Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan infection/rootkit's/loosing internet conection/lots of ports listening in the high # section. pft do i need to say more? PLease help


  • This topic is locked This topic is locked
28 replies to this topic

#1 6676

6676

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 03 January 2010 - 03:00 AM

I rather install my OS from scratch since i don't care about any of the stuff that i have in this computer i just need it to be safe for email's and research info.


i was reading the set up guide for the computer and i did a reinstall of the OS but all the problems still there.

passwords showing in the address bar and internet being very slow and lots of ports open in the range that usually are use for hackers and so on. i gathered all the info in this website. maybe I'm wrong I don't know anymore.

also i can't update my system/ i did download like 67 but like 57 failed to download,


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 1/2/2010 12:28:04 PM
System Uptime: 1/3/2010 1:58:39 AM (1 hours ago)

Motherboard: Dell Inc. | | 0G848F
Processor: Intel® Celeron® CPU 900 @ 2.20GHz | Microprocessor | 2194/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 134 GiB total, 114.337 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 14.561 GiB free.
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}
Description: Standard VGA Graphics Adapter
Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_02AA1028&REV_07\3&2B8E0B4B&0&10
Manufacturer: (Standard display types)
Name: Standard VGA Graphics Adapter
PNP Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_02AA1028&REV_07\3&2B8E0B4B&0&10
Service: vga

Class GUID:
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_02AA1028&REV_07\3&2B8E0B4B&0&11
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_02AA1028&REV_07\3&2B8E0B4B&0&11
Service:

Class GUID:
Description: Network Controller
Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_000C1028&REV_01\4&2B17F6E0&0&00E1
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_000C1028&REV_01\4&2B17F6E0&0&00E1
Service:

Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4354&SUBSYS_02AA1028&REV_13\4&1B809680&0&00E2
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_4354&SUBSYS_02AA1028&REV_13\4&1B809680&0&00E2
Service:

Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02AA1028&REV_03\3&2B8E0B4B&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02AA1028&REV_03\3&2B8E0B4B&0&FB
Service:

==== System Restore Points ===================

RP10: 1/2/2010 9:43:36 AM - Windows Update
RP8: 1/2/2010 12:39:22 PM - Installed Belkin N Wireless USB Adapter Setup

BC AdBot (Login to Remove)

 


#2 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 10 January 2010 - 07:23 AM

ok i guess scratch the first post and here are the new logs. would some 1 tell me if there is something fishy.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 1/2/2010 12:28:04 PM
System Uptime: 1/10/2010 2:18:22 AM (5 hours ago)

Motherboard: Dell Inc. | | 0G848F
Processor: Intel® Celeron® CPU 900 @ 2.20GHz | Microprocessor | 2194/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 134 GiB total, 97.331 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 14.561 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

AAC Decoder
Adobe Flash Player 10 Plugin
AutoUpdate
avast! Antivirus
Belkin N Wireless USB Adapter Setup
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Defraggler
Dell Resource CD
Dell Wireless WLAN Card Utility
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
DivX Version Checker
H.264 Decoder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IDT Audio
Intel® Graphics Media Accelerator Driver
Java™ 6 Update 17
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Microsoft .NET Framework 3.5 SP1
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MKV Splitter
Mozilla Firefox (3.5.6)
Realtek USB 2.0 Card Reader
Spybot - Search & Destroy
SpywareBlaster 4.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
ZoneAlarm
ZoneAlarm Toolbar

==== End Of File ===========================



__________________________________________________________________________________-




DDS (Ver_09-12-01.01) - NTFSx86
Run by c at 7:12:22.93 on Sun 01/10/2010
Internet Explorer: 8.0.6001.18865 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3034.1870 [GMT -5:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\c\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uLocal Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
mCustomizeSearch = hxxp://www.google.com/
mSearchAssistant = hxxp://www.google.com/
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: ZoneAlarm Toolbar Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\c\appdata\roaming\mozilla\firefox\profiles\bkov646a.default\
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-2 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_22764d41\AEstSrv.exe [2010-1-9 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-2 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-1-2 53328]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-1-2 138680]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2009-10-14 476528]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-1-8 1153368]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-1-2 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-1-2 352920]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2009-10-28 528896]

