 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
[2009/07/01 16:21:19 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2009/07/01 16:21:19 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2009/07/01 16:21:19 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2009/07/01 16:21:19 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2009/07/01 16:21:19 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2009/07/01 16:21:19 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2009/07/01 16:21:19 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msacm32.drv
[2009/07/01 16:21:19 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2009/07/01 16:21:19 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
[2009/07/01 16:21:18 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dfsc.sys
[2009/07/01 16:21:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2009/07/01 16:21:18 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
[2009/07/01 16:21:18 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
[2009/07/01 16:21:18 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2009/07/01 16:21:18 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msacm32.drv
[2009/07/01 16:21:18 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
[2009/07/01 16:21:17 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2009/07/01 16:21:17 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2009/07/01 16:21:17 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
[2009/07/01 16:21:17 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2009/07/01 16:21:17 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2009/07/01 16:21:16 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2009/07/01 16:21:16 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/01 16:21:16 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2009/07/01 16:21:16 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2009/07/01 16:21:16 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\midimap.dll
[2009/07/01 16:21:16 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrnr.dll
[2009/07/01 16:21:16 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2009/07/01 16:21:16 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
[2009/07/01 16:21:16 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
[2009/07/01 16:21:16 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2009/07/01 16:21:16 | 00,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2009/07/01 16:21:16 | 00,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2009/07/01 16:21:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\midimap.dll
[2009/07/01 16:21:14 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2009/07/01 16:21:14 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2009/07/01 16:21:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2009/07/01 16:21:14 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2009/07/01 16:21:14 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2009/07/01 16:21:13 | 08,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009/07/01 16:21:13 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/07/01 16:21:13 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspppoe.sys
[2009/07/01 16:21:13 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2009/07/01 16:21:13 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2009/07/01 16:21:13 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2009/07/01 16:21:13 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2009/07/01 16:21:12 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
[2009/07/01 16:21:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
[2009/07/01 16:21:12 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2009/07/01 16:21:12 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2009/07/01 16:21:12 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2009/07/01 16:21:12 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2009/07/01 16:20:52 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2009/07/01 16:20:42 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2009/07/01 16:19:24 | 00,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2009/07/01 16:19:21 | 00,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
[2009/07/01 16:19:21 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2009/07/01 16:19:10 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2009/06/27 09:16:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2009/04/11 20:32:23 | 00,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009/03/09 02:46:29 | 00,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/02/10 14:14:07 | 00,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1018.dll
[2009/02/09 16:47:56 | 00,000,488 | ---- | C] () -- C:\Windows\wininit.ini
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/01/20 22:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 08:34:27 | 00,000,244 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/07/26 14:50:26 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\fitz\Desktop\OTL.exe
[2009/07/26 14:34:33 | 00,286,208 | ---- | M] () -- C:\Users\fitz\Desktop\gmer.exe
[2009/07/26 13:27:16 | 00,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8F8D15C7-D98C-492C-A729-96279E40F60C}.job
