Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worsening pauses without cpu activity


  • This topic is locked This topic is locked
16 replies to this topic

#1 pshnfry

pshnfry

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 07 August 2009 - 12:15 PM

Hi there Experts ,

I've been working on this over the last three days, some pausing noticed up to a week ago but nothing significant. Steadily worsened up to night before last at which time the pc was almost unuseable. I've done a restore from a system image backup which was about a month old after saving off any significant changes that had happened in the interim (email and photos mailny). Restore ran for approx 30 hours!

Have scanned with Malware Bytes and Trend Micro IS2009 during today. Have then downloaded Spyware Blaster, Spybot S&D and ClamWin and run all of these accross the full system. Have also updated Windows Defender and run a full scan - no results returned.

No hits from Malware Bytes, nothing from Trend Micro other than cookies. Spybot S&D came up with mostly innocuos entries. Several hits with ClamWin, all then dealt with by Trend Micro.

Full hardware diagnostics have been run, WD Diag tool full scan, Memtest 86+, ATI tool artifact scanner and Prime 95 small fft's. I'm confident the hardware is up to scratch.
OS is Vista Ult, SP1. Fully updated. Hardware is DFI X48, Q6700, GTX8800, Gskill Pi 4Gb 1066 kit, 500Gb WD, 1Tb WD, Thermaltake Qfan 850w.

Computer is now useable, but still noted a pause or two in the last half hour.

Have now run DDS, log file and attach follow:


DDS (Ver_09-07-30.01) - NTFSx86
Run by FPFrys at 2:19:31.76 on Sat 08/08/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vistaâ„¢ Ultimate 6.0.6001.1.1252.61.1033.18.3069.1746 [GMT 9.5:30]

AV: Trend Micro Internet Security *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: Trend Micro Internet Security *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\EVGA Precision\EVGAPrecision.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\EVGA Precision\Bundle\OSDServer\RTSS.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\FPFrys\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://192.168.1.10/
uInternet Settings,ProxyServer = proxy.adam.com.au:8080
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [NSLauncher] c:\program files\nokia\nokia software launcher\NSLauncher.exe /startup
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [EVGAPrecision] "c:\program files\evga precision\EVGAPrecisionWrapper.exe" /s
mRun: [KONICA MINOLTA PagePro 1400W STD] c:\windows\system32\MSTMON_Y.EXE STARTUP
mRun: [Quick-Drop] "c:\program files\corel\corel dvd moviefactory 7\corel dvd moviefactory 7\Quick-Drop.exe" WINDOWCALL
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
dRun: [DevconDefaultDB] c:\windows\system32\READREG /SILENT /FAIL=1
dRun: [Nokia.PCSync] "c:\program files\nokia\nokia pc suite 6\PcSync2.exe" /NoDialog
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\fpfrys\appdata\roaming\mozilla\firefox\profiles\ew68uo94.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.adam.com.au/|http://www.dogpile.com/|http://www.valhalla.net.au/forum/index.php|http://www.overclockers.com.au/|http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1221353810&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fmail%2FTodayLight.aspx%3Fn%3D123694929&id=64855|http://www.ebay.com.au/|https://www.paypal.com/au/cgi-bin/webscr?dispatch=5885d80a13c0db1f80512b0980fcab74f8f86a7539c796f1ab7d42731da209a2
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [2007-5-19 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [2007-5-19 55160]
R0 ps7ah4nc;DiRT Synchronization Driver (ps7ah4nc);c:\windows\system32\drivers\ps7ah4nc.sys [2007-8-18 68208]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-2-22 50192]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-8-7 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-2-22 677128]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr61.sys [2007-9-28 316928]
R3 RTCore32;RTCore32;c:\program files\evga precision\RTCore32.sys [2005-5-26 4608]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?]
S3 NANMp50;NANMp50 NDIS Protocol Driver;c:\windows\system32\drivers\NANMp50.sys [2008-12-26 28224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-2-1 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-2-1 8320]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2008-3-30 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2008-3-30 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2008-3-30 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2008-3-30 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2008-3-30 98568]

=============== Created Last 30 ================

2009-08-07 20:32 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-08-07 20:32 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-08-07 20:32 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-08-07 20:30 <DIR> --d----- c:\users\fpfrys\appdata\roaming\.clamwin
2009-08-07 20:30 <DIR> --d----- c:\programdata\.clamwin
2009-08-07 20:30 <DIR> --d----- c:\program files\ClamWin
2009-08-07 20:30 <DIR> --d----- c:\progra~2\.clamwin
2009-08-07 08:05 <DIR> --d----- c:\users\fpfrys\appdata\roaming\WinPatrol
2009-08-07 08:05 <DIR> --d----- c:\program files\BillP Studios
2009-08-07 07:57 1,220,120 a------- c:\windows\system32\drivers\vsapint.sys
2009-08-07 07:57 225,296 a------- c:\windows\system32\drivers\tmxpflt.sys
2009-08-07 07:57 36,368 a------- c:\windows\system32\drivers\tmpreflt.sys

==================== Find3M ====================

2009-08-07 22:02 86,016 a------- c:\windows\inf\infpub.dat
2009-08-07 22:02 143,360 a------- c:\windows\inf\infstrng.dat
2009-08-07 22:02 143,360 a------- c:\windows\inf\infstor.dat
2009-07-22 07:22 915,456 a------- c:\windows\system32\wininet.dll
2009-07-22 07:17 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-22 07:17 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-22 05:43 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-06-16 00:54 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-16 00:50 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-16 00:50 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 22:22 289,792 a------- c:\windows\system32\atmfd.dll
2009-06-05 17:17 262,144 a------- C:\ntuser.dat
2009-05-31 22:44 92,064 a------- c:\users\fpfrys\mqdmmdm.sys
2009-05-31 22:44 79,328 a------- c:\users\fpfrys\mqdmserd.sys
2009-05-31 22:44 66,656 a------- c:\users\fpfrys\mqdmbus.sys
2009-05-31 22:44 25,600 a------- c:\users\fpfrys\usbsermptxp.sys
2009-05-31 22:44 22,768 a------- c:\users\fpfrys\usbsermpt.sys
2009-05-31 22:44 9,232 a------- c:\users\fpfrys\mqdmmdfl.sys
2009-05-31 22:44 6,208 a------- c:\users\fpfrys\mqdmcmnt.sys
2009-05-31 22:44 5,936 a------- c:\users\fpfrys\mqdmwhnt.sys
2009-05-31 22:44 4,048 a------- c:\users\fpfrys\mqdmcr.sys
2009-02-02 19:43 87,608 a------- c:\users\fpfrys\appdata\roaming\inst.exe
2009-02-02 19:43 47,360 a------- c:\users\fpfrys\appdata\roaming\pcouffin.sys
2008-07-27 16:10 22,328 a------- c:\users\fpfrys\appdata\roaming\PnkBstrK.sys
2008-06-12 20:12 665,600 a------- c:\windows\inf\drvindex.dat
2008-03-24 11:12 174 a--sh--- c:\program files\desktop.ini
2006-11-02 22:10 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 22:10 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 22:10 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 22:10 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 18:50 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 18:50 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 18:50 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 18:50 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-02-22 05:20 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 2:20:50.20 ===============

Cheers,

Attached Files


Edited by pshnfry, 07 August 2009 - 12:17 PM.


BC AdBot (Login to Remove)

 


#2 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 17 August 2009 - 06:52 AM

Well I waited > 9 days - pc was unusable 2 hours after the post above. Unplugged the hard drives and loaded Vista back onto a spare drive as a temporary measure so I could preserve what I had in relation to the post above.

Can't continue like that for long, recovery strategies going into place now.

This can be closed, if whatever it is survives on one of my data drives or in one of my other backups I'll research it elsewhere.

#3 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 17 August 2009 - 08:58 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#4 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 23 August 2009 - 08:25 AM

Fresh load and drivers and updates. Soon as I plugged in a data drive from the old install and attempted to scan it using Nod32 pc froze. Hard restart, unplugged the drive and ran the tools.

======================================================================================================================


DDS (Ver_09-07-30.01) - NTFSx86
Run by Main at 22:24:18.98 on Sun 23/08/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.61.1033.18.3069.2014 [GMT 9.5:30]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Main\Desktop\dds.pif
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\main\appdata\roaming\mozilla\firefox\profiles\eoqg5il2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.adam.com.au/|http://www.banksa.com.au/|http://www.overclockers.com.au/|http://www.staticice.com.au/|http://www.three.com.au/|http://www.ebay.com.au/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-5-14 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-5-14 94360]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-5-14 731840]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr61.sys [2009-8-22 316928]

=============== Created Last 30 ================

2009-08-23 18:09 32,656 a------- c:\windows\system32\msonpmon.dll
2009-08-23 18:08 <DIR> --d----- c:\windows\PCHEALTH
2009-08-23 18:06 <DIR> --d----- c:\programdata\Microsoft Help
2009-08-23 17:50 <DIR> --d----- c:\users\main\appdata\roaming\NewsLeecher
2009-08-23 17:50 <DIR> --d----- c:\program files\NewsLeecher
2009-08-23 17:39 <DIR> --d----- c:\program files\QuickPar
2009-08-23 16:45 <DIR> --d----- c:\windows\system32\eu-ES
2009-08-23 16:45 <DIR> --d----- c:\windows\system32\ca-ES
2009-08-23 16:45 <DIR> --d----- c:\windows\system32\vi-VN
2009-08-23 16:42 <DIR> --d----- c:\windows\system32\SPReview
2009-08-23 16:33 869,888 a------- c:\windows\system32\printui.dll
2009-08-23 16:31 <DIR> --d----- c:\windows\system32\EventProviders
2009-08-23 11:38 <DIR> --d----- c:\windows\Panther
2009-08-23 11:38 8,192 a--s-r-- C:\BOOTSECT.BAK
2009-08-23 11:38 333,257 a--shr-- C:\bootmgr
2009-08-23 11:38 <DIR> --dsh--- C:\Boot
2009-08-23 11:38 32 a---hr-- c:\windows\DELL_VERSION
2009-08-23 11:38 <DIR> --d----- c:\windows\system32\OEM
2009-08-23 01:52 <DIR> --d----- c:\users\main\appdata\roaming\Auslogics
2009-08-23 01:44 18,904 a------- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-08-23 01:44 11,967,524 a------- c:\windows\system32\korwbrkr.lex
2009-08-23 01:35 4,152,184 a------- c:\windows\system32\wgaer_m.exe
2009-08-23 01:35 1,303 a------- c:\windows\system32\WGAScanner.xml
2009-08-23 00:18 41,984 a------- c:\windows\system32\netfxperf.dll
2009-08-23 00:17 6,656 a------- c:\windows\system32\kbd106n.dll
2009-08-23 00:12 1,259,008 a------- c:\windows\system32\lsasrv.dll
2009-08-23 00:12 499,712 a------- c:\windows\system32\kerberos.dll
2009-08-23 00:12 270,848 a------- c:\windows\system32\schannel.dll
2009-08-23 00:12 218,624 a------- c:\windows\system32\msv1_0.dll
2009-08-23 00:12 175,104 a------- c:\windows\system32\wdigest.dll
2009-08-23 00:12 439,864 a------- c:\windows\system32\drivers\ksecdd.sys
2009-08-23 00:12 72,704 a------- c:\windows\system32\secur32.dll
2009-08-23 00:12 9,728 a------- c:\windows\system32\lsass.exe
2009-08-23 00:01 <DIR> --d----- c:\program files\JAM Software
2009-08-23 00:01 <DIR> --d----- c:\programdata\DVD Shrink
2009-08-23 00:01 <DIR> --d----- c:\program files\DVD Shrink
2009-08-23 00:00 <DIR> --d----- c:\program files\Auslogics
2009-08-22 23:56 <DIR> --d----- c:\program files\SpeedFan
2009-08-22 23:56 45 a------- c:\windows\system32\initdebug.nfo
2009-08-22 23:56 <DIR> --d----- c:\users\main\appdata\roaming\Foxit
2009-08-22 23:56 <DIR> --d----- c:\program files\Foxit Software
2009-08-22 23:53 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-08-22 23:42 <DIR> --d----- C:\PerfLogs
2009-08-22 23:19 193,024 a------- c:\windows\system32\recdisc.exe
2009-08-22 23:19 6,656 a------- c:\windows\system32\sdspres.dll
2009-08-22 23:16 442,368 a------- c:\windows\system32\filemgmt.dll
2009-08-22 23:16 131,072 a------- c:\windows\system32\fde.dll
2009-08-22 23:16 64,512 a------- c:\windows\system32\findnetprinters.dll
2009-08-22 23:16 58,936 a------- c:\windows\system32\drivers\fileinfo.sys
2009-08-22 23:16 27,648 a------- c:\windows\system32\drivers\filetrace.sys
2009-08-22 23:16 23,040 a------- c:\windows\system32\fmifs.dll
2009-08-22 23:16 13,312 a------- c:\windows\system32\fdPHost.dll
2009-08-22 23:13 17,408 a------- c:\windows\system32\drivers\asyncmac.sys
2009-08-22 23:12 705,536 a------- c:\windows\system32\imagesp1.dll
2009-08-22 23:11 174,080 a------- c:\windows\system32\wbem\wbemtest.exe
2009-08-22 22:52 2,034,688 a------- c:\windows\system32\win32k.sys
2009-08-22 22:52 289,792 a------- c:\windows\system32\atmfd.dll
2009-08-22 22:52 156,672 a------- c:\windows\system32\t2embed.dll
2009-08-22 22:52 72,704 a------- c:\windows\system32\fontsub.dll
2009-08-22 22:52 34,304 a------- c:\windows\system32\atmlib.dll
2009-08-22 22:52 23,552 a------- c:\windows\system32\lpk.dll
2009-08-22 22:52 10,240 a------- c:\windows\system32\dciman32.dll
2009-08-22 22:52 71,680 a------- c:\windows\system32\atl.dll
2009-08-22 22:52 160,256 a------- c:\windows\system32\wkssvc.dll
2009-08-22 22:51 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-08-22 22:51 136,192 a------- c:\windows\system32\aaclient.dll
2009-08-22 22:51 53,248 a------- c:\windows\system32\tsgqec.dll
2009-08-22 22:50 623,616 a------- c:\windows\system32\localspl.dll
2009-08-22 22:49 91,136 a------- c:\windows\system32\avifil32.dll
2009-08-22 22:47 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-08-22 22:47 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-08-22 22:47 7,680 a------- c:\windows\system32\spwmp.dll
2009-08-22 22:47 4,096 a------- c:\windows\system32\msdxm.ocx
2009-08-22 22:47 4,096 a------- c:\windows\system32\dxmasf.dll
2009-08-22 22:47 43,520 a------- c:\windows\system32\msdxm.tlb
2009-08-22 22:47 18,432 a------- c:\windows\system32\amcompat.tlb
2009-08-22 22:47 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-08-22 22:32 <DIR> --d----- c:\windows\CheckSur
2009-08-22 22:25 589,824 a------- c:\windows\SPInstall.etl
2009-08-22 22:15 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-08-22 22:14 83,456 a------- c:\windows\system32\wudriver.dll
2009-08-22 22:14 162,064 a------- c:\windows\system32\wuwebv.dll
2009-08-22 22:14 31,232 a------- c:\windows\system32\wuapp.exe
2009-08-22 22:05 316,928 a------- c:\windows\system32\drivers\netr61.sys
2009-08-22 22:05 <DIR> --d----- c:\users\main\{70a35194-d6aa-4c14-bab1-9302daf4920a}
2009-08-22 22:05 <DIR> --d----- c:\program files\RALINK
2009-08-22 21:53 <DIR> --d----- c:\programdata\ESET
2009-08-22 21:53 <DIR> --d----- c:\program files\ESET
2009-08-22 21:53 <DIR> --dsh--- c:\windows\Installer
2009-08-22 21:29 <DIR> --d----- c:\programdata\NVIDIA
2009-08-22 19:42 753,664 a------- c:\windows\system32\nvcplui.exe
2009-08-22 19:42 413,696 a------- c:\windows\system32\nvcpl.cpl
2009-08-22 19:42 307,200 a------- c:\windows\system32\nvexpbar.dll
2009-08-22 19:42 356,352 a------- c:\windows\system32\NVUNINST.EXE
2009-08-22 19:41 <DIR> --d----- C:\NVIDIA
2009-08-22 19:37 53,248 a------- c:\windows\system32\CSVer.dll
2009-08-22 19:37 <DIR> --d----- C:\Intel
2009-08-22 19:34 <DIR> --d----- c:\users\Main

==================== Find3M ====================

2009-08-23 16:49 51,200 a------- c:\windows\inf\infpub.dat
2009-08-23 16:49 86,016 a------- c:\windows\inf\infstrng.dat
2009-08-23 16:49 86,016 a------- c:\windows\inf\infstor.dat
2009-08-23 16:44 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-22 23:49 174 a--sh--- c:\program files\desktop.ini
2009-08-22 23:33 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-08-22 23:33 82,432 a------- c:\windows\system32\axaltocm.dll
2009-07-22 07:22 915,456 a------- c:\windows\system32\wininet.dll
2009-07-22 07:17 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-22 07:17 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-22 05:43 133,632 a------- c:\windows\system32\ieUnatt.exe
2006-11-02 22:10 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 22:10 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 22:10 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 22:10 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 18:50 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 18:50 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 18:50 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 18:50 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-02-22 05:20 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 22:24:32.41 ===============

Attached Files



#5 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:07 PM

Posted 27 August 2009 - 08:08 AM

Hi pshnfry,



Welcome to BleepingComputer HijackThis Logs and Malware Removal, :thumbup2:
My name is sundavis, I will be helping you to deal with your Malware problems today.


Step1

Please download GMER Rootkit Scanner from Here or Here.
  • Extract the contents of the zipped file to desktop.
  • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish. For more info, go to Here for your reference.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" , and copy and paste the contents in your next reply.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries



Step2
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

In your next reply, please post back:


1.GMER log
2.RSIT log.txt and info.txt. Thanks.

#6 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 August 2009 - 04:35 AM

GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-28 18:42:02
Windows 6.0.6002 Service Pack 2


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)

---- Threads - GMER 1.0.15 ----

Thread System [4:368] 86651790

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet002\Control@WaitToKillServiceTimeout 20000
Reg HKLM\SYSTEM\ControlSet002\Control@CurrentUser USERNAME
Reg HKLM\SYSTEM\ControlSet002\Control@PreshutdownOrder wuauserv?gpsvc?trustedinstaller?
Reg HKLM\SYSTEM\ControlSet002\Control@SystemStartOptions /NOEXECUTE=OPTIN
Reg HKLM\SYSTEM\ControlSet002\Control@SystemBootDevice multi(0)disk(0)rdisk(0)partition(1)
Reg HKLM\SYSTEM\ControlSet002\Control@FirmwareBootDevice multi(0)disk(0)rdisk(0)partition(1)

---- EOF - GMER 1.0.15 ----
==============================================================================================================