=============== Created Last 30 ================

2010-01-10 11:36:04 0 d-----w- C:\Lop SD
2010-01-10 07:19:58 773890 ----a-w- c:\windows\system32\oem8.inf
2010-01-09 22:05:58 0 d-----w- c:\windows\system32\Dell
2010-01-09 21:54:49 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2010-01-09 21:54:49 121232 ----a-w- c:\windows\system32\IScrNB.bmp
2010-01-09 21:46:38 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-01-09 21:43:47 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2010-01-09 21:43:47 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2010-01-09 21:43:47 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2010-01-09 21:43:47 226816 ----a-w- c:\windows\system32\drivers\usbport.sys
2010-01-09 21:43:47 196608 ----a-w- c:\windows\system32\drivers\usbhub.sys
2010-01-09 21:41:19 0 d-----w- c:\programdata\Dell
2010-01-09 21:39:59 766 ----a-w- c:\windows\system\CRIcon.ico
2010-01-09 21:35:02 61440 ----a-w- c:\windows\system32\aestaren.dll
2010-01-09 21:35:02 511488 ----a-w- c:\windows\system32\ctapo32.dll
2010-01-09 21:35:02 380928 ----a-w- c:\windows\system32\aestecap.dll
2010-01-09 21:35:02 139264 ----a-w- c:\windows\system32\aestacap.dll
2010-01-09 21:35:01 86016 ----a-w- c:\windows\system32\AESTCom.dll
2010-01-09 21:35:01 536576 ----a-w- c:\windows\system32\idtmini1.exe
2010-01-09 21:35:01 47104 ----a-w- c:\windows\system32\ctppld.dll
2010-01-09 21:35:01 3313664 ----a-w- c:\windows\system32\stlang.dll
2010-01-09 21:35:01 12386396 ----a-w- c:\windows\system32\idtcpl.cpl
2010-01-09 21:34:10 0 d-----w- c:\program files\IDT
2010-01-09 20:17:22 14610 ----a-w- c:\windows\system32\results.xml
2010-01-09 20:13:08 993816 ----a-w- c:\windows\system32\igxpun.exe
2010-01-09 20:13:08 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-01-09 20:13:08 0 d-----w- c:\windows\system32\Lang
2010-01-09 20:09:11 0 d-----w- c:\program files\Cisco
2010-01-09 20:04:04 5430 ----a-w- c:\windows\system\MyMulti.ico
2010-01-09 20:04:03 6815264 ----a-w- c:\windows\system\DriveIcon.dll
2010-01-09 20:04:03 62976 ----a-w- c:\windows\system32\drivers\RTSTOR.sys
2010-01-09 20:03:07 0 d-----w- C:\Intel
2010-01-09 19:48:18 0 d-----w- c:\program files\Marvell
2010-01-09 19:47:17 0 d-----w- c:\users\c\appdata\roaming\TMP
2010-01-09 19:45:06 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-09 19:32:53 0 d-----w- C:\dell
2010-01-09 19:24:24 0 d-----w- c:\windows\system32\vmm32
2010-01-09 19:24:24 0 d-----w- c:\program files\Dell
2010-01-08 15:45:08 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-08 15:45:08 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-08 05:25:44 0 d-----w- c:\program files\Defraggler
2010-01-06 03:34:05 0 d-----w- c:\program files\Windows Portable Devices
2010-01-06 03:33:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-06 03:31:54 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-01-06 03:30:43 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-01-06 03:30:42 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-01-06 03:30:42 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-01-05 23:43:44 0 d-----w- c:\program files\common files\PX Storage Engine
2010-01-05 23:43:26 0 d-----w- c:\program files\DivX
2010-01-05 23:43:26 0 d-----w- c:\program files\common files\DivX Shared
2010-01-04 21:04:55 0 d-----w- c:\windows\system32\eu-ES
2010-01-04 21:04:55 0 d-----w- c:\windows\system32\ca-ES
2010-01-04 21:04:54 0 d-----w- c:\windows\system32\vi-VN
2010-01-04 19:51:37 0 d-----w- c:\windows\system32\EventProviders
2010-01-04 10:39:59 807424 ----a-w- c:\windows\system32\msctf.dll
2010-01-04 10:38:56 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-01-04 10:38:56 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-01-04 10:38:56 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-01-04 10:38:56 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-01-04 10:38:56 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-01-04 10:38:56 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-01-04 10:38:56 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-01-04 10:38:55 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-01-04 10:38:54 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-01-04 10:38:54 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-01-04 10:38:50 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-01-04 10:16:32 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-01-04 10:16:22 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-04 10:16:22 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-01-04 10:16:21 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-01-03 06:41:52 0 d-sh--w- C:\$RECYCLE.BIN
2010-01-03 06:34:50 98816 ----a-w- c:\windows\sed.exe
2010-01-03 06:34:50 77312 ----a-w- c:\windows\MBR.exe
2010-01-03 06:34:50 261632 ----a-w- c:\windows\PEV.exe
2010-01-03 06:34:50 161792 ----a-w- c:\windows\SWREG.exe
2010-01-03 02:43:49 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-03 02:31:26 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-01-03 02:31:22 11967524 ----a-w- c:\windows\system32\korwbrkr.lex
2010-01-03 02:14:42 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-03 01:59:02 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-01-03 01:25:33 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-01-03 01:25:32 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-01-03 01:25:31 270848 ----a-w- c:\windows\system32\schannel.dll
2010-01-03 01:25:31 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-01-03 01:25:30 9728 ----a-w- c:\windows\system32\lsass.exe
2010-01-03 01:25:30 72704 ----a-w- c:\windows\system32\secur32.dll
2010-01-03 01:25:30 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-01-03 01:10:25 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-01-03 01:10:23 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-01-03 00:55:57 195456 ------w- c:\windows\system32\MpSigStub.exe
2010-01-03 00:55:22 2501921 ----a-w- c:\windows\system32\wlan.tmf
2010-01-03 00:55:21 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-01-03 00:55:21 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-01-03 00:55:21 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-01-03 00:55:21 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-01-03 00:55:21 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-01-03 00:55:20 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-01-03 00:52:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-01-03 00:52:51 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-03 00:52:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-01-03 00:52:51 23552 ----a-w- c:\windows\system32\lpk.dll
2010-01-03 00:52:51 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-03 00:52:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-01-03 00:44:49 6656 ----a-w- c:\windows\system32\kbd106n.dll
2010-01-03 00:39:02 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-01-03 00:32:07 1696768 ----a-w- c:\windows\system32\gameux.dll
2010-01-03 00:32:06 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-01-03 00:32:05 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-01-03 00:12:16 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-01-03 00:11:06 98816 ----a-w- c:\windows\system32\mfps.dll
2010-01-03 00:11:06 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-01-03 00:11:06 2868224 ----a-w- c:\windows\system32\mf.dll
2010-01-03 00:11:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-01-03 00:11:05 2048 ----a-w- c:\windows\system32\mferror.dll
2010-01-03 00:08:15 71680 ----a-w- c:\windows\system32\atl.dll
2010-01-03 00:02:16 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-01-03 00:02:02 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-01-03 00:02:02 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-01-03 00:02:02 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-01-03 00:01:21 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-01-02 23:55:52 623616 ----a-w- c:\windows\system32\localspl.dll
2010-01-02 23:55:42 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-01-02 23:49:17 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-01-02 23:49:16 43520 ----a-w- c:\windows\system32\msdxm.tlb
2010-01-02 23:49:16 18432 ----a-w- c:\windows\system32\amcompat.tlb
2010-01-02 23:38:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-01-02 23:38:11 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2010-01-02 23:28:03 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-01-02 23:27:43 243712 ----a-w- c:\windows\system32\rastls.dll
2010-01-02 23:24:57 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-01-02 23:20:12 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-01-02 23:19:56 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-01-02 23:19:55 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-01-02 23:19:55 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-01-02 23:19:55 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-01-02 23:19:54 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-01-02 17:39:29 0 d-----w- c:\program files\Belkin
2010-01-02 17:29:37 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-01-02 17:29:37 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-02 17:29:37 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2010-01-02 17:29:37 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-02 17:27:54 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-01-02 17:24:06 0 d-----w- c:\windows\Panther
2010-01-02 17:23:53 8192 --s-a-r- C:\BOOTSECT.BAK
2010-01-02 17:23:52 333257 --sha-r- C:\bootmgr
2010-01-02 17:23:52 0 d-sh--w- C:\Boot
2010-01-02 17:23:33 22 ---ha-r- c:\windows\dell_version
2010-01-02 17:23:33 0 d-----w- c:\windows\system32\OEM
2010-01-02 17:17:54 0 d-----w- c:\users\c\appdata\roaming\CheckPoint
2010-01-02 17:17:48 0 d-----w- c:\program files\CheckPoint
2010-01-02 17:17:33 0 d-----w- c:\program files\Zone Labs
2010-01-02 17:17:10 0 d-----w- c:\programdata\CheckPoint
2010-01-02 16:52:45 0 d-----w- c:\users\c\appdata\roaming\Malwarebytes
2010-01-02 16:52:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-02 16:52:41 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 16:52:41 0 d-----w- c:\programdata\Malwarebytes
2010-01-02 16:52:41 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-02 16:03:38 0 d-----w- c:\program files\CCleaner
2010-01-02 15:52:23 0 d---a-w- c:\programdata\TEMP
2010-01-02 15:52:19 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-01-02 15:52:19 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-01-02 15:52:18 0 d-----w- c:\program files\SpywareBlaster
2010-01-02 14:43:58 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-01-02 14:43:49 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-01-02 14:43:42 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-01-02 14:43:42 171608 ----a-w- c:\windows\system32\wuwebv.dll

==================== Find3M ====================

2010-01-09 21:51:30 86016 ----a-w- c:\windows\inf\infstrng.dat
2010-01-09 21:51:30 86016 ----a-w- c:\windows\inf\infstor.dat
2010-01-09 21:51:30 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-09 21:51:30 51200 ----a-w- c:\windows\inf\infpub.dat
2010-01-04 21:01:06 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2010-01-02 17:18:10 422437 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2009-11-22 20:44:20 446664 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2009-11-22 20:42:44 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-21 06:40:20 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34:39 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34:39 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-14 00:47:32 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47:28 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47:28 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47:28 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47:28 696320 ----a-w- c:\windows\system32\DivX.dll
2009-11-07 04:50:18 918016 ----a-w- c:\windows\system32\stapo.dll
2009-11-07 04:50:18 503808 ------w- c:\windows\system32\stapi32.dll
2009-11-07 04:50:18 405504 ----a-w- c:\windows\system32\stcplx.dll
2009-11-07 04:50:18 175616 ----a-w- c:\windows\system32\st326255.dll
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 7:13:06.83 ===============