[2009/07/26 13:05:55 | 00,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/26 13:05:55 | 00,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/26 11:10:45 | 00,694,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/07/26 11:10:45 | 00,598,588 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/07/26 11:10:45 | 00,102,194 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/07/26 11:07:16 | 00,276,172 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/07/26 11:06:08 | 00,276,172 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/07/26 11:06:02 | 00,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2009/07/26 11:05:57 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/26 11:05:50 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/26 11:05:48 | 42,896,09728 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/25 12:42:31 | 02,015,982 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\Cat.DB
[2009/07/24 13:16:22 | 00,015,597 | ---- | M] () -- C:\Users\fitz\Documents\TO DO.docx
[2009/07/24 11:46:16 | 03,085,805 | -H-- | M] () -- C:\Users\fitz\AppData\Local\IconCache.db
[2009/07/23 07:33:05 | 00,011,346 | ---- | M] () -- C:\Users\fitz\Documents\ELL Module A Assignment.docx
[2009/07/20 20:49:09 | 00,030,329 | ---- | M] () -- C:\Users\fitz\Documents\Category Training Report.docx
[2009/07/20 09:11:14 | 00,005,632 | ---- | M] () -- C:\Users\fitz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/20 06:43:42 | 03,011,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/07/18 15:34:03 | 00,023,888 | ---- | M] () -- C:\Users\fitz\AppData\Roaming\UserTile.png
[2009/07/17 09:18:40 | 00,317,516 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20090717-152851.backup
[2009/07/15 18:21:54 | 00,114,032 | ---- | M] () -- C:\Users\fitz\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/07/15 09:29:05 | 00,011,461 | ---- | M] () -- C:\Users\fitz\Documents\High School Now Assessments.xlsx
[2009/07/14 10:32:22 | 00,009,819 | ---- | M] () -- C:\Users\fitz\Documents\MCAS Prep Assessments.xlsx
[2009/07/13 17:43:29 | 01,056,768 | ---- | M] () -- C:\Windows\SysNative\defltbase.sdb
[2009/07/13 14:19:36 | 00,125,008 | ---- | M] () -- C:\MGlogs.zip
[2009/07/12 10:11:03 | 00,000,488 | ---- | M] () -- C:\Windows\wininit.ini
[2009/07/12 06:00:06 | 00,000,324 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
[2009/07/11 20:23:56 | 00,172,080 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2009/07/11 20:23:56 | 00,007,406 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2009/07/11 20:23:56 | 00,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2009/07/11 20:23:49 | 00,476,720 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtsp64.sys
[2009/07/11 20:23:49 | 00,402,992 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymEFA64.sys
[2009/07/11 20:23:49 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symtdi.sys
[2009/07/11 20:23:49 | 00,138,288 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symfw.sys
[2009/07/11 20:23:49 | 00,046,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symndisv.sys
[2009/07/11 20:23:49 | 00,044,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symids.sys
[2009/07/11 20:23:49 | 00,043,568 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\symndis.sys
[2009/07/11 20:23:49 | 00,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtspx64.sys
[2009/07/11 20:23:48 | 00,582,704 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\cchpx64.sys
[2009/07/11 20:23:48 | 00,332,848 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.sys
[2009/07/11 20:23:33 | 00,003,373 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymEFA.inf
[2009/07/11 20:23:33 | 00,001,837 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\ccHPx64.inf
[2009/07/11 20:23:33 | 00,001,557 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymNet.inf
[2009/07/11 20:23:33 | 00,001,438 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtsp64.inf
[2009/07/11 20:23:33 | 00,001,422 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtspx64.inf
[2009/07/11 20:23:33 | 00,000,640 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.inf
[2009/07/11 20:23:33 | 00,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\isolate.ini
[2009/07/11 20:23:16 | 00,009,423 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymNet.cat
[2009/07/11 20:23:16 | 00,007,774 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\SymEFA64.cat
[2009/07/11 20:23:16 | 00,007,376 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtsp64.cat
[2009/07/11 20:23:16 | 00,007,367 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\srtspx64.cat
[2009/07/11 20:23:16 | 00,007,328 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\BHDrvx64.CAT
[2009/07/11 20:23:16 | 00,007,311 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1005000.086\ccHPx64.cat
[2009/07/10 08:34:42 | 01,343,190 | ---- | M] () -- C:\MGtools.exe
[2009/07/10 02:40:49 | 00,024,576 | ---- | M] () -- C:\BCD_Backup
[2009/07/08 14:24:31 | 00,017,068 | ---- | M] () -- C:\Users\fitz\Documents\Youth Summit Student Pane1.docx
[2009/07/07 11:43:31 | 26,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe
[2009/06/26 21:25:36 | 00,001,955 | ---- | M] () -- C:\Users\fitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk
< End of report >