Logfile of random's system information tool 1.06 (written by random/random)
Run by Main at 2009-08-28 18:43:43
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 434 GB (91%) free of 477 GB
Total RAM: 3069 MB (63% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-11 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-11 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-11 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-08-28 18:43:43 ----D---- C:\rsit
2009-08-28 18:43:43 ----D---- C:\Program Files\trend micro
2009-08-23 23:24:40 ----AD---- C:\ProgramData\TEMP
2009-08-23 23:22:03 ----D---- C:\Users\Main\AppData\Roaming\Malwarebytes
2009-08-23 23:21:59 ----D---- C:\ProgramData\Malwarebytes
2009-08-23 23:21:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-23 23:20:51 ----D---- C:\Program Files\SpywareBlaster
2009-08-23 23:17:17 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-23 23:17:17 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-23 21:41:39 ----A---- C:\Windows\ntbtlog.txt
2009-08-23 18:09:04 ----A---- C:\Windows\system32\msonpmon.dll
2009-08-23 18:08:37 ----D---- C:\Program Files\Microsoft Works
2009-08-23 18:08:25 ----D---- C:\Program Files\Common Files\DESIGNER
2009-08-23 18:08:16 ----D---- C:\Windows\PCHEALTH
2009-08-23 18:08:16 ----D---- C:\Program Files\Microsoft.NET
2009-08-23 18:06:42 ----D---- C:\ProgramData\Microsoft Help
2009-08-23 18:06:42 ----D---- C:\Program Files\Microsoft Office
2009-08-23 18:06:22 ----RHD---- C:\MSOCache
2009-08-23 17:50:14 ----D---- C:\Users\Main\AppData\Roaming\NewsLeecher
2009-08-23 17:50:11 ----D---- C:\Program Files\NewsLeecher
2009-08-23 17:40:19 ----D---- C:\Program Files\7-Zip
2009-08-23 17:39:59 ----D---- C:\Program Files\QuickPar
2009-08-23 17:38:06 ----D---- C:\Users\Main\AppData\Roaming\Macromedia
2009-08-23 17:38:06 ----D---- C:\Users\Main\AppData\Roaming\Adobe
2009-08-23 17:38:02 ----D---- C:\Windows\system32\Macromed
2009-08-23 16:45:18 ----D---- C:\Windows\system32\eu-ES
2009-08-23 16:45:18 ----D---- C:\Windows\system32\ca-ES
2009-08-23 16:45:12 ----D---- C:\Windows\system32\vi-VN
2009-08-23 16:42:27 ----D---- C:\Windows\system32\SPReview
2009-08-23 16:34:50 ----A---- C:\Windows\system32\scavenge.dll
2009-08-23 16:34:45 ----A---- C:\Windows\system32\compcln.exe
2009-08-23 16:34:10 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-08-23 16:34:10 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-08-23 16:34:10 ----A---- C:\Windows\system32\secproc_isv.dll
2009-08-23 16:34:10 ----A---- C:\Windows\system32\secproc.dll
2009-08-23 16:34:10 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-08-23 16:34:10 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-08-23 16:34:10 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-08-23 16:34:10 ----A---- C:\Windows\system32\sdohlp.dll
2009-08-23 16:34:09 ----A---- C:\Windows\system32\sdclt.exe
2009-08-23 16:34:09 ----A---- C:\Windows\system32\samlib.dll
2009-08-23 16:34:09 ----A---- C:\Windows\system32\rwinsta.exe
2009-08-23 16:34:09 ----A---- C:\Windows\system32\rtutils.dll
2009-08-23 16:34:09 ----A---- C:\Windows\system32\rtffilt.dll
2009-08-23 16:34:09 ----A---- C:\Windows\system32\rsaenh.dll
2009-08-23 16:34:09 ----A---- C:\Windows\system32\rrinstaller.exe
2009-08-23 16:34:09 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-08-23 16:34:08 ----A---- C:\Windows\system32\rpcss.dll
2009-08-23 16:34:08 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-08-23 16:34:08 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-08-23 16:34:08 ----A---- C:\Windows\system32\RMActivate.exe
2009-08-23 16:34:08 ----A---- C:\Windows\system32\riched20.dll
2009-08-23 16:34:07 ----A---- C:\Windows\system32\rpchttp.dll
2009-08-23 16:34:06 ----A---- C:\Windows\system32\scrrun.dll
2009-08-23 16:34:06 ----A---- C:\Windows\system32\SCardSvr.dll
2009-08-23 16:34:06 ----A---- C:\Windows\system32\scansetting.dll
2009-08-23 16:34:06 ----A---- C:\Windows\system32\samsrv.dll
2009-08-23 16:34:05 ----A---- C:\Windows\system32\scrptadm.dll
2009-08-23 16:34:05 ----A---- C:\Windows\system32\scrobj.dll
2009-08-23 16:34:05 ----A---- C:\Windows\system32\scksp.dll
2009-08-23 16:34:05 ----A---- C:\Windows\system32\schedsvc.dll
2009-08-23 16:34:05 ----A---- C:\Windows\system32\scesrv.dll
2009-08-23 16:34:05 ----A---- C:\Windows\system32\scecli.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\powercpl.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PnPutil.exe
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-08-23 16:34:04 ----A---- C:\Windows\system32\pnpui.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\pnpsetup.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\pnidui.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\pidgenx.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\photowiz.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\perfdisk.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\pdh.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\pcaui.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\p2psvc.dll
2009-08-23 16:34:04 ----A---- C:\Windows\system32\P2PGraph.dll
2009-08-23 16:34:03 ----A---- C:\Windows\system32\pmcsnap.dll
2009-08-23 16:34:03 ----A---- C:\Windows\system32\PkgMgr.exe
2009-08-23 16:34:03 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-08-23 16:34:03 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-08-23 16:34:03 ----A---- C:\Windows\system32\ntdll.dll
2009-08-23 16:34:03 ----A---- C:\Windows\system32\nslookup.exe
2009-08-23 16:34:02 ----A---- C:\Windows\system32\osk.exe
2009-08-23 16:34:02 ----A---- C:\Windows\system32\oobefldr.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\onex.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\olepro32.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\oleprn.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\oleaut32.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\ole32.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\offfilt.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\odbccp32.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\odbcconf.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\odbc32.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-08-23 16:34:02 ----A---- C:\Windows\system32\nlhtml.dll
2009-08-23 16:34:01 ----A---- C:\Windows\system32\rasmontr.dll
2009-08-23 16:34:01 ----A---- C:\Windows\system32\rasgcw.dll
2009-08-23 16:34:01 ----A---- C:\Windows\system32\rasdlg.dll
2009-08-23 16:34:01 ----A---- C:\Windows\system32\rasdial.exe
2009-08-23 16:34:01 ----A---- C:\Windows\system32\ocsetup.exe
2009-08-23 16:34:01 ----A---- C:\Windows\system32\ntprint.dll
2009-08-23 16:34:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-08-23 16:34:01 ----A---- C:\Windows\system32\ntmarta.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\reset.exe
2009-08-23 16:34:00 ----A---- C:\Windows\system32\RelMon.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rekeywiz.exe
2009-08-23 16:34:00 ----A---- C:\Windows\system32\regsvc.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\reg.exe
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rdpendp.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rdpencom.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rdpclip.exe
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rastls.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rastapi.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rasppp.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rasplap.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rasmans.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rasdiag.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\raschap.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\rasapi32.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\RacEngn.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\query.exe
2009-08-23 16:34:00 ----A---- C:\Windows\system32\Query.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\quartz.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\qprocess.exe
2009-08-23 16:34:00 ----A---- C:\Windows\system32\qmgr.dll
2009-08-23 16:34:00 ----A---- C:\Windows\system32\qedit.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\regapi.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\rdpwsx.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\prnntfy.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\printui.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-08-23 16:33:59 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-08-23 16:33:59 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-08-23 16:33:59 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\PresentationHost.exe
2009-08-23 16:33:59 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-23 16:33:59 ----A---- C:\Windows\system32\powrprof.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\shell32.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\sendmail.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\qdvd.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\qappsrv.exe
2009-08-23 16:33:58 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-08-23 16:33:58 ----A---- C:\Windows\system32\puiapi.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\psisdecd.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\PSHED.DLL
2009-08-23 16:33:58 ----A---- C:\Windows\system32\propsys.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\propdefs.dll
2009-08-23 16:33:58 ----A---- C:\Windows\system32\profsvc.dll
2009-08-23 16:33:57 ----A---- C:\Windows\system32\shlwapi.dll
2009-08-23 16:33:57 ----A---- C:\Windows\system32\shdocvw.dll
2009-08-23 16:33:57 ----A---- C:\Windows\system32\shadow.exe
2009-08-23 16:33:57 ----A---- C:\Windows\system32\setupapi.dll
2009-08-23 16:33:57 ----A---- C:\Windows\system32\sethc.exe
2009-08-23 16:33:57 ----A---- C:\Windows\system32\services.exe
2009-08-23 16:33:56 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\evr.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\eudcedit.exe
2009-08-23 16:33:56 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\eapphost.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\eappgnui.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\eappcfg.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\eapp3hst.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\dwm.exe
2009-08-23 16:33:56 ----A---- C:\Windows\system32\dsprop.dll
2009-08-23 16:33:56 ----A---- C:\Windows\system32\dsound.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\esent.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\es.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\EncDec.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\emdmgmt.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\EhStorShell.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\diskraid.exe
2009-08-23 16:33:55 ----A---- C:\Windows\system32\diskpart.exe
2009-08-23 16:33:55 ----A---- C:\Windows\system32\dimsroam.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\diagperf.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\dfsr.exe
2009-08-23 16:33:55 ----A---- C:\Windows\system32\dfshim.dll
2009-08-23 16:33:55 ----A---- C:\Windows\system32\devmgr.dll
2009-08-23 16:33:55 ----A---- C:\Windows\explorer.exe
2009-08-23 16:33:54 ----A---- C:\Windows\system32\drvstore.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\drvinst.exe
2009-08-23 16:33:54 ----A---- C:\Windows\system32\drmv2clt.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dpapimig.exe
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dot3svc.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dot3msm.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dot3cfg.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dnsapi.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dmusic.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dmsynth.dll
2009-08-23 16:33:54 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\iasnap.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\IasMigReader.exe
2009-08-23 16:33:53 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\iashlpr.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\iasdatastore.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\iasads.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\iasacct.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\hidserv.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\hdwwiz.exe
2009-08-23 16:33:53 ----A---- C:\Windows\system32\hbaapi.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\gpupdate.exe
2009-08-23 16:33:53 ----A---- C:\Windows\system32\gpsvc.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\gpscript.exe
2009-08-23 16:33:53 ----A---- C:\Windows\system32\gpscript.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\gpresult.exe
2009-08-23 16:33:53 ----A---- C:\Windows\system32\gpprnext.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\fontext.dll
2009-08-23 16:33:53 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-08-23 16:33:52 ----A---- C:\Windows\system32\findstr.exe
2009-08-23 16:33:52 ----A---- C:\Windows\system32\feclient.dll
2009-08-23 16:33:52 ----A---- C:\Windows\system32\fdWCN.dll
2009-08-23 16:33:52 ----A---- C:\Windows\system32\fdSSDP.dll
2009-08-23 16:33:52 ----A---- C:\Windows\system32\fc.exe
2009-08-23 16:33:52 ----A---- C:\Windows\system32\Faultrep.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\gpedit.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\gpapi.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\gdi32.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\gameux.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fveui.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fvecpl.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fveapi.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fundisc.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\ftp.exe
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fdWSD.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fdProxy.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fdeploy.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\fdBth.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\autofmt.exe
2009-08-23 16:33:51 ----A---- C:\Windows\system32\autochk.exe
2009-08-23 16:33:51 ----A---- C:\Windows\system32\authz.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\authui.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\audiosrv.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\AudioSes.dll
2009-08-23 16:33:51 ----A---- C:\Windows\system32\audiodg.exe
2009-08-23 16:33:50 ----A---- C:\Windows\system32\bthci.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\browseui.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\brcplsiw.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\brcpl.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\blackbox.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\bitsigd.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\bcrypt.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\basecsp.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\azroles.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\autoplay.dll
2009-08-23 16:33:50 ----A---- C:\Windows\system32\autoconv.exe
2009-08-23 16:33:49 ----A---- C:\Windows\system32\BFE.DLL
2009-08-23 16:33:49 ----A---- C:\Windows\system32\appmgmts.dll
2009-08-23 16:33:49 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-08-23 16:33:49 ----A---- C:\Windows\system32\apphelp.dll
2009-08-23 16:33:49 ----A---- C:\Windows\system32\apds.dll
2009-08-23 16:33:49 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\crypt32.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\credui.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\connect.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\conime.exe
2009-08-23 16:33:48 ----A---- C:\Windows\system32\comuid.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\comsvcs.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\cmdial32.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\advapi32.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\adtschema.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\adsmsext.dll
2009-08-23 16:33:48 ----A---- C:\Windows\system32\adsldpc.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-08-23 16:33:47 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\DevicePairing.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\DeviceEject.exe
2009-08-23 16:33:47 ----A---- C:\Windows\system32\dbgeng.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\davclnt.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\dataclen.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\d3d9.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\CscMig.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\cscdll.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\cscapi.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\comdlg32.dll
2009-08-23 16:33:47 ----A---- C:\Windows\system32\cmmon32.exe
2009-08-23 16:33:46 ----A---- C:\Windows\system32\csrstub.exe
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cscui.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cscsvc.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cscript.exe
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cscobj.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cryptui.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cryptsvc.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\certmgr.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\CertEnroll.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\certcli.dll
2009-08-23 16:33:46 ----A---- C:\Windows\system32\cdd.dll
2009-08-23 16:33:45 ----A---- C:\Windows\system32\cipher.exe
2009-08-23 16:33:45 ----A---- C:\Windows\system32\ci.dll
2009-08-23 16:33:45 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-08-23 16:33:45 ----A---- C:\Windows\system32\chtbrkr.dll
2009-08-23 16:33:45 ----A---- C:\Windows\system32\chsbrkr.dll
2009-08-23 16:33:45 ----A---- C:\Windows\system32\certreq.exe
2009-08-23 16:33:45 ----A---- C:\Windows\system32\certprop.dll
2009-08-23 16:33:45 ----A---- C:\Windows\system32\cbsra.exe
2009-08-23 16:33:45 ----A---- C:\Windows\system32\bthudtask.exe
2009-08-23 16:33:45 ----A---- C:\Windows\system32\bthserv.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msihnd.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msiexec.exe
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msi.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msftedit.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msexcl40.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msexch40.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\msdtctm.dll
2009-08-23 16:33:44 ----A---- C:\Windows\system32\chgusr.exe
2009-08-23 16:33:44 ----A---- C:\Windows\system32\chgport.exe
2009-08-23 16:33:44 ----A---- C:\Windows\system32\chglogon.exe
2009-08-23 16:33:44 ----A---- C:\Windows\system32\change.exe
2009-08-23 16:33:44 ----A---- C:\Windows\system32\certutil.exe
2009-08-23 16:33:43 ----A---- C:\Windows\system32\msimsg.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\msdtcprx.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\msdrm.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\msctfui.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\msctfp.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\msctf.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\MPSSVC.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\mprapi.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\mpr.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\modemui.dll
2009-08-23 16:33:43 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-08-23 16:33:42 ----A---- C:\Windows\system32\mscories.dll
2009-08-23 16:33:42 ----A---- C:\Windows\system32\mscorier.dll
2009-08-23 16:33:42 ----A---- C:\Windows\system32\mscoree.dll
2009-08-23 16:33:42 ----A---- C:\Windows\system32\mscms.dll
2009-08-23 16:33:42 ----A---- C:\Windows\system32\mscandui.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\NetProjW.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\netplwiz.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\netlogon.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\netiohlp.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\netcenter.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\netapi32.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\ncryptui.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\ncrypt.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\mtxclu.dll
2009-08-23 16:33:41 ----A---- C:\Windows\system32\msxml6.dll
2009-08-23 16:33:40 ----A---- C:\Windows\system32\netshell.dll
2009-08-23 16:33:40 ----A---- C:\Windows\system32\NcdProp.dll
2009-08-23 16:33:40 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-08-23 16:33:40 ----A---- C:\Windows\system32\msxml3.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\newdev.exe
2009-08-23 16:33:39 ----A---- C:\Windows\system32\newdev.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\networkmap.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\networkexplorer.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msscntrs.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msscb.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msrepl40.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msrd3x40.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msrd2x40.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\mspbde40.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msnetobj.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msltus40.dll
2009-08-23 16:33:39 ----A---- C:\Windows\system32\msimtf.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msxbde40.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\mswstr10.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\mswsock.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\mswdat10.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msvcrt.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msvcp60.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msutb.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msjtes40.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msjter40.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msjint40.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msjet40.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msisip.dll
2009-08-23 16:33:38 ----A---- C:\Windows\system32\msinfo32.exe
2009-08-23 16:33:37 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mstsc.exe
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mstlsapi.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mstext40.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mssvp.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\msstrc.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mssrch.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mssprxy.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mssphtb.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mssph.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\mssitlb.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\msshsq.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\msshooks.dll
2009-08-23 16:33:37 ----A---- C:\Windows\system32\msscp.dll
2009-08-23 16:33:36 ----A---- C:\Windows\system32\InkEd.dll
2009-08-23 16:33:36 ----A---- C:\Windows\system32\infocardapi.dll
2009-08-23 16:33:36 ----A---- C:\Windows\system32\inetppui.dll
2009-08-23 16:33:36 ----A---- C:\Windows\system32\inetpp.dll
2009-08-23 16:33:36 ----A---- C:\Windows\system32\inetcomm.dll
2009-08-23 16:33:35 ----A---- C:\Windows\system32\iscsilog.dll
2009-08-23 16:33:35 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-08-23 16:33:35 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-08-23 16:33:35 ----A---- C:\Windows\system32\imm32.dll
2009-08-23 16:33:34 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-08-23 16:33:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-08-23 16:33:34 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-08-23 16:33:34 ----A---- C:\Windows\system32\ipconfig.exe
2009-08-23 16:33:34 ----A---- C:\Windows\system32\input.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\ifmon.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\icardres.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\icardagt.exe
2009-08-23 16:33:33 ----A---- C:\Windows\system32\iassvcs.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\iassdo.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\iassam.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\iasrecst.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\iasrad.dll
2009-08-23 16:33:33 ----A---- C:\Windows\system32\iaspolcy.dll
2009-08-23 16:33:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-08-23 16:33:32 ----A---- C:\Windows\system32\imapi2fs.dll
2009-08-23 16:33:32 ----A---- C:\Windows\system32\imapi2.dll
2009-08-23 16:33:32 ----A---- C:\Windows\system32\imapi.dll
2009-08-23 16:33:32 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mfps.dll
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mfpmp.exe
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mfplat.dll
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mferror.dll
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mfc42u.dll
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mfc42.dll
2009-08-23 16:33:31 ----A---- C:\Windows\system32\mf.dll
2009-08-23 16:33:30 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-08-23 16:33:30 ----A---- C:\Windows\system32\mmcico.dll
2009-08-23 16:33:30 ----A---- C:\Windows\system32\mmci.dll
2009-08-23 16:33:30 ----A---- C:\Windows\system32\mmc.exe
2009-08-23 16:33:30 ----A---- C:\Windows\system32\mimefilt.dll
2009-08-23 16:33:30 ----A---- C:\Windows\system32\milcore.dll
2009-08-23 16:33:30 ----A---- C:\Windows\system32\midimap.dll
2009-08-23 16:33:29 ----A---- C:\Windows\system32\korwbrkr.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\mcmde.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\mblctr.exe
2009-08-23 16:33:28 ----A---- C:\Windows\system32\logman.exe
2009-08-23 16:33:28 ----A---- C:\Windows\system32\logagent.exe
2009-08-23 16:33:28 ----A---- C:\Windows\system32\l2nacp.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\kernel32.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\kdusb.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\kdcom.dll
2009-08-23 16:33:28 ----A---- C:\Windows\system32\kd1394.dll
2009-08-23 16:33:27 ----A---- C:\Windows\system32\WebClnt.dll
2009-08-23 16:33:27 ----A---- C:\Windows\system32\shsetup.dll
2009-08-23 16:33:27 ----A---- C:\Windows\system32\Magnify.exe
2009-08-23 16:33:27 ----A---- C:\Windows\system32\logoff.exe
2009-08-23 16:33:26 ----A---- C:\Windows\system32\wercon.exe
2009-08-23 16:33:26 ----A---- C:\Windows\system32\wer.dll
2009-08-23 16:33:26 ----A---- C:\Windows\system32\wdscore.dll
2009-08-23 16:33:26 ----A---- C:\Windows\system32\wdc.dll
2009-08-23 16:33:25 ----A---- C:\Windows\system32\winhttp.dll
2009-08-23 16:33:25 ----A---- C:\Windows\system32\WindowsUltimateExtrasCPL.dll
2009-08-23 16:33:25 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-08-23 16:33:25 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-08-23 16:33:25 ----A---- C:\Windows\system32\wevtutil.exe
2009-08-23 16:33:25 ----A---- C:\Windows\system32\wevtsvc.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\win32spl.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\wiaservc.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\wiaaut.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\whealogr.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\WFS.exe
2009-08-23 16:33:24 ----A---- C:\Windows\system32\wevtapi.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\wersvc.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-08-23 16:33:24 ----A---- C:\Windows\system32\WerFault.exe
2009-08-23 16:33:24 ----A---- C:\Windows\system32\version.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\vdsutil.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\vdsdyn.dll
2009-08-23 16:33:24 ----A---- C:\Windows\system32\vds.exe
2009-08-23 16:33:24 ----A---- C:\Windows\system32\vdmdbg.dll
2009-08-23 16:33:23 ----A---- C:\Windows\system32\uxsms.dll
2009-08-23 16:33:23 ----A---- C:\Windows\system32\Utilman.exe
2009-08-23 16:33:23 ----A---- C:\Windows\system32\userenv.dll
2009-08-23 16:33:23 ----A---- C:\Windows\system32\usercpl.dll
2009-08-23 16:33:23 ----A---- C:\Windows\system32\user32.dll
2009-08-23 16:33:22 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-08-23 16:33:22 ----A---- C:\Windows\system32\wcnwiz.dll
2009-08-23 16:33:22 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-08-23 16:33:22 ----A---- C:\Windows\system32\wcncsvc.dll
2009-08-23 16:33:22 ----A---- C:\Windows\system32\wbengine.exe
2009-08-23 16:33:22 ----A---- C:\Windows\system32\usp10.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\WSDMon.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\wsdchngr.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\wscript.exe
2009-08-23 16:33:21 ----A---- C:\Windows\system32\wscntfy.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\wscisvif.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\WscEapPr.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\wscapi.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\w32time.dll
2009-08-23 16:33:21 ----A---- C:\Windows\system32\VSSVC.exe
2009-08-23 16:33:21 ----A---- C:\Windows\system32\vssapi.dll
2009-08-23 16:33:20 ----A---- C:\Windows\system32\wusa.exe
2009-08-23 16:33:20 ----A---- C:\Windows\system32\wscsvc.dll
2009-08-23 16:33:20 ----A---- C:\Windows\system32\wpcsvc.dll
2009-08-23 16:33:20 ----A---- C:\Windows\system32\wpccpl.dll
2009-08-23 16:33:20 ----A---- C:\Windows\system32\wpcao.dll
2009-08-23 16:33:20 ----A---- C:\Windows\system32\wow32.dll
2009-08-23 16:33:20 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-08-23 16:33:20 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-08-23 16:33:20 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-08-23 16:33:20 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-08-23 16:33:19 ----A---- C:\Windows\system32\xmlfilter.dll
2009-08-23 16:33:19 ----A---- C:\Windows\system32\WsmSvc.dll
2009-08-23 16:33:19 ----A---- C:\Windows\system32\wshext.dll
2009-08-23 16:33:19 ----A---- C:\Windows\system32\wshbth.dll
2009-08-23 16:33:19 ----A---- C:\Windows\system32\wsepno.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wsnmp32.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\Wldap32.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlanui.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlansvc.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlanpref.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlanmsm.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlanhlp.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wlangpui.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\wisptis.exe