_______________________________________________________________________________________________



--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Home Basic ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel® Celeron® CPU 900 @ 2.20GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A05
USER : c ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:134 Go (Free:97 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:14 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( Sun 01/10/2010| 6:43 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in Local

[01/02/2010|12:33] C:\Users\c\AppData\Local\<JUNCTION> Application Data
[01/09/2010|04:27] C:\Users\c\AppData\Local\<DIR> Apps
[01/09/2010|03:10] C:\Users\c\AppData\Local\680 d3d9caps.dat
[01/09/2010|01:22] C:\Users\c\AppData\Local\3,584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/10/2010|01:40] C:\Users\c\AppData\Local\<DIR> Deployment
[01/02/2010|12:33] C:\Users\c\AppData\Local\48,600 GDIPFONTCACHEV1.DAT
[01/02/2010|12:33] C:\Users\c\AppData\Local\<JUNCTION> History
[01/08/2010|02:45] C:\Users\c\AppData\Local\36 housecall.guid.cache
[01/10/2010|02:17] C:\Users\c\AppData\Local\2,334,518 IconCache.db
[01/08/2010|02:58] C:\Users\c\AppData\Local\<DIR> Microsoft
[01/02/2010|10:01] C:\Users\c\AppData\Local\<DIR> Mozilla
[01/10/2010|06:43] C:\Users\c\AppData\Local\<DIR> Temp
[01/02/2010|12:33] C:\Users\c\AppData\Local\<JUNCTION> Temporary Internet Files
[01/02/2010|12:33] C:\Users\c\AppData\Local\<DIR> VirtualStore

--------------------\\ Scheduled Tasks located in C:\Windows\Tasks

[01/10/2010 02:19 AM][--ah-----] C:\Windows\tasks\SA.DAT
[01/10/2010 02:18 AM][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing Folders in C:\ProgramData

[11/02/2006|07:59] C:\ProgramData\<JUNCTION> Application Data
[01/02/2010|12:17] C:\ProgramData\<DIR> CheckPoint
[01/09/2010|04:41] C:\ProgramData\<DIR> Dell
[11/02/2006|07:59] C:\ProgramData\<JUNCTION> Desktop
[11/02/2006|07:59] C:\ProgramData\<JUNCTION> Documents
[11/02/2006|07:59] C:\ProgramData\<JUNCTION> Favorites
[01/02/2010|11:52] C:\ProgramData\<DIR> Malwarebytes
[01/08/2010|02:58] C:\ProgramData\<DIR> Microsoft
[01/08/2010|02:36] C:\ProgramData\<DIR> Spybot - Search & Destroy
[11/02/2006|07:59] C:\ProgramData\<JUNCTION> Start Menu
[01/09/2010|01:25] C:\ProgramData\<DIR> TEMP
[11/02/2006|07:59] C:\ProgramData\<JUNCTION> Templates

--------------------\\ Listing Folders in C:\Program Files

[01/02/2010|12:29] C:\Program Files\<DIR> Alwil Software
[01/02/2010|12:39] C:\Program Files\<DIR> Belkin
[01/02/2010|11:03] C:\Program Files\<DIR> CCleaner
[01/02/2010|12:17] C:\Program Files\<DIR> CheckPoint
[01/09/2010|03:09] C:\Program Files\<DIR> Cisco
[01/09/2010|02:47] C:\Program Files\<DIR> Common Files
[01/08/2010|12:25] C:\Program Files\<DIR> Defraggler
[01/09/2010|05:27] C:\Program Files\<DIR> Dell
[01/05/2010|06:43] C:\Program Files\<DIR> DivX
[01/09/2010|04:35] C:\Program Files\<DIR> IDT
[01/09/2010|04:34] C:\Program Files\<DIR> InstallShield Installation Information
[01/09/2010|04:54] C:\Program Files\<DIR> Intel
[01/04/2010|04:05] C:\Program Files\<DIR> Internet Explorer
[01/09/2010|02:44] C:\Program Files\<DIR> Java
[01/08/2010|02:58] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[01/09/2010|02:48] C:\Program Files\<DIR> Marvell
[11/02/2006|07:35] C:\Program Files\<DIR> Microsoft Games
[01/04/2010|04:05] C:\Program Files\<DIR> Movie Maker
[01/08/2010|05:15] C:\Program Files\<DIR> Mozilla Firefox
[11/02/2006|07:35] C:\Program Files\<DIR> MSBuild
[11/02/2006|07:35] C:\Program Files\<DIR> Reference Assemblies
[01/08/2010|10:45] C:\Program Files\<DIR> Spybot - Search & Destroy
[01/07/2010|08:34] C:\Program Files\<DIR> SpywareBlaster
[11/02/2006|07:58] C:\Program Files\<DIR> Uninstall Information
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Calendar
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Collaboration
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Defender
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Mail
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Media Player
[11/02/2006|07:35] C:\Program Files\<DIR> Windows NT
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Photo Gallery
[01/05/2010|10:34] C:\Program Files\<DIR> Windows Portable Devices
[01/04/2010|04:05] C:\Program Files\<DIR> Windows Sidebar
[01/02/2010|12:17] C:\Program Files\<DIR> Zone Labs

--------------------\\ Listing Folders in C:\Program Files\Common Files

[01/05/2010|06:43] C:\Program Files\Common Files\<DIR> DivX Shared
[01/09/2010|02:47] C:\Program Files\Common Files\<DIR> InstallShield
[01/09/2010|03:07] C:\Program Files\Common Files\<DIR> microsoft shared
[01/05/2010|06:43] C:\Program Files\Common Files\<DIR> PX Storage Engine
[11/02/2006|06:18] C:\Program Files\Common Files\<DIR> Services
[11/02/2006|06:18] C:\Program Files\Common Files\<DIR> SpeechEngines
[01/04/2010|04:05] C:\Program Files\Common Files\<DIR> System

--------------------\\ Process

( 57 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-10 06:44:13
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:172][D:110]-> C:\Users\c\AppData\Local\Temp
[F:4][D:1]-> C:\Users\c\AppData\Roaming\MICROS~1\Windows\Cookies
[F:63][D:5]-> C:\Users\c\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:11][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - Sun 01/10/2010| 6:38 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Sun 01/10/2010| 6:45 - Option : [3]


------------------------------____________________________________________-_________________________-----------------------------

#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:19 PM

Posted 11 January 2010 - 11:12 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  • Please download OTL from following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 02:15 AM

problems I'm having are as follow. adn dont worry i wont try nothing on my own now that I'm having your help. Thx a lot

sometimes if i try to go to www.dell.com/home that adress will show up just fine and sometimes www.i.dell.com/home shows up instead . same with msn when trying to log on.
and sometimes the password of 1 online game i play on the net will show up in the adrressbar when logging in.
i guess my browser has been Hijacked. and almost certain i have a keylogger problem aswell.

OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\c\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 96.30 Gb Free Space | 71.68% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 14.56 Gb Free Space | 99.40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: H-C
Current User Name: c
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/12 01:39:07 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
PRC - [2009/12/02 09:17:44 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/24 18:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/22 15:44:16 | 02,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2009/11/22 15:42:50 | 01,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/11/06 23:50:18 | 00,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/11/06 23:50:18 | 00,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stacsv.exe
PRC - [2009/10/14 08:30:26 | 00,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/14 08:30:06 | 00,730,480 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009/10/07 04:12:52 | 00,087,344 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe
PRC - [2009/04/11 01:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/03 02:43:08 | 00,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstSrv.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/16 10:11:00 | 00,252,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009/01/16 10:10:58 | 00,150,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2009/01/16 10:10:54 | 00,173,592 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/11/17 07:29:18 | 00,026,112 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE
PRC - [2008/11/17 07:29:10 | 02,809,856 | ---- | M] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE
PRC - [2008/05/23 14:06:08 | 00,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/01/20 21:35:20 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe


========== Modules (SafeList) ==========

MOD - [2010/01/12 01:39:07 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
MOD - [2010/01/05 18:43:30 | 00,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2010/01/05 18:43:30 | 00,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2009/10/14 08:30:36 | 00,628,080 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/22 15:44:16 | 02,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/11/06 23:50:18 | 00,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stacsv.exe -- (STacSV)
SRV - [2009/10/14 08:30:26 | 00,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009/10/07 04:12:52 | 00,087,344 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\System32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/03/03 02:43:08 | 00,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/17 07:29:18 | 00,026,112 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2008/01/20 21:33:00 | 00,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2009/11/24 18:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 18:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 18:49:48 | 00,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/11/24 18:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 18:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/22 15:44:20 | 00,446,664 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009/11/06 23:50:18 | 00,420,864 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/10/28 14:37:02 | 00,528,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/10/14 08:30:02 | 00,025,208 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009/05/09 01:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/02/23 16:20:12 | 00,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2009/01/16 09:53:32 | 04,568,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/11/17 07:29:14 | 01,331,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/11/17 07:29:08 | 00,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/07/24 10:03:00 | 00,304,128 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008/01/20 21:32:53 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:32:53 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:32:52 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:32:52 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:32:52 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:32:52 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:32:51 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:32:51 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:32:50 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:32:50 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 21:32:50 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:32:49 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:32:49 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:32:49 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:32:49 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:32:49 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:32:48 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:32:48 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:32:47 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:32:46 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:32:45 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:32:21 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:32:21 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:32:21 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/
IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 00 2F 44 BE 90 CA 01 [binary data]
IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\S-1-5-21-2933721720-2347061927-632480297-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.30
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.4


FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/01/02 22:30:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/05 18:44:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/09 14:45:06 | 00,000,000 | ---D | M]