And here is the extras file. Thanks again!

OTL Extras logfile created on: 7/26/2009 2:57:47 PM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Users\fitz\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 63.72% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.32 Gb Total Space | 177.48 Gb Free Space | 61.55% Space Free | Partition Type: NTFS
Drive D: | 5.54 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FITZ-PC
Current User Name: fitz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = jsfile] -- C:\Program Files (x86)\Macromedia\Dreamweaver MX\Dreamweaver.exe File not found
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = jsfile] -- C:\Program Files (x86)\Macromedia\Dreamweaver MX\Dreamweaver.exe File not found
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = BC 33 FC 47 8F FA C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0056B693-D297-4129-9DBF-44F7809FE79E}" = lport=139 | protocol=6 | dir=in | app=system |
"{0226D6EF-CB74-4DD1-B1D3-A18C3397AD05}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0913087D-7E26-4C3F-9B79-0D04D6DAD57D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0B25A4C4-52FC-4341-842E-16C1DBB3CD05}" = lport=10244 | protocol=6 | dir=in | app=system |
"{1792ADF5-5F89-44CD-830B-4EAD438A9806}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DA6A2F5-5626-4ECF-AAE6-41E16DB07D4C}" = lport=10244 | protocol=6 | dir=in | app=system |
"{2242A7FB-5D90-427E-9D63-15F79331D11A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{308F27A4-4426-4A68-AEC6-D3A35A284FB4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30BC9C6C-E90B-4E25-AB53-9CBBE22C2FCC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{358B993A-D292-4E2A-B22F-96EE47853010}" = rport=10244 | protocol=6 | dir=out | app=system |
"{3850EAC6-7A0B-425A-ABEC-AC65C3B4D216}" = rport=137 | protocol=17 | dir=out | app=system |
"{38A188FF-402E-43D7-90FC-5EE4638A3767}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{39F65370-4BF3-4F43-AC7A-7753880EA954}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43D9A585-2F23-4A97-BA4F-5C6DFEC1B68F}" = lport=3390 | protocol=6 | dir=in | app=system |
"{474D3DC1-8C75-4E60-BBBC-9F49D9F242E6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{47E20063-7C0B-4C74-8918-27005196C5EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4D441E61-D1AE-4F06-9636-8F6FB4CE47BA}" = rport=10244 | protocol=6 | dir=out | app=system |
"{5D27E324-CCE3-49C3-836E-1A1744DCE445}" = rport=445 | protocol=6 | dir=out | app=system |
"{6C6EFB3F-14C6-498C-A251-2FE512FF5C7A}" = lport=3390 | protocol=6 | dir=in | app=system |
"{6CD3A5C3-262E-4184-BDB1-B9938746B3BE}" = rport=138 | protocol=17 | dir=out | app=system |
"{6FF208E3-335F-4F02-BE25-66A26366ED29}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{7452F47F-30BD-4EED-96A8-AEDCF5870C39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{74B70836-2279-4496-9B89-D008D8895A98}" = lport=138 | protocol=17 | dir=in | app=system |
"{81FA1127-AB9C-4D7F-9EFE-2ECEC37B3048}" = lport=2869 | protocol=6 | dir=in | app=system |
"{85E28407-83D0-485D-8856-B58F55099A9C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9693A6C9-5B5C-4BAE-B497-DBBE3B95ED05}" = rport=139 | protocol=6 | dir=out | app=system |
"{9988B433-6C10-4319-8A0C-5A116480181F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9AAEB081-9EBA-4903-8D00-668D6A39E174}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9ABCE405-3FA8-4387-A6F0-2F0903B0D9F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0B1433C-95F1-4D25-BA11-3B8B32D509D6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A461CA01-AF6C-4B48-8165-D76984EFFC7F}" = lport=137 | protocol=17 | dir=in | app=system |
"{A66A70F3-01FA-4FC2-BC90-6326A821B2F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C4F207B6-EC12-42EF-BD88-0BBB4DFC99D5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C704BB0E-E8E2-4CD1-A864-185DB2BF234F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F75D5EC5-1BD5-4E29-8F11-F854A1A18CC9}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DF724C-4984-4C59-A051-9AC663E3A68D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{03B81ABD-D0A8-43BA-B6E6-157C3F58EC9D}" = dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe |
"{0EAC2196-3846-43E1-BFA1-06EE2E6A9FFE}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{18E14161-1D36-40BB-833A-443EC19AE8A5}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{18EC0822-A014-4638-99AB-76B34B603635}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{1E921F78-8B2F-4437-83B8-6C20588B2711}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{2979E665-8B83-4D54-A71B-92322CCE7DA6}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{2A2C40D8-D01C-42A4-95F6-FECB49D4F544}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{3EC839B9-D703-43BF-943F-900AE2307061}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{44CE1A5C-2B63-4F78-88E1-7A80D0155037}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{46BB031A-CF4E-460F-927E-345CB0D5AA70}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4B77AEBD-9142-43BB-B297-4B335F449174}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{5583FE11-F085-4769-BFA8-48F600AF4CBA}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{725198F7-1DE5-4838-B57D-91EBCBA16399}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{84FDBDDF-09C4-48C0-8C55-79C1A5E57E41}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{8722DAB3-2EE6-43EE-8BB3-89AF816D7188}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{942F52D3-22AB-40BE-A991-610D7DC5A48B}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{A4DFB9BB-50B3-42FC-B092-14CDD0C11BC1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A7C77E3B-FF70-44C6-835A-DFA1889EE805}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C0A75D0C-C9A8-4FDE-8E75-E38B3C0E1219}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{C4407098-1A74-4032-9D34-2CCB9B0FA339}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{C495A172-F05C-482B-84E7-428339F729C2}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{C498CC7A-5A41-4792-BC97-6BF1BF96F889}" = dir=in | app=c:\program files (x86)\msn messenger\livecall.exe |