2009-08-23 16:33:18 ----A---- C:\Windows\system32\winrnr.dll
2009-08-23 16:33:18 ----A---- C:\Windows\system32\winresume.exe
2009-08-23 16:33:17 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-08-23 16:33:17 ----A---- C:\Windows\system32\winsrv.dll
2009-08-23 16:33:17 ----A---- C:\Windows\system32\WinSCard.dll
2009-08-23 16:33:17 ----A---- C:\Windows\system32\WinSAT.exe
2009-08-23 16:33:17 ----A---- C:\Windows\system32\winmm.dll
2009-08-23 16:33:17 ----A---- C:\Windows\system32\winlogon.exe
2009-08-23 16:33:17 ----A---- C:\Windows\system32\winload.exe
2009-08-23 16:33:16 ----A---- C:\Windows\system32\wmpmde.dll
2009-08-23 16:33:16 ----A---- C:\Windows\system32\WMPhoto.dll
2009-08-23 16:33:16 ----A---- C:\Windows\system32\wmpeffects.dll
2009-08-23 16:33:16 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-08-23 16:33:15 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-08-23 16:33:15 ----A---- C:\Windows\system32\sud.dll
2009-08-23 16:33:15 ----A---- C:\Windows\system32\Storprop.dll
2009-08-23 16:33:15 ----A---- C:\Windows\system32\stobject.dll
2009-08-23 16:33:14 ----A---- C:\Windows\system32\srvsvc.dll
2009-08-23 16:33:14 ----A---- C:\Windows\system32\srcore.dll
2009-08-23 16:33:14 ----A---- C:\Windows\system32\srchadmin.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\sysmain.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\sysclass.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\SyncCenter.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\swprv.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-08-23 16:33:13 ----A---- C:\Windows\system32\slwmi.dll
2009-08-23 16:33:12 ----A---- C:\Windows\system32\smss.exe
2009-08-23 16:33:12 ----A---- C:\Windows\system32\SmiEngine.dll
2009-08-23 16:33:12 ----A---- C:\Windows\system32\slcc.dll
2009-08-23 16:33:12 ----A---- C:\Windows\system32\SLC.dll
2009-08-23 16:33:12 ----A---- C:\Windows\system32\shwebsvc.dll
2009-08-23 16:33:12 ----A---- C:\Windows\system32\shsvcs.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spwizui.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spwinsat.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spreview.exe
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spp.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spoolsv.exe
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spoolss.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spinstall.exe
2009-08-23 16:33:11 ----A---- C:\Windows\system32\sperror.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\spcmsg.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\slwga.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\SLUINotify.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\SLUI.exe
2009-08-23 16:33:11 ----A---- C:\Windows\system32\SLsvc.exe
2009-08-23 16:33:11 ----A---- C:\Windows\system32\slmgr.vbs
2009-08-23 16:33:11 ----A---- C:\Windows\system32\SLLUA.exe
2009-08-23 16:33:11 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\slcinst.dll
2009-08-23 16:33:11 ----A---- C:\Windows\system32\SLCExt.dll
2009-08-23 16:33:10 ----A---- C:\Windows\system32\zipfldr.dll
2009-08-23 16:33:10 ----A---- C:\Windows\system32\untfs.dll
2009-08-23 16:33:10 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-08-23 16:33:10 ----A---- C:\Windows\system32\TSTheme.exe
2009-08-23 16:33:10 ----A---- C:\Windows\system32\tskill.exe
2009-08-23 16:33:10 ----A---- C:\Windows\system32\tsdiscon.exe
2009-08-23 16:33:10 ----A---- C:\Windows\system32\tscupgrd.exe
2009-08-23 16:33:10 ----A---- C:\Windows\system32\softkbd.dll
2009-08-23 16:33:10 ----A---- C:\Windows\system32\SnippingTool.exe
2009-08-23 16:33:10 ----A---- C:\Windows\system32\SndVol.exe
2009-08-23 16:33:09 ----A---- C:\Windows\system32\umrdp.dll
2009-08-23 16:33:09 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-08-23 16:33:09 ----A---- C:\Windows\system32\ulib.dll
2009-08-23 16:33:09 ----A---- C:\Windows\system32\uDWM.dll
2009-08-23 16:33:09 ----A---- C:\Windows\system32\systemcpl.dll
2009-08-23 16:33:06 ----A---- C:\Windows\system32\tscon.exe
2009-08-23 16:33:06 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-08-23 16:33:06 ----A---- C:\Windows\system32\tsbyuv.dll
2009-08-23 16:33:06 ----A---- C:\Windows\system32\tquery.dll
2009-08-23 16:33:03 ----A---- C:\Windows\system32\tcpmon.dll
2009-08-23 16:33:03 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-08-23 16:33:03 ----A---- C:\Windows\system32\tapisrv.dll
2009-08-23 16:33:02 ----A---- C:\Windows\system32\themeui.dll
2009-08-23 16:33:02 ----A---- C:\Windows\system32\themecpl.dll
2009-08-23 16:33:02 ----A---- C:\Windows\system32\thawbrkr.dll
2009-08-23 16:33:02 ----A---- C:\Windows\system32\termsrv.dll
2009-08-23 16:33:02 ----A---- C:\Windows\system32\taskeng.exe
2009-08-23 16:33:02 ----A---- C:\Windows\system32\taskcomp.dll
2009-08-23 16:31:58 ----D---- C:\Windows\system32\EventProviders
2009-08-23 11:38:41 ----D---- C:\Windows\Panther
2009-08-23 11:38:29 ----RAS---- C:\BOOTSECT.BAK
2009-08-23 11:38:27 ----SHD---- C:\Boot
2009-08-23 11:38:08 ----D---- C:\Windows\system32\OEM
2009-08-23 01:52:36 ----D---- C:\Users\Main\AppData\Roaming\Auslogics
2009-08-23 01:43:08 ----A---- C:\Windows\system32\wininet.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\occache.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\msfeeds.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\jsproxy.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\ieui.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\iesetup.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\iernonce.dll
2009-08-23 01:43:08 ----A---- C:\Windows\system32\iepeers.dll
2009-08-23 01:43:07 ----A---- C:\Windows\system32\urlmon.dll
2009-08-23 01:43:07 ----A---- C:\Windows\system32\msfeedssync.exe
2009-08-23 01:43:07 ----A---- C:\Windows\system32\ieUnatt.exe
2009-08-23 01:43:07 ----A---- C:\Windows\system32\iesysprep.dll
2009-08-23 01:43:07 ----A---- C:\Windows\system32\iertutil.dll
2009-08-23 01:43:07 ----A---- C:\Windows\system32\iedkcs32.dll
2009-08-23 01:43:07 ----A---- C:\Windows\system32\ie4uinit.exe
2009-08-23 01:43:06 ----A---- C:\Windows\system32\mshtml.dll
2009-08-23 01:43:06 ----A---- C:\Windows\system32\ieframe.dll
2009-08-23 01:42:25 ----A---- C:\Windows\system32\mshtmled.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\msls31.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\mshtmler.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\imgutil.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\ieakeng.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\icardie.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\dxtmsft.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\corpol.dll
2009-08-23 01:42:24 ----A---- C:\Windows\system32\admparse.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-08-23 01:42:23 ----A---- C:\Windows\system32\wextract.exe
2009-08-23 01:42:23 ----A---- C:\Windows\system32\webcheck.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\msrating.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\licmgr10.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\inseng.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\ieakui.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\ieaksie.dll
2009-08-23 01:42:23 ----A---- C:\Windows\system32\dxtrans.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\vbscript.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\url.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\pngfilt.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\mstime.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\jscript.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\ieapfltr.dll
2009-08-23 01:42:22 ----A---- C:\Windows\system32\advpack.dll
2009-08-23 01:42:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-08-23 01:42:21 ----A---- C:\Windows\system32\SetDepNx.exe
2009-08-23 01:42:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-08-23 01:42:21 ----A---- C:\Windows\system32\PDMSetup.exe
2009-08-23 01:42:21 ----A---- C:\Windows\system32\mshta.exe
2009-08-23 01:42:21 ----A---- C:\Windows\system32\iexpress.exe
2009-08-23 01:35:09 ----A---- C:\Windows\system32\wgaer_m.exe
2009-08-23 00:18:50 ----A---- C:\Windows\system32\netfxperf.dll
2009-08-23 00:17:53 ----A---- C:\Windows\system32\kbd106n.dll
2009-08-23 00:12:47 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-23 00:12:47 ----A---- C:\Windows\system32\kerberos.dll
2009-08-23 00:12:46 ----A---- C:\Windows\system32\wdigest.dll
2009-08-23 00:12:46 ----A---- C:\Windows\system32\schannel.dll
2009-08-23 00:12:46 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-23 00:12:45 ----A---- C:\Windows\system32\secur32.dll
2009-08-23 00:12:45 ----A---- C:\Windows\system32\lsass.exe
2009-08-23 00:01:53 ----D---- C:\Program Files\JAM Software
2009-08-23 00:01:23 ----D---- C:\ProgramData\DVD Shrink
2009-08-23 00:01:22 ----D---- C:\Program Files\DVD Shrink
2009-08-23 00:00:49 ----D---- C:\Program Files\Auslogics
2009-08-22 23:57:04 ----D---- C:\Users\Main\AppData\Roaming\Mozilla
2009-08-22 23:56:58 ----D---- C:\Program Files\Mozilla Firefox
2009-08-22 23:56:30 ----D---- C:\Program Files\SpeedFan
2009-08-22 23:56:05 ----D---- C:\Users\Main\AppData\Roaming\Foxit
2009-08-22 23:56:05 ----D---- C:\Program Files\Foxit Software
2009-08-22 23:42:45 ----D---- C:\PerfLogs
2009-08-22 23:19:03 ----A---- C:\Windows\system32\recdisc.exe
2009-08-22 23:19:02 ----A---- C:\Windows\system32\sdspres.dll
2009-08-22 23:17:42 ----A---- C:\Windows\system32\sxproxy.dll
2009-08-22 23:17:31 ----A---- C:\Windows\system32\mssha.dll
2009-08-22 23:17:31 ----A---- C:\Windows\system32\msrdc.dll
2009-08-22 23:17:31 ----A---- C:\Windows\system32\msra.exe
2009-08-22 23:17:30 ----A---- C:\Windows\system32\mstask.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\NAPMONTR.DLL
2009-08-22 23:17:29 ----A---- C:\Windows\system32\napipsec.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\NapiNSP.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\NAPHLPR.DLL
2009-08-22 23:17:29 ----A---- C:\Windows\system32\napdsnap.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mydocs.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mycomput.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\MuiUnattend.exe
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mtxoci.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mtxlegih.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mtxdm.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mtstocom.exe
2009-08-22 23:17:29 ----A---- C:\Windows\system32\mswmdm.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\msvidc32.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\msvfw32.dll
2009-08-22 23:17:29 ----A---- C:\Windows\system32\msvbvm60.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msg.exe
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdtcuiu.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdtclog.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdtckrm.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdtc.exe
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdt.exe
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdt.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdri.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdmo.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdelta.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdart.dll
2009-08-22 23:17:28 ----A---- C:\Windows\system32\msdadiag.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\mspatcha.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\mspaint.exe
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msorcl32.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msoert2.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msoeacct.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msobjs.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2009-08-22 23:17:27 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msmmsp.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msieftp.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msidle.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msident.dll
2009-08-22 23:17:27 ----A---- C:\Windows\system32\msidcrl30.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\notepad.exe
2009-08-22 23:17:26 ----A---- C:\Windows\system32\Nlsdl.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData081a.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0816.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0416.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0414.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData004e.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData004c.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData004b.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData004a.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0049.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0047.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0046.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0045.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData003e.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0039.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData002a.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0027.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0026.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0024.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0022.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData000a.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0009.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0007.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0003.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0002.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0001.dll
2009-08-22 23:17:26 ----A---- C:\Windows\system32\NlsData0000.dll
2009-08-22 23:17:26 ----A---- C:\Windows\notepad.exe
2009-08-22 23:17:25 ----A---- C:\Windows\system32\odbctrac.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\odbcjt32.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\odbccu32.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\odbccr32.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\odbcbcp.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\objsel.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\ntdsapi.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0021.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0020.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData001d.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData001b.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData001a.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0019.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0018.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0013.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0011.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData0010.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData000f.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData000d.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\NlsData000c.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\nlsbres.dll
2009-08-22 23:17:25 ----A---- C:\Windows\system32\nlmgp.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\ntvdm.exe
2009-08-22 23:17:24 ----A---- C:\Windows\system32\ntshrui.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\ntlanman.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\nsisvc.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\nsi.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\nshipsec.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\nshhttp.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\netid.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\netdiagfx.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\netcorehc.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\netcfgx.dll
2009-08-22 23:17:24 ----A---- C:\Windows\system32\netcfg.exe
2009-08-22 23:17:24 ----A---- C:\Windows\system32\netbtugc.exe
2009-08-22 23:17:23 ----A---- C:\Windows\system32\nlasvc.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\nlaapi.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\netiougc.exe
2009-08-22 23:17:23 ----A---- C:\Windows\system32\netevent.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\net1.exe
2009-08-22 23:17:23 ----A---- C:\Windows\system32\net.exe
2009-08-22 23:17:23 ----A---- C:\Windows\system32\ndfetw.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\ndfapi.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\ncsi.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\ncobjapi.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\nci.dll
2009-08-22 23:17:23 ----A---- C:\Windows\system32\nbtstat.exe
2009-08-22 23:17:23 ----A---- C:\Windows\system32\NAPSTAT.EXE
2009-08-22 23:17:22 ----A---- C:\Windows\system32\netprofm.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\netprof.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\Netplwiz.exe
2009-08-22 23:17:22 ----A---- C:\Windows\system32\netman.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\manage-bde.wsf
2009-08-22 23:17:22 ----A---- C:\Windows\system32\manage-bde.ini.en
2009-08-22 23:17:22 ----A---- C:\Windows\system32\makecab.exe
2009-08-22 23:17:22 ----A---- C:\Windows\system32\luainstall.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\lsmproxy.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\lsm.exe
2009-08-22 23:17:22 ----A---- C:\Windows\system32\loghours.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\lodctr.exe
2009-08-22 23:17:22 ----A---- C:\Windows\system32\localui.dll
2009-08-22 23:17:22 ----A---- C:\Windows\system32\localsec.dll
2009-08-22 23:17:21 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2009-08-22 23:17:21 ----A---- C:\Windows\system32\mfvdsp.dll
2009-08-22 23:17:21 ----A---- C:\Windows\system32\mfcsubs.dll
2009-08-22 23:17:21 ----A---- C:\Windows\system32\lpremove.exe
2009-08-22 23:17:21 ----A---- C:\Windows\system32\lpksetup.exe
2009-08-22 23:17:21 ----A---- C:\Windows\system32\LogonUI.exe
2009-08-22 23:17:20 ----A---- C:\Windows\system32\MdSched.exe
2009-08-22 23:17:20 ----A---- C:\Windows\system32\mdminst.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\McxDriv.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\Mcx2Svc.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\mcbuilder.exe
2009-08-22 23:17:20 ----A---- C:\Windows\system32\itss.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\iscsiwmi.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\iscsium.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\iscsiexe.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\iscsied.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\iprtrmgr.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\ipnathlp.dll
2009-08-22 23:17:20 ----A---- C:\Windows\system32\IPBusEnum.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\mprmsg.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\mprdim.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\mprddm.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\loadperf.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\lnkstub.exe
2009-08-22 23:17:19 ----A---- C:\Windows\system32\lltdsvc.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\lltdapi.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\L2SecHC.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\l2gpstore.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\ktmw32.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\ktmutil.exe
2009-08-22 23:17:19 ----A---- C:\Windows\system32\KMSVC.DLL
2009-08-22 23:17:19 ----A---- C:\Windows\system32\keymgr.dll
2009-08-22 23:17:19 ----A---- C:\Windows\system32\KBDKOR.DLL
2009-08-22 23:17:19 ----A---- C:\Windows\system32\KBDJPN.DLL
2009-08-22 23:17:19 ----A---- C:\Windows\system32\iprtprio.dll
2009-08-22 23:17:18 ----A---- C:\Windows\system32\msconfig.exe
2009-08-22 23:17:18 ----A---- C:\Windows\system32\MPG4DECD.DLL
2009-08-22 23:17:18 ----A---- C:\Windows\system32\MP4SDECD.DLL
2009-08-22 23:17:18 ----A---- C:\Windows\system32\MP43DECD.DLL
2009-08-22 23:17:18 ----A---- C:\Windows\system32\MP3DMOD.DLL
2009-08-22 23:17:18 ----A---- C:\Windows\system32\mountvol.exe
2009-08-22 23:17:17 ----A---- C:\Windows\system32\msacm32.dll
2009-08-22 23:17:17 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2009-08-22 23:17:17 ----A---- C:\Windows\system32\msaatext.dll
2009-08-22 23:17:17 ----A---- C:\Windows\system32\mmcbase.dll
2009-08-22 23:17:16 ----A---- C:\Windows\system32\mobsync.exe
2009-08-22 23:17:16 ----A---- C:\Windows\system32\mmcss.dll
2009-08-22 23:17:16 ----A---- C:\Windows\system32\mmcshext.dll
2009-08-22 23:17:16 ----A---- C:\Windows\system32\mlang.dll
2009-08-22 23:17:16 ----A---- C:\Windows\system32\migisol.dll
2009-08-22 23:17:16 ----A---- C:\Windows\system32\MigAutoPlay.exe
2009-08-22 23:17:15 ----A---- C:\Windows\system32\shrink.dll
2009-08-22 23:17:15 ----A---- C:\Windows\system32\shimgvw.dll
2009-08-22 23:17:15 ----A---- C:\Windows\system32\shgina.dll
2009-08-22 23:17:15 ----A---- C:\Windows\system32\secpol.msc
2009-08-22 23:17:15 ----A---- C:\Windows\system32\seclogon.dll
2009-08-22 23:17:15 ----A---- C:\Windows\system32\SecEdit.exe
2009-08-22 23:17:15 ----A---- C:\Windows\system32\sdshext.dll
2009-08-22 23:17:15 ----A---- C:\Windows\system32\sdrsvc.dll
2009-08-22 23:17:14 ----A---- C:\Windows\system32\shutdown.exe
2009-08-22 23:17:14 ----A---- C:\Windows\system32\shrpubw.exe
2009-08-22 23:17:14 ----A---- C:\Windows\system32\shacct.dll
2009-08-22 23:17:13 ----A---- C:\Windows\system32\SmiInstaller.dll
2009-08-22 23:17:13 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-08-22 23:17:13 ----A---- C:\Windows\system32\SessEnv.dll
2009-08-22 23:17:12 ----A---- C:\Windows\system32\sfc_os.dll
2009-08-22 23:17:12 ----A---- C:\Windows\system32\sfc.exe
2009-08-22 23:17:12 ----A---- C:\Windows\system32\setupugc.exe
2009-08-22 23:17:12 ----A---- C:\Windows\system32\setupSNK.exe
2009-08-22 23:17:12 ----A---- C:\Windows\system32\setupcln.dll
2009-08-22 23:17:12 ----A---- C:\Windows\system32\setupcl.exe
2009-08-22 23:17:12 ----A---- C:\Windows\system32\serialui.dll
2009-08-22 23:17:12 ----A---- C:\Windows\system32\Sens.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\puiobj.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\psbase.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\provthrd.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\ppcsnap.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\pots.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\polstore.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\pnrpnsp.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2009-08-22 23:17:11 ----A---- C:\Windows\system32\pnpts.dll
2009-08-22 23:17:10 ----A---- C:\Windows\system32\QAGENT.DLL
2009-08-22 23:17:10 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2009-08-22 23:17:09 ----A---- C:\Windows\system32\profprov.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\procinst.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\prntvpt.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\printcom.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\prevhost.exe
2009-08-22 23:17:09 ----A---- C:\Windows\system32\pcasvc.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\pcadm.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\p2pnetsh.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\p2phost.exe
2009-08-22 23:17:09 ----A---- C:\Windows\system32\p2pcollab.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\P2P.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\olethk32.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\olesvr32.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\oledlg.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\olecli32.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\oleacc.dll
2009-08-22 23:17:09 ----A---- C:\Windows\system32\ogldrv.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\rstrui.exe
2009-08-22 23:17:08 ----A---- C:\Windows\system32\RstrtMgr.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\rshx32.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\PlaySndSrv.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\pla.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\PING.EXE
2009-08-22 23:17:08 ----A---- C:\Windows\system32\perfts.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\perfnet.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\perfmon.msc
2009-08-22 23:17:08 ----A---- C:\Windows\system32\perfmon.exe
2009-08-22 23:17:08 ----A---- C:\Windows\system32\pdhui.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\osblprov.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\osbaseln.dll
2009-08-22 23:17:08 ----A---- C:\Windows\system32\OptionalFeatures.exe
2009-08-22 23:17:07 ----A---- C:\Windows\system32\schtasks.exe
2009-08-22 23:17:07 ----A---- C:\Windows\system32\sbunattend.exe
2009-08-22 23:17:07 ----A---- C:\Windows\system32\runonce.exe
2009-08-22 23:17:07 ----A---- C:\Windows\system32\rtm.dll
2009-08-22 23:17:07 ----A---- C:\Windows\system32\RpcPing.exe
2009-08-22 23:17:07 ----A---- C:\Windows\system32\ROUTE.EXE
2009-08-22 23:17:07 ----A---- C:\Windows\system32\Robocopy.exe
2009-08-22 23:17:07 ----A---- C:\Windows\system32\riched32.dll
2009-08-22 23:17:07 ----A---- C:\Windows\system32\rgb9rast.dll
2009-08-22 23:17:07 ----A---- C:\Windows\system32\resutils.dll
2009-08-22 23:17:07 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2009-08-22 23:17:06 ----A---- C:\Windows\system32\sdengin2.dll
2009-08-22 23:17:06 ----A---- C:\Windows\system32\sdchange.exe
2009-08-22 23:17:05 ----A---- C:\Windows\system32\sbeio.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\sbe.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\rasctrs.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\rascfg.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\rasauto.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\RacAgent.exe
2009-08-22 23:17:05 ----A---- C:\Windows\system32\qwinsta.exe
2009-08-22 23:17:05 ----A---- C:\Windows\system32\qwave.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\QUTIL.DLL
2009-08-22 23:17:05 ----A---- C:\Windows\system32\quser.exe
2009-08-22 23:17:05 ----A---- C:\Windows\system32\qdv.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\QCLIPROV.DLL
2009-08-22 23:17:05 ----A---- C:\Windows\system32\qcap.dll
2009-08-22 23:17:05 ----A---- C:\Windows\system32\qasf.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\remotepg.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\regini.exe
2009-08-22 23:17:04 ----A---- C:\Windows\system32\RegCtrl.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\rdrleakdiag.exe
2009-08-22 23:17:04 ----A---- C:\Windows\system32\RDPENCDD.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\rdpdd.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\rdpcfgex.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\rasqec.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\rasphone.exe
2009-08-22 23:17:04 ----A---- C:\Windows\system32\RASMM.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\rasman.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\raserver.exe
2009-08-22 23:17:04 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2009-08-22 23:17:04 ----A---- C:\Windows\system32\QSHVHOST.DLL
2009-08-22 23:17:04 ----A---- C:\Windows\system32\d3dim700.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\d3dim.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\d3d8.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\d3d10core.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-08-22 23:17:04 ----A---- C:\Windows\system32\d3d10_1.dll
2009-08-22 23:17:04 ----A---- C:\Windows\regedit.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dispex.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dispdiag.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dispci.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dinput8.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dimsjob.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\diantz.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dfrgui.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\DfrgNtfs.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\devenum.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\Defrag.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\ddraw.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dbnetlib.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\dbghelp.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\d3dxof.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\d3d10.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\csrss.exe
2009-08-22 23:17:03 ----A---- C:\Windows\system32\csrsrv.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\cryptnet.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\cryptdll.dll
2009-08-22 23:17:03 ----A---- C:\Windows\system32\credssp.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\dhcpsapi.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\DHCPQEC.DLL
2009-08-22 23:17:02 ----A---- C:\Windows\system32\DfsShlEx.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\dfrgifc.exe
2009-08-22 23:17:02 ----A---- C:\Windows\system32\dfrgfat.exe
2009-08-22 23:17:02 ----A---- C:\Windows\system32\DFDWiz.exe
2009-08-22 23:17:02 ----A---- C:\Windows\system32\dfdts.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmlua.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmipnpinstall.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmifw.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmicryptinstall.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmdl32.exe
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmd.exe
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cmcfg32.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\clusapi.dll
2009-08-22 23:17:02 ----A---- C:\Windows\system32\cic.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\els.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\convert.exe
2009-08-22 23:17:01 ----A---- C:\Windows\system32\consent.exe
2009-08-22 23:17:01 ----A---- C:\Windows\system32\comsnap.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\comres.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\comrepl.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\ComputerDefaults.exe
2009-08-22 23:17:01 ----A---- C:\Windows\system32\compstui.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2009-08-22 23:17:01 ----A---- C:\Windows\system32\CompatUI.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\comctl32.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\colorui.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\COLORCNV.DLL