[2010/01/11 19:00:26 | 00,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Extensions
[2010/01/11 19:00:26 | 00,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/01/11 12:53:41 | 00,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\bkov646a.default\extensions
[2010/01/02 11:22:47 | 00,000,000 | ---D | M] (NoScript) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\bkov646a.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/01/11 12:53:38 | 00,000,000 | ---D | M] (FoxGame) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\bkov646a.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}
[2010/01/07 12:20:29 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\bkov646a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/11 18:58:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (371844 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12819 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-2933721720-2347061927-632480297-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2933721720-2347061927-632480297-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2933721720-2347061927-632480297-1000\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/12 01:39:06 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
[2010/01/11 20:56:02 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Nero_AG
[2010/01/11 19:56:32 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Nero
[2010/01/11 19:54:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/01/11 19:54:49 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/01/11 19:54:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/01/11 19:53:40 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/01/11 19:47:16 | 10,700,0584 | ---- | C] (Nero AG) -- C:\Users\c\Desktop\Nero_BackItUpAndBurn-1.2.17b_trial.exe
[2010/01/11 19:30:44 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\PowerDVD DX
[2010/01/11 19:30:01 | 01,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71u.dll
[2010/01/11 19:30:01 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2010/01/11 19:30:01 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/01/11 19:00:36 | 00,000,000 | ---D | C] -- C:\Users\c\Documents\LimeWire
[2010/01/11 18:58:32 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/11 18:58:32 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/11 18:58:32 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/11 18:56:44 | 18,848,592 | ---- | C] (Lime Wire LLC) -- C:\Users\c\Desktop\LimeWireWin.exe
[2010/01/10 06:36:04 | 00,000,000 | ---D | C] -- C:\Lop SD
[2010/01/09 17:05:58 | 00,000,000 | ---D | C] -- C:\Windows\System32\Dell
[2010/01/09 16:54:49 | 00,398,336 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\TVWizudlg.exe
[2010/01/09 16:46:38 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010/01/09 16:46:38 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/01/09 16:43:47 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/01/09 16:43:47 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/01/09 16:41:19 | 00,000,000 | ---D | C] -- C:\ProgramData\Dell
[2010/01/09 16:35:02 | 00,511,488 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2010/01/09 16:35:02 | 00,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2010/01/09 16:35:02 | 00,139,264 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2010/01/09 16:35:02 | 00,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2010/01/09 16:35:01 | 12,386,396 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2010/01/09 16:35:01 | 03,313,664 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2010/01/09 16:35:01 | 00,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2010/01/09 16:35:01 | 00,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2010/01/09 16:35:01 | 00,047,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctppld.dll
[2010/01/09 16:34:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2010/01/09 16:34:27 | 08,198,680 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\TVWSetup.exe
[2010/01/09 16:34:27 | 00,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2010/01/09 16:34:25 | 00,304,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2010/01/09 16:34:25 | 00,303,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2010/01/09 16:34:25 | 00,299,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2010/01/09 16:34:25 | 00,294,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2010/01/09 16:34:25 | 00,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2010/01/09 16:34:25 | 00,289,280 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2010/01/09 16:34:25 | 00,288,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2010/01/09 16:34:25 | 00,287,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2010/01/09 16:34:25 | 00,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2010/01/09 16:34:25 | 00,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2010/01/09 16:34:25 | 00,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2010/01/09 16:34:25 | 00,279,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2010/01/09 16:34:25 | 00,279,040 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2010/01/09 16:34:25 | 00,277,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2010/01/09 16:34:25 | 00,262,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2010/01/09 16:34:25 | 00,249,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2010/01/09 16:34:25 | 00,206,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2010/01/09 16:34:25 | 00,205,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2010/01/09 16:34:25 | 00,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v1637.dll
[2010/01/09 16:34:24 | 04,568,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys
[2010/01/09 16:34:24 | 03,821,568 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2010/01/09 16:34:24 | 00,668,696 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2010/01/09 16:34:24 | 00,536,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
[2010/01/09 16:34:24 | 00,310,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2010/01/09 16:34:24 | 00,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2010/01/09 16:34:24 | 00,303,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2010/01/09 16:34:24 | 00,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2010/01/09 16:34:24 | 00,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2010/01/09 16:34:24 | 00,252,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2010/01/09 16:34:24 | 00,200,192 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2010/01/09 16:34:24 | 00,179,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2010/01/09 16:34:24 | 00,178,176 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2010/01/09 16:34:24 | 00,173,080 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
[2010/01/09 16:34:24 | 00,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2010/01/09 16:34:24 | 00,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2010/01/09 16:34:24 | 00,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2010/01/09 16:34:23 | 04,112,384 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2010/01/09 16:34:23 | 02,674,688 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2010/01/09 16:34:23 | 02,576,384 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igd10umd32.dll
[2010/01/09 16:34:13 | 00,918,016 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2010/01/09 16:34:13 | 00,420,864 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2010/01/09 16:34:13 | 00,405,504 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2010/01/09 16:34:12 | 00,503,808 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2010/01/09 16:34:12 | 00,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st326255.dll
[2010/01/09 16:34:10 | 00,000,000 | ---D | C] -- C:\Program Files\IDT
[2010/01/09 16:27:12 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Deployment
[2010/01/09 16:27:12 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Apps
[2010/01/09 15:13:08 | 00,993,816 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe
[2010/01/09 15:13:08 | 00,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2010/01/09 15:13:08 | 00,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/01/09 15:09:11 | 00,000,000 | ---D | C] -- C:\Program Files\Cisco
[2010/01/09 15:06:51 | 05,702,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2010/01/09 15:06:51 | 00,257,536 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2010/01/09 15:06:51 | 00,252,952 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
[2010/01/09 15:06:51 | 00,141,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
[2010/01/09 15:06:51 | 00,051,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2010/01/09 15:06:50 | 00,275,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2010/01/09 15:06:50 | 00,210,432 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
[2010/01/09 15:06:50 | 00,150,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
[2010/01/09 15:06:49 | 00,173,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
[2010/01/09 15:06:49 | 00,094,208 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2010/01/09 15:06:26 | 01,044,992 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMLogon.dll
[2010/01/09 15:06:17 | 00,000,000 | ---D | C] -- C:\Windows\System32\no-NO
[2010/01/09 15:06:11 | 00,018,424 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\bcm42rly.sys
[2010/01/09 15:06:10 | 02,682,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vcredist_x86.exe
[2010/01/09 15:06:10 | 00,311,296 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmwlu00.exe
[2010/01/09 15:06:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\vs08
[2010/01/09 15:06:09 | 04,485,120 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmttls.dll
[2010/01/09 15:06:09 | 00,051,712 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\wltrynt.dll
[2010/01/09 15:06:08 | 07,216,640 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLCPL.CPL
[2010/01/09 15:06:08 | 03,810,304 | ---- | C] (Dell Inc.) -- C:\Windows\System32\WLTRAY.EXE
[2010/01/09 15:06:08 | 02,809,856 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE
[2010/01/09 15:06:07 | 00,153,088 | ---- | C] (Broadcom Corp.) -- C:\Windows\System32\bcmwlapi.dll
[2010/01/09 15:06:07 | 00,087,280 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\bcmwlcoi.dll
[2010/01/09 15:06:06 | 03,850,240 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvui.dll
[2010/01/09 15:06:05 | 04,157,440 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvsrv.dll
[2010/01/09 15:06:05 | 01,331,192 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS
[2010/01/09 15:04:03 | 00,062,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTSTOR.sys
[2010/01/09 15:03:07 | 00,000,000 | ---D | C] -- C:\Intel
[2010/01/09 14:48:18 | 00,000,000 | ---D | C] -- C:\Program Files\Marvell
[2010/01/09 14:47:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/01/09 14:47:17 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\TMP
[2010/01/09 14:45:06 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/01/09 14:40:31 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2010/01/09 14:32:53 | 00,000,000 | ---D | C] -- C:\dell
[2010/01/09 14:24:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2010/01/09 14:24:24 | 00,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/01/08 10:45:08 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/01/08 10:45:08 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/08 00:25:44 | 00,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/01/05 22:34:05 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/01/05 22:32:55 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/01/05 22:32:54 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/01/05 22:32:54 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/01/05 22:32:28 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/01/05 22:32:27 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/01/05 22:32:25 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/01/05 22:32:25 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/01/05 22:32:25 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/01/05 22:32:25 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/01/05 22:32:25 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/01/05 22:32:25 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/01/05 22:32:25 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/01/05 22:32:25 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/01/05 22:32:25 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/01/05 22:32:25 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/05 22:32:24 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/01/05 22:32:24 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/01/05 22:32:24 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/01/05 22:32:24 | 00,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/01/05 22:32:24 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/05 22:32:24 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/01/05 22:32:24 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/01/05 22:32:24 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/01/05 22:32:23 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/01/05 22:32:23 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/01/05 22:32:23 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/01/05 22:32:23 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/01/05 22:32:23 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/01/05 22:31:54 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/01/05 22:31:53 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/01/05 22:31:50 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/01/05 22:31:47 | 00,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/01/05 22:31:47 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/01/05 22:31:47 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/01/05 22:31:47 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/01/05 22:31:46 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/01/05 22:31:46 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/01/05 22:30:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/01/05 22:30:42 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/01/05 22:16:22 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\DivX
[2010/01/05 18:43:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/01/05 18:43:26 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/01/05 18:43:26 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/01/05 18:42:09 | 23,804,080 | ---- | C] (DivX, Inc.) -- C:\Users\c\Desktop\DivXInstaller.exe
[2010/01/05 18:00:56 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Macromedia
[2010/01/05 18:00:55 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Adobe
[2010/01/05 18:00:51 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/01/04 16:04:55 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/01/04 16:04:55 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/01/04 16:04:54 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/01/04 14:51:37 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/01/04 05:40:45 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/01/04 05:40:42 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/01/04 05:40:40 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/01/04 05:40:40 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/01/04 05:40:39 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/01/04 05:40:38 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/01/04 05:40:37 | 00,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/01/04 05:40:36 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/01/04 05:40:35 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/04 05:40:34 | 00,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/01/04 05:40:34 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/01/04 05:40:34 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/01/04 05:40:33 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/01/04 05:40:32 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/01/04 05:40:31 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/01/04 05:40:31 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/01/04 05:40:31 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/01/04 05:40:30 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/04 05:40:29 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/01/04 05:40:28 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/01/04 05:40:28 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/01/04 05:40:28 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/01/04 05:40:27 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/01/04 05:40:27 | 00,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/01/04 05:40:27 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/01/04 05:40:25 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/01/04 05:40:24 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/01/04 05:40:24 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/01/04 05:40:24 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/01/04 05:40:23 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/04 05:40:22 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/01/04 05:40:22 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/01/04 05:40:22 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/01/04 05:40:21 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/01/04 05:40:21 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/01/04 05:40:21 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/01/04 05:40:21 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/04 05:40:20 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/01/04 05:40:20 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/01/04 05:40:20 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/01/04 05:40:20 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/01/04 05:40:19 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/01/04 05:40:17 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/01/04 05:40:17 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/01/04 05:40:17 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/01/04 05:40:16 | 01,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/01/04 05:40:16 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/01/04 05:40:16 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/01/04 05:40:15 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/01/04 05:40:15 | 00,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/01/04 05:40:15 | 00,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/01/04 05:40:15 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/04 05:40:15 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/01/04 05:40:14 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/01/04 05:40:14 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/01/04 05:40:14 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/01/04 05:40:13 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/01/04 05:40:12 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/01/04 05:40:12 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/01/04 05:40:12 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/01/04 05:40:12 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/01/04 05:40:12 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/01/04 05:40:11 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/01/04 05:40:10 | 03,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/01/04 05:40:10 