"{C91319F9-4A61-4B27-B798-775D4FD8F050}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{CD854EBD-3A9C-4FDD-8FF5-AA5A2E92E461}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{CFF5DA8F-DBBC-4D3A-84D9-7BC490AE54D9}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{D5D16233-7556-46C9-85BE-0FD621A98710}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EFF9782A-0EAA-4574-8BB6-A91A2506D511}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F29BF80E-6E3C-4156-80C0-63F78B76F8F2}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{F415265B-C94E-4C49-8F6A-8D0912BB7246}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FA9C60A2-E1EE-451F-9036-85D2284873DE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"TCP Query User{1B8AA7F6-EBF8-4957-8E55-D28AEB0DA318}C:\program files (x86)\macromedia\dreamweaver mx\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver mx\dreamweaver.exe |
"TCP Query User{3A35B576-9F43-48DF-B3D5-4F5094EAED19}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{3A8E0452-638E-496F-8E83-1E5D3429A732}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{41374C26-5980-4760-8DA3-485035F0377A}C:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{A9A67AEC-FEDF-4F85-BE72-A496041FFAF9}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{DCB0A0CB-F9ED-4577-91C7-68073E236B2D}C:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{DD7955E7-92F1-45B0-9CFA-116A57486605}C:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"UDP Query User{05F1AC5A-D54E-4018-93A3-04BE68C2D94F}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{44D16AFE-F9A1-4CC3-8900-705BAABF86F0}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{65DA16E5-2D6D-4694-88A8-AE508D85EFCB}C:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"UDP Query User{8842EE7D-5B8A-489B-930B-157FF39F9751}C:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{A1751C3F-9101-4E48-85E3-ED54A64FE111}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{DA8C6CE5-F0EE-449B-BE6F-615FBE32D22C}C:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\fitz\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{DACBAEC8-0612-4252-89E6-24FD5944DD1D}C:\program files (x86)\macromedia\dreamweaver mx\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver mx\dreamweaver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4575935D-9457-4517-8750-2341F4286F5F}" = iTunes
"{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver
"{52784483-7088-4A4C-81E2-808303AD98F5}" = Apple Mobile Device Support
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E3015C78-C196-4039-A279-9959940083DE}" = O2Micro Flash Memory Card Reader Driver (x64)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1CF028E5-705D-4B62-AC1D-A59593B7C0BB}" = Sid Meier's Civilization 4
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25A13826-8E4A-4FBF-AD2B-776447FE9646}" = WMI Tools
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 14
"{27AF7FCD-0070-4F7F-A2FC-92FB2890346E}" = Sid Meier's Civilization 4
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75DEFF32-3985-4ECE-8266-8C3CD3EE84F0}" = Berlitz Before You Know It Flash Cards
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = MacromediaDreamweaver MX
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PUBLISHERR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2007
"{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98DC111A-7C22-4C26-B2A1-E654264DAC1E}" = BlackBerry Desktop Software 4.7
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3B5DDA8-2A4B-419E-B7A9-824B71CD2F8E}" = Berlitz Learning System - Spanish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"BlackBerry_{98DC111A-7C22-4C26-B2A1-E654264DAC1E}" = BlackBerry Desktop Software 4.7
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EADM" = EA Download Manager
"Easy Grade Pro" = Easy Grade Pro
"HijackThis" = HijackThis 2.0.2
"HP OrderReminder" = HP OrderReminder
"HP-LaserJet 1018" = LaserJet 1018
"InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"Money2007b" = Microsoft Money Essentials
"NAV" = Norton AntiVirus
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"PUBLISHERR" = Microsoft Office Publisher 2007 Trial
"STANDARDR" = Microsoft Office Standard 2007
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/20/2009 6:43:52 AM | Computer Name = fitz-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/20/2009 8:10:58 AM | Computer Name = fitz-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/20/2009 2:19:41 PM | Computer Name = fitz-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 3/1/2009 2:31:40 AM | Computer Name = fitz-PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 3/4/2009 10:38:34 PM | Computer Name = fitz-PC | Source = Mcx2Dvcs | ID = 409
Description =