2009-08-22 23:17:01 ----A---- C:\Windows\system32\colbact.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\cofiredm.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\cmutil.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\cmstplua.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\cmstp.exe
2009-08-22 23:17:01 ----A---- C:\Windows\system32\cmpbk32.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\clfsw32.dll
2009-08-22 23:17:01 ----A---- C:\Windows\system32\clbcatq.dll
2009-08-22 23:17:00 ----A---- C:\Windows\system32\esentutl.exe
2009-08-22 23:17:00 ----A---- C:\Windows\system32\esentprf.dll
2009-08-22 23:17:00 ----A---- C:\Windows\system32\EncDump.dll
2009-08-22 23:17:00 ----A---- C:\Windows\system32\efsadu.dll
2009-08-22 23:17:00 ----A---- C:\Windows\system32\eapsvc.dll
2009-08-22 23:17:00 ----A---- C:\Windows\system32\EAPQEC.DLL
2009-08-22 23:17:00 ----A---- C:\Windows\system32\eappprxy.dll
2009-08-22 23:16:59 ----A---- C:\Windows\system32\fmifs.dll
2009-08-22 23:16:59 ----A---- C:\Windows\system32\findnetprinters.dll
2009-08-22 23:16:59 ----A---- C:\Windows\system32\filemgmt.dll
2009-08-22 23:16:59 ----A---- C:\Windows\system32\fdPHost.dll
2009-08-22 23:16:59 ----A---- C:\Windows\system32\fde.dll
2009-08-22 23:14:57 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2009-08-22 23:14:57 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-08-22 23:14:57 ----A---- C:\Windows\system32\extrac32.exe
2009-08-22 23:14:57 ----A---- C:\Windows\system32\expand.exe
2009-08-22 23:14:57 ----A---- C:\Windows\system32\eventcls.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dxva2.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dxgi.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dxdiagn.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dxdiag.exe
2009-08-22 23:14:56 ----A---- C:\Windows\system32\DWWIN.EXE
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dwmredir.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dwmapi.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\duser.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dsuiext.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dssenh.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dskquoui.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dskquota.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dsdmo.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dsauth.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\driverquery.exe
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dpx.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dps.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dpnet.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\DpiScaling.exe
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dot3ui.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dot3gpui.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dot3gpclnt.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dot3dlg.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dot3api.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dnshc.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmvdsitf.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmutil.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmscript.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmocx.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmloader.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmime.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmdskres2.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmdskmgr.dll
2009-08-22 23:14:56 ----A---- C:\Windows\system32\dmdlgs.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\dssec.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\dsquery.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\AuthFWGP.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\authfwcfg.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\auditpol.exe
2009-08-22 23:14:55 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\AudioEng.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\audiodev.dll
2009-08-22 23:14:55 ----A---- C:\Windows\system32\AtBroker.exe
2009-08-22 23:14:55 ----A---- C:\Windows\system32\at.exe
2009-08-22 23:13:53 ----A---- C:\Windows\system32\bitsadmin.exe
2009-08-22 23:13:53 ----A---- C:\Windows\system32\bcdsrv.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\bcdprov.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\bcdedit.exe
2009-08-22 23:13:53 ----A---- C:\Windows\system32\batt.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\basesrv.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\AzSqlExt.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\azroleui.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\avrt.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\ACW.exe
2009-08-22 23:13:53 ----A---- C:\Windows\system32\actxprxy.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\activeds.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2009-08-22 23:13:53 ----A---- C:\Windows\system32\ActionQueue.dll
2009-08-22 23:13:53 ----A---- C:\Windows\bfsvc.exe
2009-08-22 23:13:52 ----A---- C:\Windows\system32\catsrvut.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\catsrv.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\cabview.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\cabinet.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\btpanui.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\apss.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\appmgr.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\appinfo.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\apircl.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\apilogen.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\amxread.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\amstream.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\alg.exe
2009-08-22 23:13:52 ----A---- C:\Windows\system32\adsnt.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\adsldp.dll
2009-08-22 23:13:52 ----A---- C:\Windows\system32\aclui.dll
2009-08-22 23:13:51 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2009-08-22 23:13:51 ----A---- C:\Windows\system32\capisp.dll
2009-08-22 23:13:51 ----A---- C:\Windows\system32\cacls.exe
2009-08-22 23:13:51 ----A---- C:\Windows\system32\browser.dll
2009-08-22 23:13:51 ----A---- C:\Windows\system32\bridgeunattend.exe
2009-08-22 23:13:51 ----A---- C:\Windows\system32\brcplsdw.dll
2009-08-22 23:13:51 ----A---- C:\Windows\system32\BOOTVID.DLL
2009-08-22 23:13:51 ----A---- C:\Windows\system32\bootstr.dll
2009-08-22 23:13:50 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-08-22 23:13:50 ----A---- C:\Windows\system32\cfgbkend.dll
2009-08-22 23:13:50 ----A---- C:\Windows\system32\cewmdm.dll
2009-08-22 23:13:50 ----A---- C:\Windows\system32\cdosys.dll
2009-08-22 23:13:50 ----A---- C:\Windows\system32\bootcfg.exe
2009-08-22 23:13:50 ----A---- C:\Windows\system32\BlbEvents.dll
2009-08-22 23:13:50 ----A---- C:\Windows\system32\blb_ps.dll
2009-08-22 23:12:48 ----A---- C:\Windows\system32\imagesp1.dll
2009-08-22 23:12:47 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2009-08-22 23:12:47 ----A---- C:\Windows\system32\inetmib1.dll
2009-08-22 23:12:47 ----A---- C:\Windows\system32\imagehlp.dll
2009-08-22 23:12:46 ----A---- C:\Windows\system32\icaapi.dll
2009-08-22 23:12:46 ----A---- C:\Windows\system32\iashost.exe
2009-08-22 23:12:46 ----A---- C:\Windows\system32\ias.dll
2009-08-22 23:12:46 ----A---- C:\Windows\system32\httpapi.dll
2009-08-22 23:12:45 ----A---- C:\Windows\system32\ifsutil.dll
2009-08-22 23:12:45 ----A---- C:\Windows\system32\idndl.dll
2009-08-22 23:12:45 ----A---- C:\Windows\system32\icsunattend.exe
2009-08-22 23:12:45 ----A---- C:\Windows\system32\icsfiltr.dll
2009-08-22 23:12:45 ----A---- C:\Windows\system32\icm32.dll
2009-08-22 23:12:45 ----A---- C:\Windows\system32\icfupgd.dll
2009-08-22 23:12:45 ----A---- C:\Windows\system32\icacls.exe
2009-08-22 23:12:44 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\hnetmon.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\hnetcfg.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\hlink.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSXP32.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSUTILITY.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSUNATD.exe
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSTIFF.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXST30.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSSVC.exe
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSST.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSROUTE.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSRESM.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSMON.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSEXT32.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSCOVER.exe
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSCOMPOSE.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSCOMEX.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSCOM.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\FXSAPI.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\fwcfg.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\fveRecover.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\fsutil.exe
2009-08-22 23:12:44 ----A---- C:\Windows\system32\fsmgmt.msc
2009-08-22 23:12:44 ----A---- C:\Windows\system32\framedynos.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\framedyn.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\framebuf.dll
2009-08-22 23:12:44 ----A---- C:\Windows\system32\fphc.dll
2009-08-22 23:12:44 ----A---- C:\Windows\fveupdate.exe
2009-08-22 23:12:43 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2009-08-22 23:12:43 ----A---- C:\Windows\system32\hcrstco.dll
2009-08-22 23:12:43 ----A---- C:\Windows\system32\GuidedHelp.dll
2009-08-22 23:12:43 ----A---- C:\Windows\system32\graftabl.com
2009-08-22 23:12:43 ----A---- C:\Windows\system32\gpedit.msc
2009-08-22 23:12:43 ----A---- C:\Windows\system32\getmac.exe
2009-08-22 23:12:43 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2009-08-22 23:12:43 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2009-08-22 23:12:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-22 23:12:43 ----A---- C:\Windows\system32\gacinstall.dll
2009-08-22 23:12:43 ----A---- C:\Windows\system32\fvenotify.exe
2009-08-22 23:12:43 ----A---- C:\Windows\HelpPane.exe
2009-08-22 23:12:42 ----A---- C:\Windows\system32\wiadss.dll
2009-08-22 23:12:42 ----A---- C:\Windows\system32\wiadefui.dll
2009-08-22 23:12:42 ----A---- C:\Windows\system32\wiaacmgr.exe
2009-08-22 23:12:41 ----A---- C:\Windows\system32\WLanConn.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wlancfg.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wlanapi.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\winusb.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wintrust.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\winsta.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\WINSRPC.DLL
2009-08-22 23:12:41 ----A---- C:\Windows\system32\WinSATAPI.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\winrsmgr.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\winipsec.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wininit.exe
2009-08-22 23:12:41 ----A---- C:\Windows\system32\winethc.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wiashext.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wiascanprofiles.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wiarpc.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wfapigp.dll
2009-08-22 23:12:41 ----A---- C:\Windows\system32\wevtfwd.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\winrshost.exe
2009-08-22 23:12:40 ----A---- C:\Windows\system32\winrscmd.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\winrs.exe
2009-08-22 23:12:40 ----A---- C:\Windows\system32\winrm.vbs
2009-08-22 23:12:40 ----A---- C:\Windows\system32\winnsi.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\WinFax.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\wbemcomn.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\wbadmin.exe
2009-08-22 23:12:40 ----A---- C:\Windows\system32\wavemsp.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\WavDest.dll
2009-08-22 23:12:40 ----A---- C:\Windows\system32\waitfor.exe
2009-08-22 23:12:40 ----A---- C:\Windows\system32\w32tm.exe
2009-08-22 23:12:39 ----A---- C:\Windows\system32\vsstrace.dll
2009-08-22 23:12:39 ----A---- C:\Windows\system32\vssadmin.exe
2009-08-22 23:12:39 ----A---- C:\Windows\system32\vss_ps.dll
2009-08-22 23:11:38 ----A---- C:\Windows\system32\wermgr.exe
2009-08-22 23:11:38 ----A---- C:\Windows\system32\werdiagcontroller.dll
2009-08-22 23:11:38 ----A---- C:\Windows\system32\wercplsupport.dll
2009-08-22 23:11:38 ----A---- C:\Windows\system32\wecutil.exe
2009-08-22 23:11:38 ----A---- C:\Windows\system32\wecsvc.dll
2009-08-22 23:11:38 ----A---- C:\Windows\system32\wecapi.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wship6.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wshcon.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wsecedit.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wscproxystub.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wscmisetup.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\WPDSp.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wpd_ci.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wpclsp.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\Wpc.dll
2009-08-22 23:11:37 ----A---- C:\Windows\system32\wdi.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xwizards.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xpssvcs.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\XPSSHHDR.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xolehlp.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xmlprovi.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xmllite.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xcopy.exe
2009-08-22 23:11:36 ----A---- C:\Windows\system32\xactsrv.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wzcdlg.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wvc.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WUDFx.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WUDFSvc.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WUDFPlatform.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WUDFHost.exe
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wtsapi32.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wsqmcons.exe
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wsock32.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WsmWmiPl.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WsmRes.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WsmProv.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WsmCl.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WsmAuto.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2009-08-22 23:11:36 ----A---- C:\Windows\system32\ws2_32.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wpnpinst.exe
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wpdwcn.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wpdshext.dll
2009-08-22 23:11:36 ----A---- C:\Windows\system32\wmidx.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wmpsrcwp.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wmpshell.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WMASF.DLL
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WMADMOE.DLL
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wlansec.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WlanMmHC.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WlanMM.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\WLanHC.dll
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wlanext.exe
2009-08-22 23:11:35 ----A---- C:\Windows\system32\wlandlg.dll
2009-08-22 23:11:34 ----A---- C:\Windows\system32\WMVSENCD.DLL
2009-08-22 23:11:34 ----A---- C:\Windows\system32\wmvdspa.dll
2009-08-22 23:11:34 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-08-22 23:11:34 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-08-22 23:11:34 ----A---- C:\Windows\system32\wmpcm.dll
2009-08-22 23:11:34 ----A---- C:\Windows\system32\wmiprop.dll
2009-08-22 23:11:34 ----A---- C:\Windows\system32\systeminfo.exe
2009-08-22 23:11:33 ----A---- C:\Windows\system32\tbssvc.dll
2009-08-22 23:11:33 ----A---- C:\Windows\system32\tbs.dll
2009-08-22 23:11:33 ----A---- C:\Windows\system32\taskschd.dll
2009-08-22 23:11:33 ----A---- C:\Windows\system32\taskmgr.exe
2009-08-22 23:11:33 ----A---- C:\Windows\system32\tasklist.exe
2009-08-22 23:11:33 ----A---- C:\Windows\system32\taskkill.exe
2009-08-22 23:11:33 ----A---- C:\Windows\system32\Tabbtn.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\tdh.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\tcpmon.ini
2009-08-22 23:11:32 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\takeown.exe
2009-08-22 23:11:32 ----A---- C:\Windows\system32\tabcal.exe
2009-08-22 23:11:32 ----A---- C:\Windows\system32\TabbtnEx.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\sstpsvc.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\SSShim.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\ssdpsrv.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\srrstr.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\srdelayed.exe
2009-08-22 23:11:32 ----A---- C:\Windows\system32\srclient.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\sqmapi.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\sqlcese30.dll
2009-08-22 23:11:32 ----A---- C:\Windows\system32\sqlceqp30.dll
2009-08-22 23:11:31 ----A---- C:\Windows\system32\srwmi.dll
2009-08-22 23:11:31 ----A---- C:\Windows\system32\spwizres.dll
2009-08-22 23:11:31 ----A---- C:\Windows\system32\spwizeng.dll
2009-08-22 23:11:31 ----A---- C:\Windows\system32\spbcd.dll
2009-08-22 23:11:31 ----A---- C:\Windows\system32\SoundRecorder.exe
2009-08-22 23:11:30 ----A---- C:\Windows\system32\userinit.exe
2009-08-22 23:11:30 ----A---- C:\Windows\system32\usbui.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\usbperf.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\usbmon.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\upnphost.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\syssetup.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\syskey.exe
2009-08-22 23:11:30 ----A---- C:\Windows\system32\SysFxUI.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\syncui.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\synceng.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\sxstrace.exe
2009-08-22 23:11:30 ----A---- C:\Windows\system32\sxsstore.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\sxs.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\svchost.exe
2009-08-22 23:11:30 ----A---- C:\Windows\system32\sti_ci.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\spwizimg.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\sppnp.dll
2009-08-22 23:11:30 ----A---- C:\Windows\system32\spopk.dll
2009-08-22 23:11:29 ----A---- C:\Windows\system32\xwtpw32.dll
2009-08-22 23:11:29 ----A---- C:\Windows\system32\vga256.dll
2009-08-22 23:11:29 ----A---- C:\Windows\system32\vga.dll
2009-08-22 23:11:29 ----A---- C:\Windows\system32\upnpcont.exe
2009-08-22 23:11:29 ----A---- C:\Windows\system32\upnp.dll
2009-08-22 23:11:28 ----A---- C:\Windows\system32\VIDRESZR.DLL
2009-08-22 23:11:28 ----A---- C:\Windows\system32\vga64k.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\vfwwdm32.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\verifier.exe
2009-08-22 23:11:27 ----A---- C:\Windows\system32\verifier.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\vdsldr.exe
2009-08-22 23:11:27 ----A---- C:\Windows\system32\vdsbas.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\vds_ps.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\vdmredir.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\VAN.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\uxtheme.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\uudf.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\utildll.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\umb.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\UIHub.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\TSpkg.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\tsddd.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\trkwks.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\tracerpt.exe
2009-08-22 23:11:27 ----A---- C:\Windows\system32\TpmInit.exe
2009-08-22 23:11:27 ----A---- C:\Windows\system32\TMM.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\thumbcache.dll
2009-08-22 23:11:27 ----A---- C:\Windows\system32\termmgr.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\unregmp2.exe
2009-08-22 23:11:26 ----A---- C:\Windows\system32\unlodctr.exe
2009-08-22 23:11:26 ----A---- C:\Windows\system32\unbcl.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\unattendedjoin.exe
2009-08-22 23:11:26 ----A---- C:\Windows\system32\unattend.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\UI0Detect.exe
2009-08-22 23:11:26 ----A---- C:\Windows\system32\ufat.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\uexfat.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\ucsvc.exe
2009-08-22 23:11:26 ----A---- C:\Windows\system32\txfw32.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\txflog.dll
2009-08-22 23:11:26 ----A---- C:\Windows\system32\twext.dll
2009-08-22 22:52:24 ----A---- C:\Windows\system32\t2embed.dll
2009-08-22 22:52:24 ----A---- C:\Windows\system32\lpk.dll
2009-08-22 22:52:24 ----A---- C:\Windows\system32\fontsub.dll
2009-08-22 22:52:24 ----A---- C:\Windows\system32\dciman32.dll
2009-08-22 22:52:24 ----A---- C:\Windows\system32\atmlib.dll
2009-08-22 22:52:24 ----A---- C:\Windows\system32\atmfd.dll
2009-08-22 22:52:08 ----A---- C:\Windows\system32\atl.dll
2009-08-22 22:52:00 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-22 22:51:57 ----A---- C:\Windows\system32\mstscax.dll
2009-08-22 22:51:56 ----A---- C:\Windows\system32\tsgqec.dll
2009-08-22 22:51:56 ----A---- C:\Windows\system32\aaclient.dll
2009-08-22 22:50:20 ----A---- C:\Windows\system32\localspl.dll
2009-08-22 22:49:17 ----A---- C:\Windows\system32\avifil32.dll
2009-08-22 22:48:00 ----A---- C:\Windows\system32\wmp.dll
2009-08-22 22:47:56 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-22 22:47:55 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-22 22:47:55 ----A---- C:\Windows\system32\spwmp.dll
2009-08-22 22:47:55 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-22 22:47:22 ----A---- C:\Windows\system32\rpcrt4.dll
2009-08-22 22:32:09 ----D---- C:\Windows\CheckSur
2009-08-22 22:15:43 ----A---- C:\Windows\system32\wups2.dll
2009-08-22 22:15:43 ----A---- C:\Windows\system32\wucltux.dll
2009-08-22 22:15:43 ----A---- C:\Windows\system32\wuaueng.dll
2009-08-22 22:15:43 ----A---- C:\Windows\system32\wuauclt.exe
2009-08-22 22:14:58 ----A---- C:\Windows\system32\wudriver.dll
2009-08-22 22:14:57 ----A---- C:\Windows\system32\wups.dll
2009-08-22 22:14:57 ----A---- C:\Windows\system32\wuapi.dll
2009-08-22 22:14:40 ----A---- C:\Windows\system32\wuwebv.dll
2009-08-22 22:14:40 ----A---- C:\Windows\system32\wuapp.exe
2009-08-22 22:05:05 ----D---- C:\Program Files\RALINK
2009-08-22 22:05:04 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-22 22:04:52 ----D---- C:\Users\Main\AppData\Roaming\InstallShield
2009-08-22 21:53:36 ----D---- C:\ProgramData\ESET
2009-08-22 21:53:36 ----D---- C:\Program Files\ESET
2009-08-22 21:53:04 ----SHD---- C:\Windows\Installer
2009-08-22 21:29:34 ----D---- C:\ProgramData\NVIDIA
2009-08-22 19:42:46 ----A---- C:\Windows\system32\nvexpbar.dll
2009-08-22 19:42:46 ----A---- C:\Windows\system32\nvcplui.exe
2009-08-22 19:42:19 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-08-22 19:42:13 ----D---- C:\Program Files\Common Files\InstallShield
2009-08-22 19:41:55 ----D---- C:\NVIDIA
2009-08-22 19:37:06 ----D---- C:\Program Files\Intel
2009-08-22 19:37:06 ----A---- C:\Windows\system32\CSVer.dll
2009-08-22 19:37:01 ----D---- C:\Intel
2009-08-22 19:35:00 ----D---- C:\Users\Main\AppData\Roaming\Identities
2009-08-22 19:34:55 ----SD---- C:\Users\Main\AppData\Roaming\Microsoft
2009-08-22 19:34:55 ----D---- C:\Users\Main\AppData\Roaming\Media Center Programs
2009-08-22 17:41:27 ----D---- C:\Windows\SoftwareDistribution
2009-08-22 17:40:32 ----D---- C:\Windows\Debug
2009-08-22 17:40:32 ----D---- C:\Windows\CSC
2009-08-22 17:39:39 ----D---- C:\Windows\Prefetch
2009-08-22 17:39:32 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2009-08-28 18:43:43 ----RD---- C:\Program Files
2009-08-28 18:43:14 ----D---- C:\Windows\Temp
2009-08-28 18:06:48 ----D---- C:\Windows\System32
2009-08-28 18:06:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-28 18:06:47 ----D---- C:\Windows\inf
2009-08-23 23:24:40 ----HD---- C:\ProgramData
2009-08-23 23:22:00 ----D---- C:\Windows\system32\drivers
2009-08-23 21:41:39 ----D---- C:\Windows
2009-08-23 19:16:06 ----D---- C:\Windows\rescache
2009-08-23 18:32:04 ----D---- C:\Windows\winsxs
2009-08-23 18:31:59 ----RSD---- C:\Windows\assembly
2009-08-23 18:30:58 ----RSD---- C:\Windows\Fonts
2009-08-23 18:30:55 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-23 18:29:18 ----D---- C:\Windows\system32\WDI
2009-08-23 18:08:25 ----D---- C:\Program Files\Common Files
2009-08-23 18:08:16 ----SD---- C:\ProgramData\Microsoft
2009-08-23 18:07:17 ----D---- C:\Windows\ShellNew
2009-08-23 17:09:51 ----D---- C:\Windows\Microsoft.NET
2009-08-23 16:49:38 ----D---- C:\Windows\system32\catroot2
2009-08-23 16:49:38 ----D---- C:\Windows\system32\catroot
2009-08-23 16:46:20 ----D---- C:\Program Files\Windows Mail
2009-08-23 16:46:20 ----D---- C:\Program Files\Windows Calendar
2009-08-23 16:46:19 ----D---- C:\Program Files\Movie Maker
2009-08-23 16:46:18 ----D---- C:\Program Files\Windows Sidebar
2009-08-23 16:46:18 ----D---- C:\Program Files\Windows Media Player
2009-08-23 16:46:18 ----D---- C:\Program Files\Windows Collaboration
2009-08-23 16:46:18 ----D---- C:\Program Files\Internet Explorer
2009-08-23 16:46:17 ----D---- C:\Program Files\Windows Journal
2009-08-23 16:46:16 ----D---- C:\Program Files\Windows Photo Gallery
2009-08-23 16:46:16 ----D---- C:\Program Files\Common Files\System
2009-08-23 16:46:08 ----D---- C:\Windows\servicing
2009-08-23 16:46:08 ----D---- C:\Program Files\Windows Defender
2009-08-23 16:46:06 ----D---- C:\Windows\ehome
2009-08-23 16:46:00 ----D---- C:\Windows\system32\XPSViewer
2009-08-23 16:46:00 ----D---- C:\Windows\system32\lv-LV
2009-08-23 16:46:00 ----D---- C:\Windows\PolicyDefinitions
2009-08-23 16:46:00 ----D---- C:\Windows\IME
2009-08-23 16:45:59 ----D---- C:\Windows\system32\sk-SK
2009-08-23 16:45:59 ----D---- C:\Windows\system32\ko-KR
2009-08-23 16:45:59 ----D---- C:\Windows\system32\hr-HR
2009-08-23 16:45:59 ----D---- C:\Windows\system32\et-EE
2009-08-23 16:45:59 ----D---- C:\Windows\system32\da-DK
2009-08-23 16:45:58 ----D---- C:\Windows\system32\en-US
2009-08-23 16:45:58 ----D---- C:\Windows\system32\de-DE
2009-08-23 16:45:57 ----D---- C:\Windows\system32\oobe
2009-08-23 16:45:57 ----D---- C:\Windows\system32\migration
2009-08-23 16:45:57 ----D---- C:\Windows\system32\it-IT
2009-08-23 16:45:57 ----D---- C:\Windows\system32\el-GR
2009-08-23 16:45:55 ----D---- C:\Windows\system32\zh-TW
2009-08-23 16:45:55 ----D---- C:\Windows\system32\zh-CN
2009-08-23 16:45:55 ----D---- C:\Windows\system32\uk-UA
2009-08-23 16:45:55 ----D---- C:\Windows\system32\sv-SE
2009-08-23 16:45:55 ----D---- C:\Windows\system32\sr-Latn-CS
2009-08-23 16:45:55 ----D---- C:\Windows\system32\SLUI
2009-08-23 16:45:55 ----D---- C:\Windows\system32\sl-SI
2009-08-23 16:45:55 ----D---- C:\Windows\system32\setup
2009-08-23 16:45:55 ----D---- C:\Windows\system32\ru-RU
2009-08-23 16:45:55 ----D---- C:\Windows\system32\ro-RO
2009-08-23 16:45:55 ----D---- C:\Windows\system32\pt-PT
2009-08-23 16:45:55 ----D---- C:\Windows\system32\pl-PL
2009-08-23 16:45:55 ----D---- C:\Windows\system32\manifeststore
2009-08-23 16:45:55 ----D---- C:\Windows\system32\ja-JP
2009-08-23 16:45:55 ----D---- C:\Windows\system32\hu-HU
2009-08-23 16:45:55 ----D---- C:\Windows\system32\he-IL
2009-08-23 16:45:55 ----D---- C:\Windows\system32\fr-FR
2009-08-23 16:45:55 ----D---- C:\Windows\system32\fi-FI
2009-08-23 16:45:55 ----D---- C:\Windows\system32\es-ES
2009-08-23 16:45:55 ----D---- C:\Windows\system32\en
2009-08-23 16:45:55 ----D---- C:\Windows\system32\cs-CZ
2009-08-23 16:45:55 ----D---- C:\Windows\system32\bg-BG
2009-08-23 16:45:55 ----D---- C:\Windows\system32\AdvancedInstallers
2009-08-23 16:45:54 ----D---- C:\Windows\system32\th-TH
2009-08-23 16:45:53 ----D---- C:\Windows\system32\wbem
2009-08-23 16:45:53 ----D---- C:\Windows\system32\tr-TR
2009-08-23 16:45:52 ----D---- C:\Windows\system32\pt-BR
2009-08-23 16:45:52 ----D---- C:\Windows\system32\nl-NL
2009-08-23 16:45:52 ----D---- C:\Windows\system32\nb-NO
2009-08-23 16:45:52 ----D---- C:\Windows\system32\migwiz
2009-08-23 16:45:52 ----D---- C:\Windows\system32\lt-LT
2009-08-23 16:45:52 ----D---- C:\Windows\system32\ar-SA
2009-08-23 16:45:23 ----D---- C:\Windows\AppPatch
2009-08-23 16:45:11 ----D---- C:\Windows\system32\Boot
2009-08-23 01:37:26 ----D---- C:\Windows\system32\Tasks
2009-08-23 01:14:58 ----D---- C:\Windows\Logs
2009-08-22 23:49:40 ----ASH---- C:\Program Files\desktop.ini
2009-08-22 23:44:46 ----D---- C:\Windows\MSAgent
2009-08-22 23:44:45 ----D---- C:\Windows\L2Schemas
2009-08-22 23:44:45 ----D---- C:\Windows\DigitalLocker
2009-08-22 23:44:44 ----D---- C:\Windows\system32\com
2009-08-22 23:44:44 ----D---- C:\Windows\system32\0409
2009-08-22 23:44:41 ----D---- C:\Windows\system32\sysprep
2009-08-22 23:44:38 ----D---- C:\Windows\system32\ras
2009-08-22 23:44:38 ----D---- C:\Windows\system32\ias
2009-08-22 23:44:37 ----D---- C:\Windows\system32\icsxml
2009-08-22 23:42:49 ----D---- C:\Windows\Boot
2009-08-22 23:33:12 ----A---- C:\Windows\system32\ifxcardm.dll
2009-08-22 23:33:03 ----A---- C:\Windows\system32\axaltocm.dll
2009-08-22 19:42:45 ----D---- C:\Windows\Help
2009-08-22 19:37:07 ----D---- C:\Windows\system32\restore
2009-08-22 19:35:08 ----SHD---- C:\$Recycle.Bin
2009-08-22 19:34:55 ----RD---- C:\Users
2009-08-22 17:53:33 ----D---- C:\Windows\system32\CodeIntegrity
2009-07-29 17:49:16 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-10 351744]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-11 7623968]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr61.sys [2007-09-28 316928]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 aujasnkj;aujasnkj; \??\C:\Users\Main\AppData\Local\Temp\aujasnkj.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-18 523776]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-10 918528]