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/01/04 05:40:10 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/01/04 05:40:10 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/04 05:40:09 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/01/04 05:40:09 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/01/04 05:40:09 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/01/04 05:40:09 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/04 05:40:08 | 01,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/01/04 05:40:08 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/01/04 05:40:08 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/01/04 05:40:08 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/01/04 05:40:07 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/01/04 05:40:07 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/01/04 05:40:07 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/04 05:40:06 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/01/04 05:40:06 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/01/04 05:40:06 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/01/04 05:40:06 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/01/04 05:40:06 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/04 05:40:06 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/04 05:40:05 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/01/04 05:40:05 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/01/04 05:40:04 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/01/04 05:40:04 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/01/04 05:40:04 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/01/04 05:40:04 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/01/04 05:40:04 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/01/04 05:40:03 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/01/04 05:40:03 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/01/04 05:40:02 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/01/04 05:40:01 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/01/04 05:40:01 | 00,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/01/04 05:40:01 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/01/04 05:40:01 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/01/04 05:40:01 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/01/04 05:40:01 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/01/04 05:40:00 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/01/04 05:40:00 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/01/04 05:39:59 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/01/04 05:39:59 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/01/04 05:39:58 | 00,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/04 05:39:57 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/01/04 05:39:57 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/01/04 05:39:57 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/01/04 05:39:57 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/01/04 05:39:56 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/01/04 05:39:55 | 00,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/01/04 05:39:55 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/01/04 05:39:55 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/01/04 05:39:54 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/01/04 05:39:54 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/01/04 05:39:54 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/01/04 05:39:53 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/01/04 05:39:51 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/01/04 05:39:51 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/01/04 05:39:51 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/01/04 05:39:51 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/01/04 05:39:51 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/01/04 05:39:51 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/01/04 05:39:51 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/01/04 05:39:51 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/01/04 05:39:50 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/01/04 05:39:50 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/01/04 05:39:50 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/01/04 05:39:49 | 01,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/01/04 05:39:49 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/01/04 05:39:49 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/01/04 05:39:49 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/01/04 05:39:49 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/01/04 05:39:49 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/01/04 05:39:48 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/01/04 05:39:48 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/01/04 05:39:48 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/01/04 05:39:48 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/01/04 05:39:47 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/01/04 05:39:47 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/01/04 05:39:47 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/04 05:39:47 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/01/04 05:39:47 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/01/04 05:39:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/01/04 05:39:47 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/01/04 05:39:47 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/04 05:39:46 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/01/04 05:39:46 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/01/04 05:39:46 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/01/04 05:39:45 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/01/04 05:39:45 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/01/04 05:39:45 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/01/04 05:39:45 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/01/04 05:39:45 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/01/04 05:39:45 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/01/04 05:39:45 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/01/04 05:39:44 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/01/04 05:39:44 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/01/04 05:39:44 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/01/04 05:39:44 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/04 05:39:43 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/01/04 05:39:43 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/01/04 05:39:42 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/01/04 05:39:42 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/01/04 05:39:42 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/01/04 05:39:42 | 00,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/01/04 05:39:42 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/01/04 05:39:42 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010/01/04 05:39:41 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/01/04 05:39:41 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/01/04 05:39:41 | 00,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/01/04 05:39:41 | 00,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/01/04 05:39:41 | 00,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/01/04 05:39:41 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/04 05:39:40 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/01/04 05:39:40 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/01/04 05:39:40 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/01/04 05:39:40 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/01/04 05:39:40 | 00,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/01/04 05:39:39 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/01/04 05:39:39 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/01/04 05:39:39 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/01/04 05:39:38 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/01/04 05:39:38 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/01/04 05:39:38 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/01/04 05:39:38 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/01/04 05:39:38 | 00,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/01/04 05:39:37 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/01/04 05:39:37 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/01/04 05:39:37 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/01/04 05:39:37 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/01/04 05:39:37 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/01/04 05:39:37 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/01/04 05:39:37 | 00,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/01/04 05:39:37 | 00,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/01/04 05:39:37 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/01/04 05:39:36 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/01/04 05:39:36 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/01/04 05:39:35 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/01/04 05:39:35 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/01/04 05:39:35 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/01/04 05:39:35 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/01/04 05:39:35 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/01/04 05:39:35 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/01/04 05:39:35 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/01/04 05:39:35 | 00,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/01/04 05:39:35 | 00,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/01/04 05:39:34 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/01/04 05:39:34 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/01/04 05:39:34 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/01/04 05:39:34 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/01/04 05:39:34 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/01/04 05:39:34 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/01/04 05:39:34 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/01/04 05:39:33 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/01/04 05:39:33 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/01/04 05:39:32 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/01/04 05:39:32 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/01/04 05:39:32 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/01/04 05:39:32 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/01/04 05:39:32 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/01/04 05:39:32 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/01/04 05:39:32 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/01/04 05:39:32 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/01/04 05:39:32 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/04 05:39:32 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/01/04 05:39:32 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/01/04 05:39:32 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/01/04 05:39:31 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/01/04 05:39:31 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/01/04 05:39:31 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/01/04 05:39:31 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/01/04 05:39:31 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/01/04 05:39:31 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/04 05:39:30 | 01,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/01/04 05:39:30 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/01/04 05:39:30 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/01/04 05:39:30 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/01/04 05:39:30 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/01/04 05:39:30 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/01/04 05:39:30 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/01/04 05:39:30 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/01/04 05:39:30 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/01/04 05:39:30 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/01/04 05:39:30 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/01/04 05:39:29 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/01/04 05:39:29 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/01/04 05:39:29 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/01/04 05:39:29 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/01/04 05:39:29 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/04 05:39:29 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/01/04 05:39:29 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/01/04 05:39:28 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/01/04 05:39:28 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/01/04 05:39:28 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/01/04 05:39:28 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/01/04 05:39:28 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/01/04 05:39:27 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/01/04 05:39:27 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/01/04 05:39:27 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/01/04 05:39:27 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/01/04 05:39:26 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/01/04 05:39:26 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/01/04 05:39:26 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2010/01/04 05:39:26 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/01/04 05:39:26 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/01/04 05:39:26 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/01/04 05:39:26 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/01/04 05:39:26 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/01/04 05:39:26 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/01/04 05:39:26 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/04 05:39:25 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/01/04 05:39:25 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/01/04 05:39:25 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/01/04 05:39:25 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/01/04 05:39:25 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/01/04 05:39:25 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/01/04 05:39:24 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/01/04 05:39:24 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/01/04 05:39:24 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/01/04 05:39:24 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/01/04 05:39:24 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/01/04 05:39:24 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/01/04 05:39:23 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/01/04 05:39:23 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/01/04 05:39:23 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/01/04 05:39:23 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/01/04 05:39:23 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/01/04 05:39:23 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/01/04 05:39:23 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/01/04 05:39:22 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/01/04 05:39:22 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/04 05:39:22 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/01/04 05:39:22 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/01/04 05:39:22 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/01/04 05:39:22 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/01/04 05:39:22 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/01/04 05:39:22 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/01/04 05:39:22 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/01/04 05:39:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/01/04 05:39:22 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/01/04 05:39:21 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/01/04 05:39:21 | 01,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/01/04 05:39:21 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/01/04 05:39:21 | 00,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/01/04 05:39:21 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/01/04 05:39:21 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/01/04 05:39:21 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/01/04 05:39:21 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/01/04 05:39:21 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/01/04 05:39:21 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/01/04 05:39:21 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/01/04 05:39:20 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/01/04 05:39:20 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/01/04 05:39:20 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/01/04 05:39:20 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/01/04 05:39:20 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/01/04 05:39:20 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/01/04 05:39:20 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/01/04 05:39:20 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/01/04 05:39:19 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/01/04 05:39:19 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/01/04 05:39:19 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/01/04 05:39:19 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/01/04 05:39:19 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/01/04 05:39:19 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/01/04 05:39:19 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/01/04 05:39:19 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/01/04 05:39:19 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/01/04 05:39:19 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/01/04 05:39:18 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/01/04 05:39:18 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/01/04 05:39:18 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/04 05:39:18 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/01/04 05:39:18 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/01/04 05:39:18 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/01/04 05:39:18 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/01/04 05:39:18 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/01/04 05:39:17 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/01/04 05:39:17 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/01/04 05:39:17 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/01/04 05:39:17 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/01/04 05:39:17 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/01/04 05:39:17 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/01/04 05:39:16 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/01/04 05:39:16 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/01/04 05:39:16 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/01/04 05:39:16 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/01/04 05:39:16 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/01/04 05:39:16 