Error - 4/30/2009 1:13:03 AM | Computer Name = fitz-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/9/2009 7:20:28 AM | Computer Name = fitz-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 4/29/2009 6:25:33 PM | Computer Name = fitz-PC | Source = HTTP | ID = 15016
Description =

Error - 4/29/2009 6:25:41 PM | Computer Name = fitz-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/30/2009 6:57:21 AM | Computer Name = fitz-PC | Source = HTTP | ID = 15016
Description =

Error - 4/30/2009 6:57:33 AM | Computer Name = fitz-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/30/2009 6:28:46 PM | Computer Name = fitz-PC | Source = HTTP | ID = 15016
Description =

Error - 4/30/2009 6:28:53 PM | Computer Name = fitz-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/30/2009 10:06:05 PM | Computer Name = fitz-PC | Source = HTTP | ID = 15016
Description =

Error - 4/30/2009 10:06:16 PM | Computer Name = fitz-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/1/2009 10:51:18 AM | Computer Name = fitz-PC | Source = HTTP | ID = 15016
Description =

Error - 5/1/2009 10:51:29 AM | Computer Name = fitz-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:03 PM

Posted 26 July 2009 - 03:58 PM

Hi dafitza,

File missing doesn't mean that they are suspicious, sometimes it is exactly what it says; The file is missing. The registry entry is still present and that can be removed.

I see you are on a 64 bit machine so I will apologise in advance if I get you to run a tool that's not compatible by mistake. It has happened and I can't promise I won't do it again. :thumbup2:

Thanks for the OTL log.

Can you also run MBAM for me.

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.

Thanks. :)
Posted Image
m0le is a proud member of UNITE

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:03 PM

Posted 29 July 2009 - 05:10 PM

Hi dafitza,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:03 PM

Posted 30 July 2009 - 04:57 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :thumbup2:

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users