-----------------EOF-----------------
==============================================================================================================================

info.txt logfile of random's system information tool 1.06 2009-08-28 18:43:45

======Uninstall list======

7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NewsLeecher v3.8 Final-->"C:\Program Files\NewsLeecher\unins000.exe"
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe -runfromtemp -l0x0009 -removeonly
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
TreeSize Free V2.3.1-->"C:\Program Files\JAM Software\TreeSize Free\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: ESET NOD32 Antivirus 4.0
AS: ESET NOD32 Antivirus 4.0
AS: Spybot - Search and Destroy
AS: Windows Defender

======System event log======

Computer Name: Main-PC
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 211
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090822091538.000000-000
Event Type: Warning
User:

Computer Name: Main-PC
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 210
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090822091536.000000-000
Event Type: Warning
User:

Computer Name: 26L2233A1-06
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 10
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090822081036.000000-000
Event Type: Warning
User:

Computer Name: 26L2233A1-06
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 9
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090822081035.000000-000
Event Type: Warning
User:

Computer Name: 26L2233A1-06
Event Code: 263
Message: The service 'ShellHWDetection' may not have unregistered for device event notifications before it was stopped.
Record Number: 4
Source Name: PlugPlayManager
Time Written: 20090822081033.000000-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: Main-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-51856979-3987824740-1011260170-1000_Classes:
Process 868 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-51856979-3987824740-1011260170-1000_CLASSES

Record Number: 100
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090822101306.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Main-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-51856979-3987824740-1011260170-1000:
Process 868 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-51856979-3987824740-1011260170-1000

Record Number: 99
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090822101306.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Main-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-51856979-3987824740-1011260170-1000:
Process 536 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-51856979-3987824740-1011260170-1000

Record Number: 73
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090822100948.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Main-PC
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 26
Source Name: Microsoft-Windows-Search
Time Written: 20090822091537.000000-000
Event Type: Warning
User:

Computer Name: 26L2233A1-06
Event Code: 1036
Message: InitializePrintProvider failed for provider inetpp.dll. This can occur because of system instability or a lack of system resources.
Record Number: 15
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20090822081233.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: 26L2233A1-06
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: 26L2233A1-06$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x208
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090822081014.937500-000
Event Type: Audit Success
User:

Computer Name: 26L2233A1-06
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x5089a
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090822081012.937500-000
Event Type: Audit Success
User:

Computer Name: 26L2233A1-06
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090822081012.062500-000
Event Type: Audit Success
User:

Computer Name: 26L2233A1-06
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090822081012.062500-000
Event Type: Audit Success
User:

Computer Name: 26L2233A1-06
Event Code: 4647
Message: User initiated logoff:

Subject:
Security ID: S-1-5-21-51003140-4199384537-3980697693-500
Account Name: Administrator
Account Domain: 26L2233A1-06
Logon ID: 0x86377

This event is generated when a logoff is initiated but the token reference count is not zero and the logon session cannot be destroyed. No further user-initiated activity can occur. This event can be interpreted as a logoff event.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102130817.732800-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4

-----------------EOF-----------------

#7 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:07 PM

Posted 28 August 2009 - 05:24 AM

Hi pshnfry,



I've done a restore from a system image backup

It seemed that you had right started from the scratch. What made you do so? malware problem? or any particular reason? Please specify that info in your next reply. The Rist log is not complete. We need to run OTL instead.


Step1

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Step2

Please perform an online scan with Firefox or Internet Explorer at Kaspersky Online Scanner.
  • Please go to Kaspersky Online Scanner and perform an online antivirus scan.
  • Click Accept button on the "Requirements and limitations".
  • When Java warning " The applcation digital signature has been verified. Do you want to run the application " appears, Click on "Run" button.
  • It will be Downloading and installing the program and Updating the database.
  • When Updating the database have finished, click on Settings.
  • Make sure all boxes are checked. then click on the Save button.
  • Click on My Computer under Scan menu. It will start scanning, so be patient and let it run.
  • Once the scan is completed, Click on View Scan Report.
  • You may see a list of infected items over there. Click on Save Report As.
  • Click "Desktop" , Name the file as "KAS", Change the Files of type to Text file (.txt) and Click on Save button.
  • Please post the contents in your next reply.
  • You can refer to this animation
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.


Please post back the logs in your next reply.


1.KAS Scan Report
2.OTL OTL.txt and Extra.txt

Please detail the problems you're experiencing. Thanks

#8 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 August 2009 - 09:24 AM

Well I waited > 9 days - pc was unusable 2 hours after the post above. Unplugged the hard drives and loaded Vista back onto a spare drive as a temporary measure so I could preserve what I had in relation to the post above.

Can't continue like that for long, recovery strategies going into place now.

This can be closed, if whatever it is survives on one of my data drives or in one of my other backups I'll research it elsewhere.


PC was unusable 2 hours after the original post. Would pause with no cpu activity for maybe a minute, give me 5 seconds of access, then pause again. Spare drive was then used to put a fresh install of vista on but after a significant wait for a reply here without full use of needed programs I wiped the original hard drive, wrote zeros to it using WD tools and did a full format reload.

Then:
See post 4.

So my main pc is still sitting "offline" working towards resolution. As posted in post 4, I plugged back in a drive from the original install which is used to store music, system images and as a video conversion scratch space. 1st thing I did on restarting after plugging in the drive was to attempt a full scan using Nod32, pc again froze. Drive has now been unplugged again and system is responding mostly as I would expect and is able to run the scans you are requesting.

Error returned on attempting to include all logs in this post - too long. I will split into three posts as I see no way to attach files.

=======================================================================================

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, August 28, 2009
Operating system: Microsoft Windows Vista Ultimate Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, August 28, 2009 02:44:08
Records in database: 2694237
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 87644
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 00:53:28

No threats found. Scanned area is clean.

Selected area has been scanned.

=============================================================================================================

#9 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 August 2009 - 09:30 AM

OTL logfile created on: 28/08/2009 8:18:18 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Main\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 91.82% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 419.01 Gb Free Space | 89.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAIN-PC
Current User Name: Main
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/05/14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/04/10 23:27:38 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/01/18 23:38:40 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2009/05/14 15:47:08 | 02,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007/10/17 15:02:50 | 01,040,384 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2009/04/10 23:28:16 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/08/28 20:12:32 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe
PRC - [2009/04/10 23:28:16 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIADAP.EXE

========== Win32 Services (SafeList) ==========

SRV - [2009/03/29 21:42:16 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/01/18 23:33:10 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 22:04:14 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 22:04:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/05/14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2009/05/14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2009/04/10 23:28:26 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/02/18 11:39:22 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/18 11:38:44 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/02/18 11:38:44 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running])
SRV - [2008/01/18 23:38:26 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/18 23:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2006/11/02 19:21:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 19:21:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 19:20:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 19:21:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 19:20:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2007/02/22 05:20:41 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/02 19:20:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 19:20:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2006/11/02 17:54:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 17:54:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 17:55:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 17:54:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 17:54:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 17:54:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2007/02/22 05:20:41 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 17:00:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2009/05/14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2009/05/14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV - [2006/11/02 19:21:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/05/14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running])
DRV - [1996/04/04 05:03:26 | 00,005,248 | ---- | M] () -- C:\Windows\system32\giveio.sys -- (giveio [Boot | Running])
DRV - [2006/11/02 19:20:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 19:21:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 19:20:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/11/02 19:20:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 19:20:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 19:20:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 19:20:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 19:20:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 19:19:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 19:19:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/02 19:20:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2006/11/02 17:06:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2007/09/11 22:28:00 | 07,623,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2007/01/06 15:29:34 | 00,086,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2007/01/06 15:29:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2006/11/02 19:21:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 19:20:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2007/09/28 21:37:30 | 00,316,928 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\System32\DRIVERS\netr61.sys -- (rt61x86 [On_Demand | Running])
DRV - [2006/11/02 16:07:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2006/11/02 19:20:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 19:20:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/09/24 22:58:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\Windows\system32\speedfan.sys -- (speedfan [Boot | Running])
DRV - [2006/11/02 19:20:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 19:19:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 19:20:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2006/11/02 19:21:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 19:20:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 19:20:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2007/02/22 05:20:41 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 19:20:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/11/02 17:00:56 | 00,194,048 | ---- | M] (Marvell) -- C:\Windows\System32\DRIVERS\yk60x86.sys -- (yukonwlh [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157