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/01/04 05:39:16 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/01/04 05:39:16 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/01/04 05:39:15 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/01/04 05:39:15 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/01/04 05:39:15 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/01/04 05:39:15 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/01/04 05:39:15 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/01/04 05:39:15 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/01/04 05:39:15 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/01/04 05:39:15 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/01/04 05:39:15 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/01/04 05:39:15 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/01/04 05:39:15 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/01/04 05:39:15 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/01/04 05:39:14 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/01/04 05:39:14 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/01/04 05:39:14 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/01/04 05:39:14 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/01/04 05:39:14 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/01/04 05:39:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/01/04 05:39:14 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/01/04 05:39:13 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/01/04 05:39:13 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/01/04 05:39:13 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/04 05:39:13 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/01/04 05:39:13 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/01/04 05:39:13 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/01/04 05:39:13 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/01/04 05:39:13 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/01/04 05:39:12 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/01/04 05:39:12 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/01/04 05:39:12 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010/01/04 05:39:12 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/04 05:39:12 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/01/04 05:39:12 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/01/04 05:39:12 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/01/04 05:39:12 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/01/04 05:39:12 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/01/04 05:39:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/01/04 05:39:11 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/01/04 05:39:11 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/01/04 05:39:11 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/01/04 05:39:11 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/01/04 05:39:11 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/01/04 05:39:11 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/01/04 05:39:11 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/01/04 05:39:11 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/01/04 05:39:11 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/01/04 05:39:11 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/01/04 05:39:11 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/01/04 05:39:10 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/01/04 05:39:10 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/01/04 05:39:10 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/01/04 05:39:10 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/01/04 05:39:10 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/01/04 05:39:10 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/01/04 05:39:10 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/01/04 05:39:10 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010/01/04 05:39:10 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/01/04 05:39:10 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/01/04 05:39:10 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/01/04 05:39:10 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/01/04 05:39:09 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/01/04 05:39:09 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/01/04 05:39:08 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/01/04 05:39:08 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/01/04 05:39:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/01/04 05:39:08 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/01/04 05:39:08 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/01/04 05:39:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/01/04 05:39:07 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/01/04 05:39:07 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/01/04 05:39:07 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/01/04 05:39:07 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/01/04 05:39:07 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/01/04 05:39:06 | 00,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/01/04 05:39:06 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/01/04 05:39:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/01/04 05:39:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/01/04 05:39:05 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/01/04 05:38:55 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/01/04 05:38:54 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/01/04 05:38:54 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/01/04 05:38:50 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/01/04 05:16:34 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/04 05:16:22 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/04 05:16:21 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/03 01:41:52 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/01/03 01:34:50 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/01/03 01:34:50 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/01/03 01:34:50 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/01/03 01:34:46 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/03 01:34:36 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/03 01:34:22 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/01/03 01:34:20 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/02 21:43:49 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/02 20:59:02 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/02 20:52:46 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/02 20:52:45 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/02 20:52:45 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/02 20:52:45 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/02 20:52:45 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/02 20:52:44 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/02 20:52:44 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/02 20:52:44 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/02 20:52:43 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/02 20:52:43 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/02 20:52:43 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/02 20:52:43 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/02 20:52:43 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/01/02 20:52:42 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/02 20:51:54 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/01/02 20:51:54 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/01/02 20:51:54 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/02 20:51:54 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/02 20:51:54 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/01/02 20:51:53 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/02 20:51:53 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/02 20:51:53 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/01/02 20:51:53 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/01/02 20:51:53 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/01/02 20:51:52 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/02 20:51:52 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/01/02 20:51:52 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/01/02 20:51:52 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/02 20:51:52 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/01/02 20:51:51 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/02 20:51:51 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/02 20:51:51 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/02 20:51:50 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/02 20:51:50 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/01/02 20:51:50 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/01/02 20:51:48 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/02 20:51:48 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/02 20:51:48 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/01/02 20:51:48 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/01/02 20:51:48 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/01/02 20:51:48 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/01/02 20:51:48 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/01/02 20:25:33 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/02 20:10:25 | 03,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/02 20:10:23 | 03,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/02 19:55:57 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/02 19:55:21 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/02 19:55:21 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/02 19:55:21 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/02 19:55:21 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/02 19:55:20 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/02 19:52:52 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/02 19:52:51 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/02 19:52:51 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/02 19:52:51 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/02 19:52:51 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/02 19:44:49 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/01/02 19:39:02 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/02 19:32:07 | 01,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/02 19:32:06 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/02 19:32:05 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/02 19:17:36 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/02 19:17:36 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/02 19:17:36 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/02 19:17:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/02 19:17:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/02 19:17:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/02 19:17:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/02 19:17:36 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/02 19:17:35 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/02 19:11:07 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/02 19:11:06 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/02 19:11:06 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/02 19:11:06 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/02 19:11:06 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/02 19:11:05 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/02 19:02:02 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/02 19:02:02 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/02 19:01:21 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/02 18:55:52 | 00,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/02 18:55:42 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/02 18:49:16 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/02 18:49:16 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/02 18:27:43 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/02 18:24:57 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/02 18:20:12 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/02 18:19:56 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/02 18:19:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/02 18:19:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/02 18:19:55 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/02 18:19:54 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/02 12:39:29 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/01/02 12:39:29 | 00,000,000 | ---D | C] -- C:\Program Files\Belkin
[2010/01/02 12:39:18 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\InstallShield
[2010/01/02 12:33:29 | 00,000,000 | R--D | C] -- C:\Users\c\Searches
[2010/01/02 12:33:20 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Identities
[2010/01/02 12:33:19 | 00,000,000 | R--D | C] -- C:\Users\c\Contacts
[2010/01/02 12:33:18 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\VirtualStore
[2010/01/02 12:33:15 | 00,000,000 | --SD | C] -- C:\Users\c\AppData\Roaming\Microsoft
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Videos
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Saved Games
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Pictures
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Music
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Links
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Favorites
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Downloads
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Documents
[2010/01/02 12:33:15 | 00,000,000 | R--D | C] -- C:\Users\c\Desktop
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\AppData\Local\Temporary Internet Files
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Templates
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Start Menu
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\SendTo
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Recent
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\PrintHood
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\NetHood
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Documents\My Videos
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Documents\My Pictures
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Documents\My Music
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\My Documents
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Local Settings
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\AppData\Local\History
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Cookies
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\Application Data
[2010/01/02 12:33:15 | 00,000,000 | -HSD | C] -- C:\Users\c\AppData\Local\Application Data
[2010/01/02 12:33:15 | 00,000,000 | -H-D | C] -- C:\Users\c\AppData
[2010/01/02 12:33:15 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Temp
[2010/01/02 12:33:15 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Microsoft
[2010/01/02 12:30:41 | 00,000,000 | ---D | C] -- C:\Windows\Debug
[2010/01/02 12:29:58 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/01/02 12:29:58 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/01/02 12:29:57 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/01/02 12:29:57 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2010/01/02 12:29:57 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/01/02 12:29:37 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/01/02 12:29:37 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2010/01/02 12:29:37 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVCP71.dll
[2010/01/02 12:29:37 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVCR71.dll
[2010/01/02 12:29:37 | 00,053,328 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/01/02 12:29:35 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/01/02 12:27:01 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/01/02 12:24:31 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/01/02 12:24:25 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2010/01/02 12:24:06 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2010/01/02 12:23:52 | 00,000,000 | -HSD | C] -- C:\Boot
[2010/01/02 12:23:33 | 00,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010/01/02 12:17:54 | 00,000,000 | ---D | C] -- C:\Users\c\Documents\ForceField Shared Files
[2010/01/02 12:17:54 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\CheckPoint
[2010/01/02 12:17:48 | 00,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/01/02 12:17:46 | 00,058,248 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll
[2010/01/02 12:17:45 | 00,103,816 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll
[2010/01/02 12:17:45 | 00,069,000 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll
[2010/01/02 12:17:42 | 01,238,408 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll
[2010/01/02 12:17:42 | 00,109,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll
[2010/01/02 12:17:42 | 00,041,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll
[2010/01/02 12:17:41 | 00,299,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll
[2010/01/02 12:17:41 | 00,112,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll
[2010/01/02 12:17:41 | 00,107,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll
[2010/01/02 12:17:34 | 00,446,664 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys
[2010/01/02 12:17:34 | 00,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2010/01/02 12:17:33 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/01/02 12:17:10 | 00,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010/01/02 12:17:10 | 00,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010/01/02 12:17:09 | 00,621,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll
[2010/01/02 12:17:09 | 00,227,720 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll
[2010/01/02 12:17:01 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/01/02 11:52:45 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Malwarebytes
[2010/01/02 11:52:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/02 11:52:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/02 11:52:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/02 11:52:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/02 11:03:38 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/02 10:52:23 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/01/02 10:52:19 | 01,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2010/01/02 10:52:19 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTDFMT.DLL
[2010/01/02 10:52:18 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/01/02 10:01:55 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Mozilla
[2010/01/02 10:01:54 | 00,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Mozilla
[2010/01/02 10:01:50 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/01/02 09:43:59 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/02 09:43:58 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/02 09:43:49 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/02 09:43:49 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/02 09:43:49 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/02 09:43:42 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/02 09:43:42 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