IE - HKU\S-1-5-21-51856979-3987824740-1011260170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-51856979-3987824740-1011260170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-51856979-3987824740-1011260170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-51856979-3987824740-1011260170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-51856979-3987824740-1011260170-1000\S-1-5-21-51856979-3987824740-1011260170-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.adam.com.au/|http://www.banksa.com.au/|http://www.overclockers.com.au/|http://www.staticice.com.au/|http://www.three.com.au/|http://www.ebay.com.au/"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/23 16:55:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/22 23:57:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/23 18:08:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009/08/22 23:57:12 | 00,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\mozilla\Extensions
[2009/08/22 23:57:12 | 00,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/23 17:00:30 | 00,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\mozilla\Firefox\Profiles\eoqg5il2.default\extensions
[2009/08/22 23:56:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/22 23:56:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/31 09:09:43 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/31 09:09:43 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/31 09:09:43 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/07/31 07:54:36 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/07/31 09:09:40 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/31 07:54:36 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/07/31 09:09:40 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/31 07:54:36 | 00,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/07/31 09:09:40 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/31 09:09:40 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/31 07:54:36 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (324264 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11101 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-51856979-3987824740-1011260170-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-51856979-3987824740-1011260170-1000\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 07:13:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/28 20:17:21 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe
[2009/08/28 19:14:34 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/08/28 19:14:30 | 34,033,0855 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/08/28 18:43:43 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009/08/28 18:03:13 | 00,781,909 | ---- | C] () -- C:\Users\Main\Desktop\RSIT.exe
[2009/08/28 18:02:57 | 00,000,000 | ---D | C] -- C:\Users\Main\Desktop\gmer
[2009/08/24 00:31:48 | 01,982,328 | -H-- | C] () -- C:\Users\Main\AppData\Local\IconCache.db
[2009/08/23 23:24:40 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009/08/23 23:22:03 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Malwarebytes
[2009/08/23 23:22:02 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/23 23:22:00 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/23 23:21:59 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/23 23:21:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/23 23:21:58 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/23 23:20:54 | 00,000,812 | ---- | C] () -- C:\Users\Main\Desktop\SpywareBlaster.lnk
[2009/08/23 23:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/08/23 23:17:22 | 00,001,055 | ---- | C] () -- C:\Users\Main\Desktop\Spybot - Search & Destroy.lnk
[2009/08/23 23:17:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/08/23 23:17:17 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/08/23 21:51:23 | 32,193,16736 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/23 21:33:13 | 00,005,120 | ---- | C] () -- C:\Users\Main\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/23 18:09:04 | 00,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2009/08/23 18:08:37 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/08/23 18:08:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/08/23 18:08:16 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009/08/23 18:08:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/08/23 18:06:44 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Microsoft Help
[2009/08/23 18:06:42 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2009/08/23 18:06:42 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/08/23 18:06:22 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/08/23 17:50:14 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\NewsLeecher
[2009/08/23 17:50:12 | 00,000,782 | ---- | C] () -- C:\Users\Main\Desktop\NewsLeecher.lnk
[2009/08/23 17:50:11 | 00,000,000 | ---D | C] -- C:\Program Files\NewsLeecher
[2009/08/23 17:40:19 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2009/08/23 17:40:00 | 00,000,804 | ---- | C] () -- C:\Users\Main\Desktop\QuickPar.lnk
[2009/08/23 17:39:59 | 00,000,000 | ---D | C] -- C:\Program Files\QuickPar
[2009/08/23 17:38:06 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Macromedia
[2009/08/23 17:38:06 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Adobe
[2009/08/23 17:38:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2009/08/23 16:45:18 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/08/23 16:45:18 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/08/23 16:45:12 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/08/23 16:42:27 | 00,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2009/08/23 16:34:50 | 00,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2009/08/23 16:34:45 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2009/08/23 16:34:10 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2009/08/23 16:34:10 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2009/08/23 16:34:10 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2009/08/23 16:34:10 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/08/23 16:34:10 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2009/08/23 16:34:10 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2009/08/23 16:34:10 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2009/08/23 16:34:10 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2009/08/23 16:34:09 | 01,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2009/08/23 16:34:09 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2009/08/23 16:34:09 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2009/08/23 16:34:09 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
[2009/08/23 16:34:09 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2009/08/23 16:34:09 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2009/08/23 16:34:09 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2009/08/23 16:34:09 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2009/08/23 16:34:08 | 00,550,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/08/23 16:34:08 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2009/08/23 16:34:08 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2009/08/23 16:34:08 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2009/08/23 16:34:08 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2009/08/23 16:34:08 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2009/08/23 16:34:07 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2009/08/23 16:34:07 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2009/08/23 16:34:06 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2009/08/23 16:34:06 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2009/08/23 16:34:06 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll
[2009/08/23 16:34:06 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll
[2009/08/23 16:34:05 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll
[2009/08/23 16:34:05 | 00,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2009/08/23 16:34:05 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2009/08/23 16:34:05 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2009/08/23 16:34:05 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2009/08/23 16:34:05 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2009/08/23 16:34:04 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2009/08/23 16:34:04 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2009/08/23 16:34:04 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2009/08/23 16:34:04 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2009/08/23 16:34:04 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll
[2009/08/23 16:34:04 | 00,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2009/08/23 16:34:04 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2009/08/23 16:34:04 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2009/08/23 16:34:04 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\photowiz.dll
[2009/08/23 16:34:04 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2009/08/23 16:34:04 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009/08/23 16:34:04 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2009/08/23 16:34:04 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2009/08/23 16:34:04 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/08/23 16:34:04 | 00,149,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pci.sys
[2009/08/23 16:34:04 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2009/08/23 16:34:04 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/08/23 16:34:04 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[2009/08/23 16:34:04 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2009/08/23 16:34:04 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2009/08/23 16:34:04 | 00,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys
[2009/08/23 16:34:04 | 00,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2009/08/23 16:34:04 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2009/08/23 16:34:04 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2009/08/23 16:34:04 | 00,014,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciide.sys
[2009/08/23 16:34:03 | 03,601,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/08/23 16:34:03 | 01,202,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
[2009/08/23 16:34:03 | 01,083,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys
[2009/08/23 16:34:03 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2009/08/23 16:34:03 | 00,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pmcsnap.dll
[2009/08/23 16:34:03 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009/08/23 16:34:03 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2009/08/23 16:34:03 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2009/08/23 16:34:03 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2009/08/23 16:34:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys
[2009/08/23 16:34:02 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2009/08/23 16:34:02 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2009/08/23 16:34:02 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2009/08/23 16:34:02 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2009/08/23 16:34:02 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
[2009/08/23 16:34:02 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2009/08/23 16:34:02 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2009/08/23 16:34:02 | 00,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2009/08/23 16:34:02 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2009/08/23 16:34:02 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2009/08/23 16:34:02 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2009/08/23 16:34:02 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2009/08/23 16:34:02 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2009/08/23 16:34:02 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
[2009/08/23 16:34:02 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2009/08/23 16:34:01 | 03,549,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/08/23 16:34:01 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2009/08/23 16:34:01 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2009/08/23 16:34:01 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2009/08/23 16:34:01 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2009/08/23 16:34:01 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[2009/08/23 16:34:01 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
[2009/08/23 16:34:01 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2009/08/23 16:34:01 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2009/08/23 16:34:00 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2009/08/23 16:34:00 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2009/08/23 16:34:00 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2009/08/23 16:34:00 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll
[2009/08/23 16:34:00 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2009/08/23 16:34:00 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2009/08/23 16:34:00 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2009/08/23 16:34:00 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2009/08/23 16:34:00 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2009/08/23 16:34:00 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2009/08/23 16:34:00 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmans.dll
[2009/08/23 16:34:00 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2009/08/23 16:34:00 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpdr.sys
[2009/08/23 16:34:00 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/08/23 16:34:00 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdbss.sys
[2009/08/23 16:34:00 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2009/08/23 16:34:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2009/08/23 16:34:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2009/08/23 16:34:00 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll
[2009/08/23 16:34:00 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2009/08/23 16:34:00 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2009/08/23 16:34:00 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys
[2009/08/23 16:34:00 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2009/08/23 16:34:00 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2009/08/23 16:34:00 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2009/08/23 16:34:00 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys
[2009/08/23 16:34:00 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2009/08/23 16:34:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2009/08/23 16:34:00 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2009/08/23 16:34:00 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2009/08/23 16:34:00 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2009/08/23 16:33:59 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printui.dll
[2009/08/23 16:33:59 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/08/23 16:33:59 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/08/23 16:33:59 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2009/08/23 16:33:59 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/08/23 16:33:59 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys
[2009/08/23 16:33:59 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2009/08/23 16:33:59 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2009/08/23 16:33:59 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/08/23 16:33:59 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2009/08/23 16:33:59 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2009/08/23 16:33:59 | 00,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/08/23 16:33:59 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/08/23 16:33:59 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/08/23 16:33:58 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[2009/08/23 16:33:58 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
[2009/08/23 16:33:58 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2009/08/23 16:33:58 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENTRT.DLL
[2009/08/23 16:33:58 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/08/23 16:33:58 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/08/23 16:33:58 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2009/08/23 16:33:58 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profsvc.dll
[2009/08/23 16:33:58 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2009/08/23 16:33:58 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll
[2009/08/23 16:33:58 | 00,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2009/08/23 16:33:58 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2009/08/23 16:33:57 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
[2009/08/23 16:33:57 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
[2009/08/23 16:33:57 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2009/08/23 16:33:57 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
[2009/08/23 16:33:57 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\services.exe
[2009/08/23 16:33:57 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2009/08/23 16:33:56 | 00,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[2009/08/23 16:33:56 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2009/08/23 16:33:56 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2009/08/23 16:33:56 | 00,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2009/08/23 16:33:56 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2009/08/23 16:33:56 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2009/08/23 16:33:56 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2009/08/23 16:33:56 | 00,141,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys
[2009/08/23 16:33:56 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2009/08/23 16:33:56 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys
[2009/08/23 16:33:56 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2009/08/23 16:33:56 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2009/08/23 16:33:56 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2009/08/23 16:33:56 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2009/08/23 16:33:56 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2009/08/23 16:33:56 | 00,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2009/08/23 16:33:56 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2009/08/23 16:33:55 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/08/23 16:33:55 | 02,092,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe
[2009/08/23 16:33:55 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2009/08/23 16:33:55 | 01,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2009/08/23 16:33:55 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[2009/08/23 16:33:55 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/08/23 16:33:55 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2009/08/23 16:33:55 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[2009/08/23 16:33:55 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2009/08/23 16:33:55 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2009/08/23 16:33:55 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2009/08/23 16:33:55 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/23 16:33:55 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2009/08/23 16:33:55 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/08/23 16:33:55 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys
[2009/08/23 16:33:55 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2009/08/23 16:33:55 | 00,053,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\disk.sys
[2009/08/23 16:33:55 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2009/08/23 16:33:55 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2009/08/23 16:33:55 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2009/08/23 16:33:54 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2009/08/23 16:33:54 | 00,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2009/08/23 16:33:54 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2009/08/23 16:33:54 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2009/08/23 16:33:54 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2009/08/23 16:33:54 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
[2009/08/23 16:33:54 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2009/08/23 16:33:54 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll
[2009/08/23 16:33:54 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
[2009/08/23 16:33:54 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2009/08/23 16:33:54 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2009/08/23 16:33:54 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2009/08/23 16:33:54 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2009/08/23 16:33:53 | 00,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll
[2009/08/23 16:33:53 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys
[2009/08/23 16:33:53 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2009/08/23 16:33:53 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2009/08/23 16:33:53 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2009/08/23 16:33:53 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys
[2009/08/23 16:33:53 | 00,190,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fltMgr.sys
[2009/08/23 16:33:53 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2009/08/23 16:33:53 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll
[2009/08/23 16:33:53 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2009/08/23 16:33:53 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll
[2009/08/23 16:33:53 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2009/08/23 16:33:53 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2009/08/23 16:33:53 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2009/08/23 16:33:53 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/08/23 16:33:53 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/08/23 16:33:53 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2009/08/23 16:33:53 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2009/08/23 16:33:53 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprnext.dll
[2009/08/23 16:33:53 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpscript.dll
[2009/08/23 16:33:53 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll
[2009/08/23 16:33:53 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpscript.exe
[2009/08/23 16:33:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2009/08/23 16:33:53 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys
[2009/08/23 16:33:52 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2009/08/23 16:33:52 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys
[2009/08/23 16:33:52 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2009/08/23 16:33:52 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2009/08/23 16:33:52 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2009/08/23 16:33:52 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2009/08/23 16:33:52 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2009/08/23 16:33:51 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2009/08/23 16:33:51 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2009/08/23 16:33:51 | 01,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2009/08/23 16:33:51 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2009/08/23 16:33:51 | 00,780,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveui.dll
[2009/08/23 16:33:51 | 00,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2009/08/23 16:33:51 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autochk.exe
[2009/08/23 16:33:51 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2009/08/23 16:33:51 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2009/08/23 16:33:51 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll
[2009/08/23 16:33:51 | 00,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
[2009/08/23 16:33:51 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2009/08/23 16:33:51 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2009/08/23 16:33:51 | 00,143,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fvevol.sys
[2009/08/23 16:33:51 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2009/08/23 16:33:51 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2009/08/23 16:33:51 | 00,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2009/08/23 16:33:51 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2009/08/23 16:33:51 | 00,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2009/08/23 16:33:51 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2009/08/23 16:33:51 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2009/08/23 16:33:51 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
[2009/08/23 16:33:51 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2009/08/23 16:33:51 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2009/08/23 16:33:51 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2009/08/23 16:33:51 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2009/08/23 16:33:51 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2009/08/23 16:33:51 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2009/08/23 16:33:51 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2009/08/23 16:33:50 | 01,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2009/08/23 16:33:50 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll
[2009/08/23 16:33:50 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2009/08/23 16:33:50 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2009/08/23 16:33:50 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2009/08/23 16:33:50 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2009/08/23 16:33:50 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2009/08/23 16:33:50 | 00,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsiw.dll
[2009/08/23 16:33:50 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2009/08/23 16:33:50 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2009/08/23 16:33:50 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bridge.sys
[2009/08/23 16:33:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2009/08/23 16:33:50 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2009/08/23 16:33:50 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\atapi.sys
[2009/08/23 16:33:49 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2009/08/23 16:33:49 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2009/08/23 16:33:49 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl
[2009/08/23 16:33:49 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BFE.DLL
[2009/08/23 16:33:49 | 00,265,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\acpi.sys
[2009/08/23 16:33:49 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
[2009/08/23 16:33:49 | 00,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgmts.dll
[2009/08/23 16:33:49 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/08/23 16:33:48 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2009/08/23 16:33:48 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2009/08/23 16:33:48 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
[2009/08/23 16:33:48 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
[2009/08/23 16:33:48 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2009/08/23 16:33:48 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2009/08/23 16:33:48 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2009/08/23 16:33:48 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys
[2009/08/23 16:33:48 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2009/08/23 16:33:48 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2009/08/23 16:33:48 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2009/08/23 16:33:48 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2009/08/23 16:33:48 | 00,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2009/08/23 16:33:47 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2009/08/23 16:33:47 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2009/08/23 16:33:47 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2009/08/23 16:33:47 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
[2009/08/23 16:33:47 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2009/08/23 16:33:47 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2009/08/23 16:33:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2009/08/23 16:33:47 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2009/08/23 16:33:47 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2009/08/23 16:33:47 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2009/08/23 16:33:47 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2009/08/23 16:33:47 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2009/08/23 16:33:47 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
[2009/08/23 16:33:46 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2009/08/23 16:33:46 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2009/08/23 16:33:46 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
[2009/08/23 16:33:46 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2009/08/23 16:33:46 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll
[2009/08/23 16:33:46 | 00,491,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscsvc.dll
[2009/08/23 16:33:46 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\csc.sys
[2009/08/23 16:33:46 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2009/08/23 16:33:46 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2009/08/23 16:33:46 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2009/08/23 16:33:46 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll
[2009/08/23 16:33:46 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys
[2009/08/23 16:33:46 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2009/08/23 16:33:46 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/08/23 16:33:45 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2009/08/23 16:33:45 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2009/08/23 16:33:45 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2009/08/23 16:33:45 | 00,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2009/08/23 16:33:45 | 00,245,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2009/08/23 16:33:45 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2009/08/23 16:33:45 | 00,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2009/08/23 16:33:45 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2009/08/23 16:33:45 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2009/08/23 16:33:45 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2009/08/23 16:33:45 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthserv.dll
[2009/08/23 16:33:45 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll
[2009/08/23 16:33:45 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2009/08/23 16:33:45 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2009/08/23 16:33:44 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2009/08/23 16:33:44 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2009/08/23 16:33:44 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2009/08/23 16:33:44 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2009/08/23 16:33:44 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2009/08/23 16:33:44 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2009/08/23 16:33:44 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2009/08/23 16:33:44 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2009/08/23 16:33:44 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe
[2009/08/23 16:33:44 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2009/08/23 16:33:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2009/08/23 16:33:44 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2009/08/23 16:33:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2009/08/23 16:33:43 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmsys.cpl
[2009/08/23 16:33:43 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
[2009/08/23 16:33:43 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/08/23 16:33:43 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll
[2009/08/23 16:33:43 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2009/08/23 16:33:43 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2009/08/23 16:33:43 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/08/23 16:33:43 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2009/08/23 16:33:43 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2009/08/23 16:33:43 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2009/08/23 16:33:43 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2009/08/23 16:33:43 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
[2009/08/23 16:33:43 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2009/08/23 16:33:43 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2009/08/23 16:33:42 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2009/08/23 16:33:42 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/08/23 16:33:42 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2009/08/23 16:33:42 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2009/08/23 16:33:42 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/08/23 16:33:42 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxdav.sys
[2009/08/23 16:33:42 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2009/08/23 16:33:42 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/08/23 16:33:42 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2009/08/23 16:33:42 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
[2009/08/23 16:33:41 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2009/08/23 16:33:41 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
[2009/08/23 16:33:41 | 01,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2009/08/23 16:33:41 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2009/08/23 16:33:41 | 00,527,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndis.sys
[2009/08/23 16:33:41 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
[2009/08/23 16:33:41 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2009/08/23 16:33:41 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2009/08/23 16:33:41 | 00,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2009/08/23 16:33:41 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2009/08/23 16:33:41 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys
[2009/08/23 16:33:41 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll
[2009/08/23 16:33:41 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys
[2009/08/23 16:33:41 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/08/23 16:33:41 | 00,048,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mup.sys
[2009/08/23 16:33:40 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
[2009/08/23 16:33:40 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
[2009/08/23 16:33:40 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2009/08/23 16:33:40 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2009/08/23 16:33:39 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2009/08/23 16:33:39 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2009/08/23 16:33:39 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2009/08/23 16:33:39 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2009/08/23 16:33:39 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2009/08/23 16:33:39 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2009/08/23 16:33:39 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2009/08/23 16:33:39 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2009/08/23 16:33:39 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2009/08/23 16:33:39 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2009/08/23 16:33:39 | 00,161,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys
[2009/08/23 16:33:39 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/08/23 16:33:39 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2009/08/23 16:33:39 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2009/08/23 16:33:39 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2009/08/23 16:33:39 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2009/08/23 16:33:39 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2009/08/23 16:33:38 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2009/08/23 16:33:38 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2009/08/23 16:33:38 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
[2009/08/23 16:33:38 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2009/08/23 16:33:38 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2009/08/23 16:33:38 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2009/08/23 16:33:38 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2009/08/23 16:33:38 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2009/08/23 16:33:38 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
[2009/08/23 16:33:38 | 00,180,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys
[2009/08/23 16:33:38 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2009/08/23 16:33:38 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2009/08/23 16:33:38 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2009/08/23 16:33:38 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2009/08/23 16:33:37 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVidCtl.dll
[2009/08/23 16:33:37 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2009/08/23 16:33:37 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2009/08/23 16:33:37 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2009/08/23 16:33:37 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2009/08/23 16:33:37 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2009/08/23 16:33:37 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2009/08/23 16:33:37 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2009/08/23 16:33:37 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2009/08/23 16:33:37 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2009/08/23 16:33:37 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2009/08/23 16:33:37 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2009/08/23 16:33:37 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2009/08/23 16:33:37 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2009/08/23 16:33:36 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
[2009/08/23 16:33:36 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2009/08/23 16:33:36 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2009/08/23 16:33:36 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2009/08/23 16:33:36 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/08/23 16:33:36 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/08/23 16:33:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2009/08/23 16:33:35 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2009/08/23 16:33:35 | 00,364,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL
[2009/08/23 16:33:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
[2009/08/23 16:33:35 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2009/08/23 16:33:34 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2009/08/23 16:33:34 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2009/08/23 16:33:34 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iphlpsvc.dll
[2009/08/23 16:33:34 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2009/08/23 16:33:34 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2009/08/23 16:33:33 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/08/23 16:33:33 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2009/08/23 16:33:33 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2009/08/23 16:33:33 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2009/08/23 16:33:33 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/08/23 16:33:33 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2009/08/23 16:33:33 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2009/08/23 16:33:33 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2009/08/23 16:33:33 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/08/23 16:33:32 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2009/08/23 16:33:32 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2009/08/23 16:33:32 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2009/08/23 16:33:32 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IKEEXT.DLL
[2009/08/23 16:33:32 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2009/08/23 16:33:32 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2009/08/23 16:33:31 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009/08/23 16:33:31 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2009/08/23 16:33:31 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2009/08/23 16:33:31 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2009/08/23 16:33:31 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2009/08/23 16:33:31 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2009/08/23 16:33:31 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2009/08/23 16:33:30 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2009/08/23 16:33:30 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2009/08/23 16:33:30 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2009/08/23 16:33:30 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2009/08/23 16:33:30 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2009/08/23 16:33:30 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
[2009/08/23 16:33:30 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2009/08/23 16:33:29 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2009/08/23 16:33:29 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2009/08/23 16:33:29 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2009/08/23 16:33:28 | 00,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2009/08/23 16:33:28 | 00,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/08/23 16:33:28 | 00,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2009/08/23 16:33:28 | 00,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2009/08/23 16:33:28 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2009/08/23 16:33:28 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2009/08/23 16:33:28 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2009/08/23 16:33:28 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2009/08/23 16:33:28 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2009/08/23 16:33:28 | 00,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2009/08/23 16:33:28 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys
[2009/08/23 16:33:28 | 00,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2009/08/23 16:33:27 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2009/08/23 16:33:27 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2009/08/23 16:33:27 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll
[2009/08/23 16:33:27 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2009/08/23 16:33:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2009/08/23 16:33:26 | 01,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2009/08/23 16:33:26 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2009/08/23 16:33:26 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2009/08/23 16:33:26 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2009/08/23 16:33:25 | 01,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll
[2009/08/23 16:33:25 | 00,891,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsUltimateExtrasCPL.dll
[2009/08/23 16:33:25 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009/08/23 16:33:25 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/08/23 16:33:25 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/08/23 16:33:25 | 00,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2009/08/23 16:33:25 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
[2009/08/23 16:33:25 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2009/08/23 16:33:24 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2009/08/23 16:33:24 | 00,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2009/08/23 16:33:24 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2009/08/23 16:33:24 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2009/08/23 16:33:24 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll
[2009/08/23 16:33:24 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2009/08/23 16:33:24 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds.exe
[2009/08/23 16:33:24 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2009/08/23 16:33:24 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2009/08/23 16:33:24 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2009/08/23 16:33:24 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll
[2009/08/23 16:33:24 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2009/08/23 16:33:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll
[2009/08/23 16:33:24 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2009/08/23 16:33:23 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2009/08/23 16:33:23 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2009/08/23 16:33:23 | 00,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
[2009/08/23 16:33:23 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2009/08/23 16:33:23 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
[2009/08/23 16:33:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/08/23 16:33:23 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll
[2009/08/23 16:33:22 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2009/08/23 16:33:22 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2009/08/23 16:33:22 | 00,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbengine.exe
[2009/08/23 16:33:22 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
[2009/08/23 16:33:22 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll
[2009/08/23 16:33:22 | 00,292,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys
[2009/08/23 16:33:22 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2009/08/23 16:33:22 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2009/08/23 16:33:21 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
[2009/08/23 16:33:21 | 01,055,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe
[2009/08/23 16:33:21 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/08/23 16:33:21 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2009/08/23 16:33:21 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32time.dll
[2009/08/23 16:33:21 | 00,226,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volsnap.sys
[2009/08/23 16:33:21 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2009/08/23 16:33:21 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2009/08/23 16:33:21 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe
[2009/08/23 16:33:21 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2009/08/23 16:33:21 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2009/08/23 16:33:21 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2009/08/23 16:33:20 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009/08/23 16:33:20 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2009/08/23 16:33:20 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2009/08/23 16:33:20 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2009/08/23 16:33:20 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2009/08/23 16:33:20 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2009/08/23 16:33:20 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2009/08/23 16:33:20 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2009/08/23 16:33:20 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2009/08/23 16:33:20 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll
[2009/08/23 16:33:20 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll
[2009/08/23 16:33:19 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll
[2009/08/23 16:33:19 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2009/08/23 16:33:19 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll
[2009/08/23 16:33:19 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2009/08/23 16:33:19 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll
[2009/08/23 16:33:19 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2009/08/23 16:33:18 | 02,499,629 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2009/08/23 16:33:18 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2009/08/23 16:33:18 | 00,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2009/08/23 16:33:18 | 00,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/08/23 16:33:18 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2009/08/23 16:33:18 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/08/23 16:33:18 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
[2009/08/23 16:33:18 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2009/08/23 16:33:18 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2009/08/23 16:33:18 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2009/08/23 16:33:18 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2009/08/23 16:33:18 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2009/08/23 16:33:18 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
[2009/08/23 16:33:17 | 03,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2009/08/23 16:33:17 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2009/08/23 16:33:17 | 00,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2009/08/23 16:33:17 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2009/08/23 16:33:17 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
[2009/08/23 16:33:17 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
[2009/08/23 16:33:17 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
[2009/08/23 16:33:17 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2009/08/23 16:33:16 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2009/08/23 16:33:16 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2009/08/23 16:33:16 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/08/23 16:33:16 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2009/08/23 16:33:15 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2009/08/23 16:33:15 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
[2009/08/23 16:33:15 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2009/08/23 16:33:15 | 00,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2009/08/23 16:33:15 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2009/08/23 16:33:15 | 00,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2009/08/23 16:33:14 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2009/08/23 16:33:14 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2009/08/23 16:33:14 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2009/08/23 16:33:14 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009/08/23 16:33:14 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll
[2009/08/23 16:33:14 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/23 16:33:13 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2009/08/23 16:33:13 | 00,558,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll
[2009/08/23 16:33:13 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2009/08/23 16:33:13 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swprv.dll
[2009/08/23 16:33:13 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2009/08/23 16:33:13 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2009/08/23 16:33:13 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2009/08/23 16:33:13 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2009/08/23 16:33:13 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll


[2009/08/23 16:33:12 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2009/08/23 16:33:12 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2009/08/23 16:33:12 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2009/08/23 16:33:12 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll
[2009/08/23 16:33:12 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2009/08/23 16:33:12 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys
[2009/08/23 16:33:12 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
[2009/08/23 16:33:11 | 03,408,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2009/08/23 16:33:11 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2009/08/23 16:33:11 | 00,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2009/08/23 16:33:11 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2009/08/23 16:33:11 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2009/08/23 16:33:11 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2009/08/23 16:33:11 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2009/08/23 16:33:11 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2009/08/23 16:33:11 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2009/08/23 16:33:11 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2009/08/23 16:33:11 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2009/08/23 16:33:11 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
[2009/08/23 16:33:11 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
[2009/08/23 16:33:11 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2009/08/23 16:33:11 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2009/08/23 16:33:11 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll
[2009/08/23 16:33:11 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2009/08/23 16:33:11 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2009/08/23 16:33:11 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2009/08/23 16:33:11 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2009/08/23 16:33:11 | 00,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2009/08/23 16:33:10 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll
[2009/08/23 16:33:10 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2009/08/23 16:33:10 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2009/08/23 16:33:10 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys
[2009/08/23 16:33:10 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2009/08/23 16:33:10 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2009/08/23 16:33:10 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2009/08/23 16:33:10 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2009/08/23 16:33:10 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2009/08/23 16:33:10 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2009/08/23 16:33:10 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2009/08/23 16:33:10 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2009/08/23 16:33:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2009/08/23 16:33:09 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2009/08/23 16:33:09 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2009/08/23 16:33:09 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umpnpmgr.dll
[2009/08/23 16:33:09 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umrdp.dll
[2009/08/23 16:33:09 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2009/08/23 16:33:09 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys
[2009/08/23 16:33:09 | 00,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2009/08/23 16:33:09 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2009/08/23 16:33:09 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys
[2009/08/23 16:33:09 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2009/08/23 16:33:06 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2009/08/23 16:33:06 | 00,897,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009/08/23 16:33:06 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/08/23 16:33:06 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2009/08/23 16:33:06 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2009/08/23 16:33:06 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2009/08/23 16:33:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsbyuv.dll
[2009/08/23 16:33:03 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll
[2009/08/23 16:33:03 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2009/08/23 16:33:03 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2009/08/23 16:33:03 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009/08/23 16:33:02 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2009/08/23 16:33:02 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll
[2009/08/23 16:33:02 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termsrv.dll
[2009/08/23 16:33:02 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2009/08/23 16:33:02 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2009/08/23 16:33:02 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2009/08/23 16:33:02 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys
[2009/08/23 16:33:02 | 00,053,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\termdd.sys
[2009/08/23 16:31:58 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/08/23 11:38:41 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/08/23 11:38:29 | 00,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2009/08/23 11:38:28 | 00,333,257 | RHS- | C] () -- C:\bootmgr
[2009/08/23 11:38:27 | 00,000,000 | -HSD | C] -- C:\Boot
[2009/08/23 11:38:08 | 00,000,032 | RH-- | C] () -- C:\Windows\DELL_VERSION
[2009/08/23 11:38:08 | 00,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2009/08/23 01:52:36 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Auslogics
[2009/08/23 01:44:58 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/23 01:44:57 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2009/08/23 01:43:09 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/08/23 01:43:08 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/08/23 01:43:08 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/08/23 01:43:08 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/08/23 01:43:08 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/08/23 01:43:08 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/08/23 01:43:08 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/08/23 01:43:08 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/08/23 01:43:08 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/08/23 01:43:08 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/08/23 01:43:08 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/08/23 01:43:07 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/08/23 01:43:07 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/08/23 01:43:07 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/08/23 01:43:07 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/08/23 01:43:07 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/08/23 01:43:07 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/08/23 01:43:07 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/08/23 01:43:07 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/08/23 01:43:06 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/08/23 01:43:06 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/08/23 01:42:25 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/08/23 01:42:24 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/08/23 01:42:24 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/08/23 01:42:24 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/08/23 01:42:24 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/08/23 01:42:24 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/08/23 01:42:24 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/08/23 01:42:24 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/08/23 01:42:24 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/08/23 01:42:24 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/08/23 01:42:23 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/08/23 01:42:23 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/08/23 01:42:23 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/08/23 01:42:23 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/08/23 01:42:23 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/08/23 01:42:23 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/08/23 01:42:23 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/08/23 01:42:23 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/08/23 01:42:23 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/08/23 01:42:22 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/08/23 01:42:22 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/08/23 01:42:22 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/08/23 01:42:22 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/08/23 01:42:22 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/08/23 01:42:22 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/08/23 01:42:22 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/08/23 01:42:21 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/08/23 01:42:21 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/08/23 01:42:21 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/08/23 01:42:21 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/08/23 01:42:21 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/08/23 01:42:21 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/08/23 01:42:21 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/08/23 01:42:21 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/08/23 01:35:09 | 04,152,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wgaer_m.exe
[2009/08/23 01:35:09 | 00,001,303 | ---- | C] () -- C:\Windows\System32\WGAScanner.xml
[2009/08/23 00:18:50 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/08/23 00:17:53 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2009/08/23 00:12:47 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/08/23 00:12:47 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/08/23 00:12:46 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/08/23 00:12:46 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/08/23 00:12:46 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dll
[2009/08/23 00:12:45 | 00,439,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/08/23 00:12:45 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/08/23 00:12:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
[2009/08/23 00:01:53 | 00,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2009/08/23 00:01:23 | 00,000,792 | ---- | C] () -- C:\Users\Main\Desktop\DVD Shrink 3.2.lnk
[2009/08/23 00:01:23 | 00,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2009/08/23 00:01:22 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
[2009/08/23 00:00:50 | 00,000,941 | ---- | C] () -- C:\Users\Main\Desktop\AusLogics Disk Defrag.lnk
[2009/08/23 00:00:49 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2009/08/23 00:00:19 | 00,000,745 | ---- | C] () -- C:\Users\Main\Desktop\super_pi_mod - Shortcut.lnk
[2009/08/23 00:00:06 | 00,000,643 | ---- | C] () -- C:\Users\Main\Desktop\cpuz - Shortcut.lnk
[2009/08/22 23:59:56 | 00,000,651 | ---- | C] () -- C:\Users\Main\Desktop\prime95 - Shortcut.lnk
[2009/08/22 23:57:04 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Mozilla
[2009/08/22 23:57:04 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Mozilla
[2009/08/22 23:57:01 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/08/22 23:56:58 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/08/22 23:56:31 | 00,000,804 | ---- | C] () -- C:\Users\Main\Desktop\SpeedFan.lnk
[2009/08/22 23:56:30 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2009/08/22 23:56:29 | 00,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2009/08/22 23:56:06 | 00,001,023 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2009/08/22 23:56:05 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Foxit
[2009/08/22 23:56:05 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/08/22 23:53:51 | 00,000,000 | ---D | C] -- C:\Users\Main\Desktop\Set up
[2009/08/22 23:53:40 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/08/22 23:42:45 | 00,000,000 | ---D | C] -- C:\PerfLogs
[2009/08/22 23:19:03 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2009/08/22 23:19:02 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2009/08/22 23:17:42 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2009/08/22 23:17:31 | 00,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2009/08/22 23:17:31 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2009/08/22 23:17:31 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2009/08/22 23:17:31 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
[2009/08/22 23:17:30 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstask.dll
[2009/08/22 23:17:29 | 01,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2009/08/22 23:17:29 | 00,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2009/08/22 23:17:29 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2009/08/22 23:17:29 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2009/08/22 23:17:29 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2009/08/22 23:17:29 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mydocs.dll
[2009/08/22 23:17:29 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2009/08/22 23:17:29 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2009/08/22 23:17:29 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll
[2009/08/22 23:17:29 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2009/08/22 23:17:29 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2009/08/22 23:17:29 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2009/08/22 23:17:29 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
[2009/08/22 23:17:29 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2009/08/22 23:17:29 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2009/08/22 23:17:29 | 00,031,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mssmbios.sys
[2009/08/22 23:17:29 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvidc32.dll
[2009/08/22 23:17:29 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2009/08/22 23:17:29 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msfs.sys
[2009/08/22 23:17:29 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2009/08/22 23:17:29 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mstee.sys
[2009/08/22 23:17:29 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspclock.sys
[2009/08/22 23:17:29 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspqm.sys
[2009/08/22 23:17:28 | 00,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2009/08/22 23:17:28 | 00,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtckrm.dll
[2009/08/22 23:17:28 | 00,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2009/08/22 23:17:28 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2009/08/22 23:17:28 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2009/08/22 23:17:28 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2009/08/22 23:17:28 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2009/08/22 23:17:28 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2009/08/22 23:17:28 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtc.exe
[2009/08/22 23:17:28 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2009/08/22 23:17:28 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2009/08/22 23:17:28 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2009/08/22 23:17:28 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2009/08/22 23:17:28 | 00,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2009/08/22 23:17:27 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2009/08/22 23:17:27 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2009/08/22 23:17:27 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2009/08/22 23:17:27 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2009/08/22 23:17:27 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msieftp.dll
[2009/08/22 23:17:27 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2009/08/22 23:17:27 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2009/08/22 23:17:27 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2009/08/22 23:17:27 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2009/08/22 23:17:27 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2009/08/22 23:17:27 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll
[2009/08/22 23:17:27 | 00,016,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys
[2009/08/22 23:17:27 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2009/08/22 23:17:27 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
[2009/08/22 23:17:27 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mskssrv.sys
[2009/08/22 23:17:26 | 09,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2009/08/22 23:17:26 | 04,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2009/08/22 23:17:26 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2009/08/22 23:17:26 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2009/08/22 23:17:26 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2009/08/22 23:17:26 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2009/08/22 23:17:26 | 02,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2009/08/22 23:17:26 | 02,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2009/08/22 23:17:26 | 01,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2009/08/22 23:17:26 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2009/08/22 23:17:26 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2009/08/22 23:17:26 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2009/08/22 23:17:26 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2009/08/22 23:17:26 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2009/08/22 23:17:26 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2009/08/22 23:17:26 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2009/08/22 23:17:26 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2009/08/22 23:17:26 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2009/08/22 23:17:26 | 01,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2009/08/22 23:17:26 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe
[2009/08/22 23:17:26 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe
[2009/08/22 23:17:26 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2009/08/22 23:17:25 | 04,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2009/08/22 23:17:25 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2009/08/22 23:17:25 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2009/08/22 23:17:25 | 03,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2009/08/22 23:17:25 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2009/08/22 23:17:25 | 02,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2009/08/22 23:17:25 | 02,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2009/08/22 23:17:25 | 02,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2009/08/22 23:17:25 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2009/08/22 23:17:25 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2009/08/22 23:17:25 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2009/08/22 23:17:25 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2009/08/22 23:17:25 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2009/08/22 23:17:25 | 00,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2009/08/22 23:17:25 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2009/08/22 23:17:25 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2009/08/22 23:17:25 | 00,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2009/08/22 23:17:25 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
[2009/08/22 23:17:25 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2009/08/22 23:17:25 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2009/08/22 23:17:25 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2009/08/22 23:17:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll
[2009/08/22 23:17:24 | 00,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2009/08/22 23:17:24 | 00,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2009/08/22 23:17:24 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2009/08/22 23:17:24 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
[2009/08/22 23:17:24 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2009/08/22 23:17:24 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2009/08/22 23:17:24 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2009/08/22 23:17:24 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2009/08/22 23:17:24 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbios.sys
[2009/08/22 23:17:24 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2009/08/22 23:17:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/08/22 23:17:24 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2009/08/22 23:17:24 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nsisvc.dll
[2009/08/22 23:17:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys
[2009/08/22 23:17:24 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
[2009/08/22 23:17:24 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\null.sys
[2009/08/22 23:17:23 | 00,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2009/08/22 23:17:23 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlasvc.dll
[2009/08/22 23:17:23 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2009/08/22 23:17:23 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2009/08/22 23:17:23 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2009/08/22 23:17:23 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2009/08/22 23:17:23 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndproxy.sys
[2009/08/22 23:17:23 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
[2009/08/22 23:17:23 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2009/08/22 23:17:23 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll
[2009/08/22 23:17:23 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2009/08/22 23:17:23 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2009/08/22 23:17:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndistapi.sys
[2009/08/22 23:17:23 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2009/08/22 23:17:23 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndisuio.sys
[2009/08/22 23:17:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2009/08/22 23:17:22 | 00,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2009/08/22 23:17:22 | 00,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2009/08/22 23:17:22 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netman.dll
[2009/08/22 23:17:22 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
[2009/08/22 23:17:22 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2009/08/22 23:17:22 | 00,128,482 | ---- | C] () -- C:\Windows\System32\manage-bde.wsf
[2009/08/22 23:17:22 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2009/08/22 23:17:22 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2009/08/22 23:17:22 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys
[2009/08/22 23:17:22 | 00,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2009/08/22 23:17:22 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2009/08/22 23:17:22 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2009/08/22 23:17:22 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2009/08/22 23:17:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2009/08/22 23:17:22 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2009/08/22 23:17:21 | 05,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2009/08/22 23:17:21 | 00,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2009/08/22 23:17:21 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2009/08/22 23:17:21 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2009/08/22 23:17:21 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2009/08/22 23:17:21 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll
[2009/08/22 23:17:21 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LogonUI.exe
[2009/08/22 23:17:20 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2009/08/22 23:17:20 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipnathlp.dll
[2009/08/22 23:17:20 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2009/08/22 23:17:20 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2009/08/22 23:17:20 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2009/08/22 23:17:20 | 00,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itss.dll
[2009/08/22 23:17:20 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2009/08/22 23:17:20 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2009/08/22 23:17:20 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiexe.dll
[2009/08/22 23:17:20 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipnat.sys
[2009/08/22 23:17:20 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\irda.sys
[2009/08/22 23:17:20 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPBusEnum.dll
[2009/08/22 23:17:20 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2009/08/22 23:17:20 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mcx2Svc.dll
[2009/08/22 23:17:20 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\intelppm.sys
[2009/08/22 23:17:20 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2009/08/22 23:17:20 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2009/08/22 23:17:20 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\irenum.sys
[2009/08/22 23:17:20 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2009/08/22 23:17:19 | 00,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2009/08/22 23:17:19 | 00,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2009/08/22 23:17:19 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdsvc.dll
[2009/08/22 23:17:19 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2009/08/22 23:17:19 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2009/08/22 23:17:19 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2009/08/22 23:17:19 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2009/08/22 23:17:19 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2009/08/22 23:17:19 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2009/08/22 23:17:19 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2009/08/22 23:17:19 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprdim.dll
[2009/08/22 23:17:19 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KMSVC.DLL
[2009/08/22 23:17:19 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys
[2009/08/22 23:17:19 | 00,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2009/08/22 23:17:19 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2009/08/22 23:17:19 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipfltdrv.sys
[2009/08/22 23:17:19 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys
[2009/08/22 23:17:19 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2009/08/22 23:17:19 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2009/08/22 23:17:19 | 00,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdclass.sys
[2009/08/22 23:17:19 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2009/08/22 23:17:19 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2009/08/22 23:17:19 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2009/08/22 23:17:19 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2009/08/22 23:17:19 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2009/08/22 23:17:19 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2009/08/22 23:17:19 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2009/08/22 23:17:18 | 00,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2009/08/22 23:17:18 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2009/08/22 23:17:18 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2009/08/22 23:17:18 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2009/08/22 23:17:18 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2009/08/22 23:17:18 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2009/08/22 23:17:18 | 00,057,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mountmgr.sys
[2009/08/22 23:17:18 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys
[2009/08/22 23:17:18 | 00,034,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouclass.sys
[2009/08/22 23:17:18 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouhid.sys
[2009/08/22 23:17:18 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2009/08/22 23:17:17 | 00,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2009/08/22 23:17:17 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2009/08/22 23:17:17 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2009/08/22 23:17:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
[2009/08/22 23:17:16 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
[2009/08/22 23:17:16 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcshext.dll
[2009/08/22 23:17:16 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2009/08/22 23:17:16 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2009/08/22 23:17:16 | 00,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2009/08/22 23:17:16 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcss.dll
[2009/08/22 23:17:16 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\modem.sys
[2009/08/22 23:17:15 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shimgvw.dll
[2009/08/22 23:17:15 | 00,120,458 | ---- | C] () -- C:\Windows\System32\secpol.msc
[2009/08/22 23:17:15 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2009/08/22 23:17:15 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdrsvc.dll
[2009/08/22 23:17:15 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2009/08/22 23:17:15 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2009/08/22 23:17:15 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2009/08/22 23:17:15 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\seclogon.dll
[2009/08/22 23:17:14 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2009/08/22 23:17:14 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2009/08/22 23:17:14 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2009/08/22 23:17:13 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2009/08/22 23:17:13 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SessEnv.dll
[2009/08/22 23:17:13 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2009/08/22 23:17:13 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2009/08/22 23:17:12 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2009/08/22 23:17:12 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2009/08/22 23:17:12 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Sens.dll
[2009/08/22 23:17:12 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2009/08/22 23:17:12 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
[2009/08/22 23:17:12 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys
[2009/08/22 23:17:12 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2009/08/22 23:17:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2009/08/22 23:17:12 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2009/08/22 23:17:11 | 00,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2009/08/22 23:17:11 | 00,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2009/08/22 23:17:11 | 00,237,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ppcsnap.dll
[2009/08/22 23:17:11 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/08/22 23:17:11 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2009/08/22 23:17:11 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2009/08/22 23:17:11 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2009/08/22 23:17:11 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
[2009/08/22 23:17:11 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2009/08/22 23:17:11 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll
[2009/08/22 23:17:11 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2009/08/22 23:17:11 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2009/08/22 23:17:10 | 00,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2009/08/22 23:17:10 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2009/08/22 23:17:09 | 01,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2009/08/22 23:17:09 | 00,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2009/08/22 23:17:09 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
[2009/08/22 23:17:09 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2009/08/22 23:17:09 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2009/08/22 23:17:09 | 00,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2009/08/22 23:17:09 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2009/08/22 23:17:09 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
[2009/08/22 23:17:09 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2009/08/22 23:17:09 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2009/08/22 23:17:09 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2009/08/22 23:17:09 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcasvc.dll
[2009/08/22 23:17:09 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2009/08/22 23:17:09 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2009/08/22 23:17:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2009/08/22 23:17:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2009/08/22 23:17:09 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2009/08/22 23:17:08 | 01,502,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pla.dll
[2009/08/22 23:17:08 | 00,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2009/08/22 23:17:08 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2009/08/22 23:17:08 | 00,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2009/08/22 23:17:08 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2009/08/22 23:17:08 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2009/08/22 23:17:08 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys
[2009/08/22 23:17:08 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2009/08/22 23:17:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rshx32.dll
[2009/08/22 23:17:08 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2009/08/22 23:17:08 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2009/08/22 23:17:08 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2009/08/22 23:17:08 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2009/08/22 23:17:08 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2009/08/22 23:17:08 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2009/08/22 23:17:07 | 00,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2009/08/22 23:17:07 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2009/08/22 23:17:07 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2009/08/22 23:17:07 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2009/08/22 23:17:07 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2009/08/22 23:17:07 | 00,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2009/08/22 23:17:07 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2009/08/22 23:17:07 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2009/08/22 23:17:07 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2009/08/22 23:17:07 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2009/08/22 23:17:07 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2009/08/22 23:17:07 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2009/08/22 23:17:07 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rootmdm.sys
[2009/08/22 23:17:06 | 00,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2009/08/22 23:17:06 | 00,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2009/08/22 23:17:06 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2009/08/22 23:17:05 | 00,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2009/08/22 23:17:05 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2009/08/22 23:17:05 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwave.dll
[2009/08/22 23:17:05 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2009/08/22 23:17:05 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2009/08/22 23:17:05 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2009/08/22 23:17:05 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasauto.dll
[2009/08/22 23:17:05 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2009/08/22 23:17:05 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2009/08/22 23:17:05 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2009/08/22 23:17:05 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys
[2009/08/22 23:17:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2009/08/22 23:17:05 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2009/08/22 23:17:05 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2009/08/22 23:17:05 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2009/08/22 23:17:05 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rasacd.sys
[2009/08/22 23:17:05 | 00,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2009/08/22 23:17:04 | 01,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2009/08/22 23:17:04 | 00,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2009/08/22 23:17:04 | 00,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2009/08/22 23:17:04 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2009/08/22 23:17:04 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2009/08/22 23:17:04 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2009/08/22 23:17:04 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2009/08/22 23:17:04 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2009/08/22 23:17:04 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2009/08/22 23:17:04 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpdd.dll
[2009/08/22 23:17:04 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\regedit.exe
[2009/08/22 23:17:04 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2009/08/22 23:17:04 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2009/08/22 23:17:04 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rasl2tp.sys
[2009/08/22 23:17:04 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
[2009/08/22 23:17:04 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasqec.dll
[2009/08/22 23:17:04 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspptp.sys
[2009/08/22 23:17:04 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\remotepg.dll
[2009/08/22 23:17:04 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2009/08/22 23:17:04 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2009/08/22 23:17:04 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2009/08/22 23:17:04 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2009/08/22 23:17:04 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2009/08/22 23:17:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys
[2009/08/22 23:17:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPCDD.sys
[2009/08/22 23:17:03 | 01,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2009/08/22 23:17:03 | 00,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2009/08/22 23:17:03 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2009/08/22 23:17:03 | 00,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2009/08/22 23:17:03 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2009/08/22 23:17:03 | 00,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2009/08/22 23:17:03 | 00,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2009/08/22 23:17:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2009/08/22 23:17:03 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2009/08/22 23:17:03 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2009/08/22 23:17:03 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll
[2009/08/22 23:17:03 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2009/08/22 23:17:03 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2009/08/22 23:17:03 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
[2009/08/22 23:17:03 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2009/08/22 23:17:03 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2009/08/22 23:17:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2009/08/22 23:17:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2009/08/22 23:17:03 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2009/08/22 23:17:03 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
[2009/08/22 23:17:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
[2009/08/22 23:17:02 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2009/08/22 23:17:02 | 00,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2009/08/22 23:17:02 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2009/08/22 23:17:02 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2009/08/22 23:17:02 | 00,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2009/08/22 23:17:02 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2009/08/22 23:17:02 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2009/08/22 23:17:02 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2009/08/22 23:17:02 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2009/08/22 23:17:02 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2009/08/22 23:17:02 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2009/08/22 23:17:02 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2009/08/22 23:17:02 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DfsShlEx.dll
[2009/08/22 23:17:02 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2009/08/22 23:17:02 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2009/08/22 23:17:02 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2009/08/22 23:17:01 | 01,291,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comres.dll
[2009/08/22 23:17:01 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2009/08/22 23:17:01 | 00,531,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.dll
[2009/08/22 23:17:01 | 00,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
[2009/08/22 23:17:01 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2009/08/22 23:17:01 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2009/08/22 23:17:01 | 00,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2009/08/22 23:17:01 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2009/08/22 23:17:01 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2009/08/22 23:17:01 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2009/08/22 23:17:01 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2009/08/22 23:17:01 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2009/08/22 23:17:01 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2009/08/22 23:17:01 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll
[2009/08/22 23:17:01 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2009/08/22 23:17:01 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2009/08/22 23:17:01 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2009/08/22 23:17:01 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2009/08/22 23:17:01 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2009/08/22 23:17:01 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2009/08/22 23:17:01 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2009/08/22 23:17:00 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2009/08/22 23:17:00 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2009/08/22 23:17:00 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2009/08/22 23:17:00 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2009/08/22 23:17:00 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapsvc.dll
[2009/08/22 23:17:00 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
[2009/08/22 23:17:00 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2009/08/22 23:16:59 | 00,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2009/08/22 23:16:59 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2009/08/22 23:16:59 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2009/08/22 23:16:59 | 00,058,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys
[2009/08/22 23:16:59 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys
[2009/08/22 23:16:59 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2009/08/22 23:16:59 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdPHost.dll
[2009/08/22 23:14:57 | 02,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2009/08/22 23:14:57 | 02,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2009/08/22 23:14:57 | 00,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2009/08/22 23:14:57 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2009/08/22 23:14:57 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2009/08/22 23:14:57 | 00,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2009/08/22 23:14:57 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2009/08/22 23:14:56 | 00,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsuiext.dll
[2009/08/22 23:14:56 | 00,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2009/08/22 23:14:56 | 00,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2009/08/22 23:14:56 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2009/08/22 23:14:56 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2009/08/22 23:14:56 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2009/08/22 23:14:56 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2009/08/22 23:14:56 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquoui.dll
[2009/08/22 23:14:56 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2009/08/22 23:14:56 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
[2009/08/22 23:14:56 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2009/08/22 23:14:56 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2009/08/22 23:14:56 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2009/08/22 23:14:56 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2009/08/22 23:14:56 | 00,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
[2009/08/22 23:14:56 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2009/08/22 23:14:56 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dps.dll
[2009/08/22 23:14:56 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2009/08/22 23:14:56 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2009/08/22 23:14:56 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2009/08/22 23:14:56 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2009/08/22 23:14:56 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2009/08/22 23:14:56 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2009/08/22 23:14:56 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2009/08/22 23:14:56 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2009/08/22 23:14:56 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2009/08/22 23:14:56 | 00,056,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dumpfve.sys
[2009/08/22 23:14:56 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2009/08/22 23:14:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll
[2009/08/22 23:14:56 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2009/08/22 23:14:56 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2009/08/22 23:14:56 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2009/08/22 23:14:56 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
[2009/08/22 23:14:56 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2009/08/22 23:14:56 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2009/08/22 23:14:56 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2009/08/22 23:14:56 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2009/08/22 23:14:56 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2009/08/22 23:14:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmkaud.sys
[2009/08/22 23:14:56 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2009/08/22 23:14:55 | 04,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2009/08/22 23:14:55 | 01,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2009/08/22 23:14:55 | 00,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2009/08/22 23:14:55 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2009/08/22 23:14:55 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsquery.dll
[2009/08/22 23:14:55 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2009/08/22 23:14:55 | 00,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2009/08/22 23:14:55 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodev.dll
[2009/08/22 23:14:55 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssec.dll
[2009/08/22 23:14:55 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2009/08/22 23:14:55 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2009/08/22 23:14:55 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2009/08/22 23:13:54 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\asyncmac.sys
[2009/08/22 23:13:53 | 01,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2009/08/22 23:13:53 | 00,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2009/08/22 23:13:53 | 00,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
[2009/08/22 23:13:53 | 00,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2009/08/22 23:13:53 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2009/08/22 23:13:53 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2009/08/22 23:13:53 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2009/08/22 23:13:53 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2009/08/22 23:13:53 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2009/08/22 23:13:53 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2009/08/22 23:13:53 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2009/08/22 23:13:53 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2009/08/22 23:13:53 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2009/08/22 23:13:53 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2009/08/22 23:13:53 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2009/08/22 23:13:53 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2009/08/22 23:13:53 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2009/08/22 23:13:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2009/08/22 23:13:53 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\beep.sys
[2009/08/22 23:13:52 | 00,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2009/08/22 23:13:52 | 00,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll
[2009/08/22 23:13:52 | 00,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll
[2009/08/22 23:13:52 | 00,339,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2009/08/22 23:13:52 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2009/08/22 23:13:52 | 00,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2009/08/22 23:13:52 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2009/08/22 23:13:52 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2009/08/22 23:13:52 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2009/08/22 23:13:52 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabview.dll
[2009/08/22 23:13:52 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2009/08/22 23:13:52 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2009/08/22 23:13:52 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2009/08/22 23:13:52 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\alg.exe
[2009/08/22 23:13:52 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appinfo.dll
[2009/08/22 23:13:52 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/08/22 23:13:52 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/08/22 23:13:51 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browser.dll
[2009/08/22 23:13:51 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys
[2009/08/22 23:13:51 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2009/08/22 23:13:51 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2009/08/22 23:13:51 | 00,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2009/08/22 23:13:51 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2009/08/22 23:13:51 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2009/08/22 23:13:51 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2009/08/22 23:13:51 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2009/08/22 23:13:50 | 00,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2009/08/22 23:13:50 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2009/08/22 23:13:50 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2009/08/22 23:13:50 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdfs.sys
[2009/08/22 23:13:50 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2009/08/22 23:13:50 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2009/08/22 23:13:50 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blb_ps.dll
[2009/08/22 23:13:50 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2009/08/22 23:12:48 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2009/08/22 23:12:47 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
[2009/08/22 23:12:47 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2009/08/22 23:12:47 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2009/08/22 23:12:46 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\i8042prt.sys
[2009/08/22 23:12:46 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/08/22 23:12:46 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2009/08/22 23:12:46 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/08/22 23:12:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2009/08/22 23:12:45 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2009/08/22 23:12:45 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2009/08/22 23:12:45 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2009/08/22 23:12:45 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2009/08/22 23:12:45 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2009/08/22 23:12:45 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2009/08/22 23:12:45 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2009/08/22 23:12:44 | 00,925,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll
[2009/08/22 23:12:44 | 00,890,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll
[2009/08/22 23:12:44 | 00,705,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOMPOSE.dll
[2009/08/22 23:12:44 | 00,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSSVC.exe
[2009/08/22 23:12:44 | 00,473,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOMEX.dll
[2009/08/22 23:12:44 | 00,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSXP32.dll
[2009/08/22 23:12:44 | 00,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2009/08/22 23:12:44 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll
[2009/08/22 23:12:44 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
[2009/08/22 23:12:44 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXST30.dll
[2009/08/22 23:12:44 | 00,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSUTILITY.dll
[2009/08/22 23:12:44 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2009/08/22 23:12:44 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2009/08/22 23:12:44 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2009/08/22 23:12:44 | 00,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2009/08/22 23:12:44 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveRecover.dll
[2009/08/22 23:12:44 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2009/08/22 23:12:44 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOM.dll
[2009/08/22 23:12:44 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSROUTE.dll
[2009/08/22 23:12:44 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2009/08/22 23:12:44 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2009/08/22 23:12:44 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2009/08/22 23:12:44 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSEXT32.dll
[2009/08/22 23:12:44 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2009/08/22 23:12:44 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2009/08/22 23:12:44 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSUNATD.exe
[2009/08/22 23:12:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2009/08/22 23:12:44 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2009/08/22 23:12:44 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys
[2009/08/22 23:12:44 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2009/08/22 23:12:43 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/08/22 23:12:43 | 00,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
[2009/08/22 23:12:43 | 00,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2009/08/22 23:12:43 | 00,147,439 | ---- | C] () -- C:\Windows\System32\gpedit.msc
[2009/08/22 23:12:43 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2009/08/22 23:12:43 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2009/08/22 23:12:43 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2009/08/22 23:12:43 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2009/08/22 23:12:43 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2009/08/22 23:12:43 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvenotify.exe
[2009/08/22 23:12:43 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2009/08/22 23:12:43 | 00,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2009/08/22 23:12:43 | 00,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2009/08/22 23:12:43 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2009/08/22 23:12:43 | 00,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2009/08/22 23:12:43 | 00,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2009/08/22 23:12:42 | 00,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2009/08/22 23:12:42 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2009/08/22 23:12:42 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2009/08/22 23:12:41 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2009/08/22 23:12:41 | 00,443,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiashext.dll
[2009/08/22 23:12:41 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2009/08/22 23:12:41 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2009/08/22 23:12:41 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
[2009/08/22 23:12:41 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2009/08/22 23:12:41 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2009/08/22 23:12:41 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2009/08/22 23:12:41 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2009/08/22 23:12:41 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2009/08/22 23:12:41 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2009/08/22 23:12:41 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2009/08/22 23:12:41 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2009/08/22 23:12:41 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2009/08/22 23:12:41 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2009/08/22 23:12:41 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2009/08/22 23:12:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2009/08/22 23:12:40 | 00,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2009/08/22 23:12:40 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2009/08/22 23:12:40 | 00,195,122 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2009/08/22 23:12:40 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbadmin.exe
[2009/08/22 23:12:40 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2009/08/22 23:12:40 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2009/08/22 23:12:40 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wanarp.sys
[2009/08/22 23:12:40 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2009/08/22 23:12:40 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2009/08/22 23:12:40 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2009/08/22 23:12:40 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFax.dll
[2009/08/22 23:12:40 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2009/08/22 23:12:40 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2009/08/22 23:12:39 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2009/08/22 23:12:39 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
[2009/08/22 23:12:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2009/08/22 23:11:38 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2009/08/22 23:11:38 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecsvc.dll
[2009/08/22 23:11:38 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll
[2009/08/22 23:11:38 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2009/08/22 23:11:38 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2009/08/22 23:11:38 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2009/08/22 23:11:38 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2009/08/22 23:11:37 | 01,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2009/08/22 23:11:37 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2009/08/22 23:11:37 | 00,503,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys
[2009/08/22 23:11:37 | 00,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2009/08/22 23:11:37 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2009/08/22 23:11:37 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll
[2009/08/22 23:11:37 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2009/08/22 23:11:37 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdbusenum.dll
[2009/08/22 23:11:37 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2009/08/22 23:11:37 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2009/08/22 23:11:37 | 00,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2009/08/22 23:11:37 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/08/22 23:11:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2009/08/22 23:11:37 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2009/08/22 23:11:36 | 02,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll
[2009/08/22 23:11:36 | 01,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2009/08/22 23:11:36 | 00,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XPSSHHDR.dll
[2009/08/22 23:11:36 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2009/08/22 23:11:36 | 00,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2009/08/22 23:11:36 | 00,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2009/08/22 23:11:36 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2009/08/22 23:11:36 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2009/08/22 23:11:36 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2009/08/22 23:11:36 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
[2009/08/22 23:11:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2009/08/22 23:11:36 | 00,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
[2009/08/22 23:11:36 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2009/08/22 23:11:36 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2009/08/22 23:11:36 | 00,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2009/08/22 23:11:36 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2009/08/22 23:11:36 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
[2009/08/22 23:11:36 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2009/08/22 23:11:36 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2009/08/22 23:11:36 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2009/08/22 23:11:36 | 00,083,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFRd.sys
[2009/08/22 23:11:36 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2009/08/22 23:11:36 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFSvc.dll
[2009/08/22 23:11:36 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll
[2009/08/22 23:11:36 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFPf.sys
[2009/08/22 23:11:36 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2009/08/22 23:11:36 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/08/22 23:11:36 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2009/08/22 23:11:36 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2009/08/22 23:11:36 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2009/08/22 23:11:36 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2009/08/22 23:11:36 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2009/08/22 23:11:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
[2009/08/22 23:11:36 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2009/08/22 23:11:36 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
[2009/08/22 23:11:36 | 00,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll
[2009/08/22 23:11:35 | 01,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2009/08/22 23:11:35 | 01,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2009/08/22 23:11:35 | 00,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2009/08/22 23:11:35 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2009/08/22 23:11:35 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2009/08/22 23:11:35 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2009/08/22 23:11:35 | 00,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2009/08/22 23:11:35 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2009/08/22 23:11:35 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2009/08/22 23:11:35 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2009/08/22 23:11:35 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2009/08/22 23:11:35 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2009/08/22 23:11:35 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpshell.dll
[2009/08/22 23:11:35 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
[2009/08/22 23:11:35 | 00,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2009/08/22 23:11:35 | 00,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2009/08/22 23:11:34 | 01,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2009/08/22 23:11:34 | 01,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2009/08/22 23:11:34 | 00,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2009/08/22 23:11:34 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2009/08/22 23:11:34 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2009/08/22 23:11:34 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2009/08/22 23:11:34 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2009/08/22 23:11:33 | 00,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2009/08/22 23:11:33 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe
[2009/08/22 23:11:33 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2009/08/22 23:11:33 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2009/08/22 23:11:33 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2009/08/22 23:11:33 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbssvc.dll
[2009/08/22 23:11:33 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdtcp.sys
[2009/08/22 23:11:33 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2009/08/22 23:11:32 | 00,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2009/08/22 23:11:32 | 00,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2009/08/22 23:11:32 | 00,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2009/08/22 23:11:32 | 00,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2009/08/22 23:11:32 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2009/08/22 23:11:32 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2009/08/22 23:11:32 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssdpsrv.dll
[2009/08/22 23:11:32 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2009/08/22 23:11:32 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sstpsvc.dll
[2009/08/22 23:11:32 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2009/08/22 23:11:32 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2009/08/22 23:11:32 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2009/08/22 23:11:32 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2009/08/22 23:11:32 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2009/08/22 23:11:32 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
[2009/08/22 23:11:32 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2009/08/22 23:11:32 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2009/08/22 23:11:32 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdpipe.sys
[2009/08/22 23:11:32 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2009/08/22 23:11:31 | 08,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2009/08/22 23:11:31 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2009/08/22 23:11:31 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2009/08/22 23:11:31 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2009/08/22 23:11:31 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2009/08/22 23:11:31 | 00,021,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys
[2009/08/22 23:11:31 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2009/08/22 23:11:30 | 08,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2009/08/22 23:11:30 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2009/08/22 23:11:30 | 00,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2009/08/22 23:11:30 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnphost.dll
[2009/08/22 23:11:30 | 00,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2009/08/22 23:11:30 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysdm.cpl
[2009/08/22 23:11:30 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll
[2009/08/22 23:11:30 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2009/08/22 23:11:30 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2009/08/22 23:11:30 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2009/08/22 23:11:30 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2009/08/22 23:11:30 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll
[2009/08/22 23:11:30 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2009/08/22 23:11:30 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2009/08/22 23:11:30 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2009/08/22 23:11:30 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbuhci.sys
[2009/08/22 23:11:30 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2009/08/22 23:11:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe
[2009/08/22 23:11:30 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2009/08/22 23:11:30 | 00,015,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\swenum.sys
[2009/08/22 23:11:30 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2009/08/22 23:11:29 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2009/08/22 23:11:29 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2009/08/22 23:11:29 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccgp.sys
[2009/08/22 23:11:29 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2009/08/22 23:11:29 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vga.sys
[2009/08/22 23:11:29 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2009/08/22 23:11:29 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2009/08/22 23:11:29 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2009/08/22 23:11:28 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2009/08/22 23:11:28 | 00,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2009/08/22 23:11:28 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2009/08/22 23:11:28 | 00,052,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys
[2009/08/22 23:11:28 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2009/08/22 23:11:27 | 02,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2009/08/22 23:11:27 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2009/08/22 23:11:27 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2009/08/22 23:11:27 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2009/08/22 23:11:27 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2009/08/22 23:11:27 | 00,240,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
[2009/08/22 23:11:27 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2009/08/22 23:11:27 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2009/08/22 23:11:27 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2009/08/22 23:11:27 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2009/08/22 23:11:27 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2009/08/22 23:11:27 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
[2009/08/22 23:11:27 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\trkwks.dll
[2009/08/22 23:11:27 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll
[2009/08/22 23:11:27 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2009/08/22 23:11:27 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2009/08/22 23:11:27 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2009/08/22 23:11:27 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2009/08/22 23:11:27 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2009/08/22 23:11:27 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys
[2009/08/22 23:11:27 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2009/08/22 23:11:27 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2009/08/22 23:11:27 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys
[2009/08/22 23:11:27 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2009/08/22 23:11:27 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2009/08/22 23:11:26 | 00,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2009/08/22 23:11:26 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2009/08/22 23:11:26 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2009/08/22 23:11:26 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2009/08/22 23:11:26 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twext.dll
[2009/08/22 23:11:26 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2009/08/22 23:11:26 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2009/08/22 23:11:26 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2009/08/22 23:11:26 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2009/08/22 23:11:26 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe
[2009/08/22 23:11:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2009/08/22 23:11:26 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2009/08/22 23:11:26 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys
[2009/08/22 23:11:26 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS
[2009/08/22 23:11:26 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2009/08/22 23:11:26 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umpass.sys
[2009/08/22 22:52:26 | 02,034,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/08/22 22:52:24 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/08/22 22:52:24 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/08/22 22:52:24 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/08/22 22:52:24 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2009/08/22 22:52:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009/08/22 22:52:24 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/08/22 22:52:08 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
[2009/08/22 22:52:00 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
[2009/08/22 22:51:57 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/08/22 22:51:56 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2009/08/22 22:51:56 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2009/08/22 22:50:20 | 00,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2009/08/22 22:49:17 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/08/22 22:48:00 | 10,628,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/08/22 22:47:56 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
[2009/08/22 22:47:55 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/08/22 22:47:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/08/22 22:47:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/08/22 22:47:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/08/22 22:47:54 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2009/08/22 22:47:54 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2009/08/22 22:47:22 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[2009/08/22 22:32:09 | 00,000,000 | ---D | C] -- C:\Windows\CheckSur
[2009/08/22 22:25:01 | 00,589,824 | ---- | C] () -- C:\Windows\SPInstall.etl
[2009/08/22 22:15:43 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/08/22 22:15:43 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/08/22 22:15:43 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/08/22 22:15:43 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/08/22 22:14:58 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/08/22 22:14:57 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/08/22 22:14:57 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/08/22 22:14:40 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/08/22 22:14:40 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/08/22 22:14:03 | 00,000,812 | ---- | C] () -- C:\Users\Main\AppData\Local\RT61_{D2D70CA0-4B73-43ED-B566-3CCBD85E6CDE}_sta
[2009/08/22 22:13:59 | 00,000,808 | ---- | C] () -- C:\Users\Main\AppData\Local\RT61_{D2D70CA0-4B73-43ED-B566-3CCBD85E6CDE}_prof
[2009/08/22 22:05:45 | 00,316,928 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr61.sys
[2009/08/22 22:05:05 | 00,001,767 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2009/08/22 22:05:05 | 00,000,000 | ---D | C] -- C:\Program Files\RALINK
[2009/08/22 22:05:04 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/08/22 22:04:52 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\InstallShield
[2009/08/22 21:53:36 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009/08/22 21:53:36 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/08/22 21:53:04 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2009/08/22 21:29:34 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/08/22 19:42:46 | 00,753,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2009/08/22 19:42:46 | 00,413,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2009/08/22 19:42:46 | 00,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2009/08/22 19:42:19 | 00,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2009/08/22 19:42:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/08/22 19:41:55 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/08/22 19:37:06 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2009/08/22 19:37:06 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/08/22 19:37:01 | 00,000,000 | ---D | C] -- C:\Intel
[2009/08/22 19:35:12 | 00,058,896 | ---- | C] () -- C:\Users\Main\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/22 19:35:00 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Identities
[2009/08/22 19:34:58 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\VirtualStore
[2009/08/22 19:34:56 | 00,000,680 | ---- | C] () -- C:\Users\Main\AppData\Local\d3d9caps.dat
[2009/08/22 19:34:55 | 00,000,000 | --SD | C] -- C:\Users\Main\AppData\Roaming\Microsoft
[2009/08/22 19:34:55 | 00,000,000 | -HSD | C] -- C:\Users\Main\Documents\My Videos
[2009/08/22 19:34:55 | 00,000,000 | -HSD | C] -- C:\Users\Main\Documents\My Pictures
[2009/08/22 19:34:55 | 00,000,000 | -HSD | C] -- C:\Users\Main\Documents\My Music
[2009/08/22 19:34:55 | 00,000,000 | -HSD | C] -- C:\Users\Main\AppData\Local\Temporary Internet Files
[2009/08/22 19:34:55 | 00,000,000 | -HSD | C] -- C:\Users\Main\AppData\Local\History
[2009/08/22 19:34:55 | 00,000,000 | -HSD | C] -- C:\Users\Main\AppData\Local\Application Data
[2009/08/22 19:34:55 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Media Center Programs
[2009/08/22 19:34:55 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Temp
[2009/08/22 19:34:55 | 00,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Microsoft
[2009/08/22 17:41:27 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2009/08/22 17:40:32 | 00,000,000 | ---D | C] -- C:\Windows\Debug
[2009/08/22 17:40:32 | 00,000,000 | ---D | C] -- C:\Windows\CSC
[2009/08/22 17:39:39 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009/08/22 17:39:32 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2006/11/02 22:04:20 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 19:53:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 19:53:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 17:10:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1996/04/04 05:03:26 | 00,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Files - Modified Within 30 Days ==========

[2009/08/28 20:12:32 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe
[2009/08/28 19:21:16 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/28 19:21:16 | 00,599,942 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/28 19:21:16 | 00,105,448 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/28 19:14:39 | 00,005,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/28 19:14:39 | 00,005,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/28 19:14:37 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/28 19:14:36 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/28 19:14:31 | 32,193,16736 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/28 19:14:30 | 34,033,0855 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/27 22:58:26 | 00,781,909 | ---- | M] () -- C:\Users\Main\Desktop\RSIT.exe
[2009/08/24 00:31:48 | 01,982,328 | -H-- | M] () -- C:\Users\Main\AppData\Local\IconCache.db
[2009/08/23 23:22:02 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/23 23:21:36 | 00,324,264 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009/08/23 23:20:54 | 00,000,812 | ---- | M] () -- C:\Users\Main\Desktop\SpywareBlaster.lnk
[2009/08/23 23:17:22 | 00,001,055 | ---- | M] () -- C:\Users\Main\Desktop\Spybot - Search & Destroy.lnk
[2009/08/23 21:33:14 | 00,005,120 | ---- | M] () -- C:\Users\Main\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/23 20:15:58 | 00,058,896 | ---- | M] () -- C:\Users\Main\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/23 20:15:53 | 00,259,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/08/23 17:50:12 | 00,000,782 | ---- | M] () -- C:\Users\Main\Desktop\NewsLeecher.lnk
[2009/08/23 17:40:00 | 00,000,804 | ---- | M] () -- C:\Users\Main\Desktop\QuickPar.lnk
[2009/08/23 11:38:29 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/08/23 00:31:48 | 04,152,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wgaer_m.exe
[2009/08/23 00:31:24 | 00,001,303 | ---- | M] () -- C:\Windows\System32\WGAScanner.xml
[2009/08/23 00:01:23 | 00,000,792 | ---- | M] () -- C:\Users\Main\Desktop\DVD Shrink 3.2.lnk
[2009/08/23 00:00:50 | 00,000,941 | ---- | M] () -- C:\Users\Main\Desktop\AusLogics Disk Defrag.lnk
[2009/08/23 00:00:19 | 00,000,745 | ---- | M] () -- C:\Users\Main\Desktop\super_pi_mod - Shortcut.lnk
[2009/08/23 00:00:06 | 00,000,643 | ---- | M] () -- C:\Users\Main\Desktop\cpuz - Shortcut.lnk
[2009/08/22 23:59:56 | 00,000,651 | ---- | M] () -- C:\Users\Main\Desktop\prime95 - Shortcut.lnk
[2009/08/22 23:57:01 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/08/22 23:56:31 | 00,000,804 | ---- | M] () -- C:\Users\Main\Desktop\SpeedFan.lnk
[2009/08/22 23:56:30 | 00,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2009/08/22 23:56:06 | 00,001,023 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2009/08/22 23:53:40 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/08/22 23:49:40 | 00,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2009/08/22 23:33:12 | 00,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2009/08/22 23:33:03 | 00,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2009/08/22 23:28:53 | 00,589,824 | ---- | M] () -- C:\Windows\SPInstall.etl
[2009/08/22 22:15:43 | 01,809,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/08/22 22:15:43 | 01,524,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/08/22 22:15:43 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/08/22 22:15:43 | 00,043,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/08/22 22:14:58 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/08/22 22:14:57 | 00,561,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/08/22 22:14:57 | 00,034,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/08/22 22:14:40 | 00,162,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/08/22 22:14:40 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/08/22 22:14:03 | 00,000,812 | ---- | M] () -- C:\Users\Main\AppData\Local\RT61_{D2D70CA0-4B73-43ED-B566-3CCBD85E6CDE}_sta
[2009/08/22 22:14:03 | 00,000,808 | ---- | M] () -- C:\Users\Main\AppData\Local\RT61_{D2D70CA0-4B73-43ED-B566-3CCBD85E6CDE}_prof
[2009/08/22 22:05:05 | 00,001,767 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2009/08/22 21:39:37 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2009/08/22 19:40:55 | 00,000,680 | ---- | M] () -- C:\Users\Main\AppData\Local\d3d9caps.dat
[2009/08/22 17:42:13 | 00,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >

#10 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 August 2009 - 09:31 AM

OTL Extras logfile created on: 28/08/2009 8:18:18 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Main\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 91.82% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 419.01 Gb Free Space | 89.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAIN-PC
Current User Name: Main
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-51856979-3987824740-1011260170-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D642B49A-2763-4267-ABAC-7685CD2F6399}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E3188831-EC21-47E8-9E4A-82E265230C93}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}" = ESET NOD32 Antivirus
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"DVD Shrink_is1" = DVD Shrink 3.2
"Foxit Reader" = Foxit Reader
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"NewsLeecher_is1" = NewsLeecher v3.8 Final
"NVIDIA Drivers" = NVIDIA Drivers
"QuickPar" = QuickPar 0.9
"SpeedFan" = SpeedFan (remove only)
"SpywareBlaster_is1" = SpywareBlaster 4.2
"TreeSize Free_is1" = TreeSize Free V2.3.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22/08/2009 8:34:58 AM | Computer Name = Main-PC | Source = VSS | ID = 8194
Description =

Error - 22/08/2009 8:46:25 AM | Computer Name = Main-PC | Source = EventSystem | ID = 4621
Description =

Error - 22/08/2009 10:15:42 AM | Computer Name = Main-PC | Source = WerSvc | ID = 5007
Description =

Error - 22/08/2009 10:37:28 AM | Computer Name = Main-PC | Source = Application Error | ID = 1000
Description = Faulting application IntelBurnTest.exe, version 1.4.0.0, time stamp
0x48a5bec1, faulting module IntelBurnTest.exe, version 1.4.0.0, time stamp 0x48a5bec1,
exception code 0xc0000005, fault offset 0x00007214, process id 0xadc, application
start time 0x01ca23360d1e0a44.

Error - 22/08/2009 12:20:19 PM | Computer Name = Main-PC | Source = Windows Search Service | ID = 3024
Description =

Error - 23/08/2009 3:21:27 AM | Computer Name = Main-PC | Source = ESENT | ID = 215
Description = WinMail (3304) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 23/08/2009 4:36:16 AM | Computer Name = Main-PC | Source = VSS | ID = 8194
Description =

Error - 23/08/2009 8:12:32 AM | Computer Name = Main-PC | Source = EventSystem | ID = 4609
Description =

Error - 28/08/2009 4:36:06 AM | Computer Name = Main-PC | Source = Perflib | ID = 1010
Description =

[ System Events ]
Error - 23/08/2009 8:21:20 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 4:31:20 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 4:31:20 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 4:31:20 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 4:31:20 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 5:44:36 AM | Computer Name = Main-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:12:23 PM on 28/08/2009 was unexpected.

Error - 28/08/2009 5:44:27 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 5:44:27 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 5:44:27 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 28/08/2009 5:44:27 AM | Computer Name = Main-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =


< End of report >

#11 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:07 PM

Posted 28 August 2009 - 10:24 AM

Hi pshnfry,



You didn't respond to my question directly about why starting from scratch. I assume that your issue does not appear to be malware related, rather the system issues related.

There is no trace of any outstanding objects lurking there right now. Since our focus on malware removal issues, You would be better served discussing it in the Windows Vista Support section of this forum if you feel comfortable.

Even that, I do some homework for you. That issue pattern seems to fit your dilemma. Hope it helps.

http://www.winxpcentral.com/forums/showthread.php?t=21663

http://support.bicestercomputers.co.uk/showthread.php?t=119

Tell me if you need further assistance. Good luck! :thumbup2:

#12 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 August 2009 - 01:24 PM

Hello sundavis,

Thanks for your help.

I responded twice as to why I reloaded os - pc was unusable 2 hours after my initial post. See post 2 and 8.

Your googles would be good except they are for a very specific problem with clear signs in the error logs - those signs aren't present in my scenario.

I'll go back to looking at the hardware I suppose.

#13 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:07 PM

Posted 28 August 2009 - 05:32 PM

Hi pshnfry,


I responded twice as to why I reloaded os - pc was unusable 2 hours after my initial post. See post 2 and 8.

I do see what you're referring to. Anyway, that is not the major issue we are looking for till now. I do check your event logs which didn't seem to be an issue. Most events point to power management. Hope it might help just in case.

http://blogs.msdn.com/richardt/archive/200...-frequency.aspx

If the problem still persists, you can start your own topic in a proper location on this forum and get your issue sorted hopefully. Good luck! :thumbup2:

#14 pshnfry

pshnfry
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 29 August 2009 - 03:16 AM

Well, I checked for disk issues and updated bios to most recent, reset to defaults and then re-tweaked as needed. Then replaced all sata cables with new ones. I saw the power issues you referred to in the logs and will follow that up but it is a sleep issue, and why I updated the bios, it isn't happening at the same time as the pauses. Also, power settings are set to High Performance in Vista, and bios cpu power saving is disabled.

I am reposting because this afternoon I have plugged the 1Tb data drive back in and powered up the pc, and Eset Nod32 real time protection was disabled after settling to the desktop (not by me). GMER then errored out (failed to complete a run). So I shut down and unplugged the data drive. The pc then started up ok with full Nod32 protection.

Does this sound sus? Should I take further steps? This doesn't feel like hardware. What is the safest way to access the data drive for scanning - use a usb enclosure would make any difference?

#15 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:07 PM

Posted 29 August 2009 - 12:49 PM

Hi pshnfry,


Does this sound sus? Should I take further steps?

I have no clue what's going on there. That problem seems to go to your WD data drive. Did you ever try to call WD customer support? They may walk you through it over the phone or give away some useful info. For more info:

http://support.wdc.com/product/kb.asp?wdc_lang=en

What is the safest way to access the data drive for scanning

If you need to scan some special area in your pc, you may use online scanner such as Kaspersky online scanner. You can configure Kaspersky to scan only Folder pointing to the WD area.

You may refer to this thread and configure Kas to scan Folder instead of My computer then click the WD drive for scanning. Kaspersky Online Scanner can't remove threats. but you can use F-Secure Online Scanner to disinfect your computer if needed.

Edited by sundavis, 29 August 2009 - 03:59 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users