========== Files - Modified Within 30 Days ==========

[2010/01/12 01:39:32 | 05,242,880 | -HS- | M] () -- C:\Users\c\NTUSER.DAT
[2010/01/12 01:39:07 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
[2010/01/12 01:28:42 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/12 01:28:42 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 19:55:05 | 00,002,274 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp.lnk
[2010/01/11 19:50:34 | 10,700,0584 | ---- | M] (Nero AG) -- C:\Users\c\Desktop\Nero_BackItUpAndBurn-1.2.17b_trial.exe
[2010/01/11 18:58:20 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/01/11 18:58:20 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/11 18:58:20 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/11 18:58:20 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/11 18:56:45 | 18,848,592 | ---- | M] (Lime Wire LLC) -- C:\Users\c\Desktop\LimeWireWin.exe
[2010/01/11 15:34:59 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/11 15:34:59 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/11 15:34:59 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/11 15:29:12 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/11 15:28:39 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/11 15:28:36 | 31,817,60512 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/11 15:28:01 | 00,524,288 | -HS- | M] () -- C:\Users\c\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/01/11 15:28:01 | 00,065,536 | -HS- | M] () -- C:\Users\c\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/01/11 14:24:14 | 00,371,844 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/01/10 01:30:28 | 00,009,523 | ---- | M] () -- C:\Users\c\Desktop\DellDriverDownloadManager.application
[2010/01/09 16:31:07 | 42,160,824 | ---- | M] () -- C:\Users\c\Documents\Dell_System-Software_A04_R251002.exe
[2010/01/09 16:30:22 | 16,804,568 | ---- | M] () -- C:\Users\c\Documents\R249932.exe
[2010/01/09 16:29:44 | 04,149,888 | ---- | M] () -- C:\Users\c\Documents\CW1358A2.exe
[2010/01/09 16:29:43 | 01,162,471 | ---- | M] () -- C:\Users\c\Documents\1545A13.EXE
[2010/01/09 16:29:35 | 24,596,096 | ---- | M] () -- C:\Users\c\Documents\R197859.exe
[2010/01/09 16:29:34 | 21,986,144 | ---- | M] () -- C:\Users\c\Documents\R215593.exe
[2010/01/09 16:29:05 | 10,153,608 | ---- | M] () -- C:\Users\c\Documents\R215450.exe
[2010/01/09 16:28:15 | 02,284,048 | ---- | M] () -- C:\Users\c\Documents\R197840.exe
[2010/01/09 16:28:14 | 00,159,856 | ---- | M] () -- C:\Users\c\Documents\R182065.exe
[2010/01/09 15:17:22 | 00,014,610 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/01/09 15:10:35 | 00,000,680 | ---- | M] () -- C:\Users\c\AppData\Local\d3d9caps.dat
[2010/01/09 15:06:43 | 00,773,890 | ---- | M] () -- C:\Windows\System32\oem8.inf
[2010/01/09 13:22:58 | 00,003,584 | ---- | M] () -- C:\Users\c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 11:20:41 | 00,371,844 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100111-142414.backup
[2010/01/08 11:20:32 | 00,371,844 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100108-112041.backup
[2010/01/08 11:14:29 | 00,371,844 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100108-112032.backup
[2010/01/08 10:45:14 | 00,001,055 | ---- | M] () -- C:\Users\c\Desktop\Spybot - Search & Destroy.lnk
[2010/01/08 02:45:20 | 00,000,036 | ---- | M] () -- C:\Users\c\AppData\Local\housecall.guid.cache
[2010/01/08 00:25:44 | 00,001,702 | ---- | M] () -- C:\Users\c\Desktop\Defraggler.lnk
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/05 22:33:56 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/01/05 18:43:47 | 00,000,935 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010/01/05 18:43:41 | 00,000,971 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010/01/05 18:43:26 | 00,001,390 | ---- | M] () -- C:\Users\c\Desktop\DivX Movies.lnk
[2010/01/05 18:42:40 | 23,804,080 | ---- | M] (DivX, Inc.) -- C:\Users\c\Desktop\DivXInstaller.exe
[2010/01/04 16:07:29 | 00,228,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/03 01:39:40 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/01/03 01:22:42 | 03,817,750 | R--- | M] () -- C:\Users\c\Desktop\ComboFix.exe
[2010/01/02 21:14:42 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/01/02 12:40:13 | 00,524,288 | -HS- | M] () -- C:\Users\c\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2010/01/02 12:33:38 | 00,048,600 | ---- | M] () -- C:\Users\c\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/01/02 12:33:15 | 00,000,020 | -HS- | M] () -- C:\Users\c\ntuser.ini
[2010/01/02 12:29:58 | 00,001,849 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2010/01/02 12:29:56 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/01/02 12:28:02 | 00,059,681 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/01/02 12:27:54 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/01/02 12:23:53 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/01/02 12:18:10 | 00,422,437 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2010/01/02 12:17:47 | 00,000,871 | ---- | M] () -- C:\Users\c\Desktop\ZoneAlarm Security.lnk
[2010/01/02 11:52:45 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\m.lnk
[2010/01/02 11:03:38 | 00,001,670 | ---- | M] () -- C:\Users\c\Desktop\CCleaner.lnk
[2010/01/02 10:52:19 | 00,000,812 | ---- | M] () -- C:\Users\c\Desktop\SpywareBlaster.lnk
[2010/01/02 10:01:52 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2010/01/11 19:55:05 | 00,002,274 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp.lnk
[2010/01/10 02:19:58 | 00,773,890 | ---- | C] () -- C:\Windows\System32\oem8.inf
[2010/01/10 01:27:32 | 00,009,523 | ---- | C] () -- C:\Users\c\Desktop\DellDriverDownloadManager.application
[2010/01/09 16:54:49 | 00,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2010/01/09 16:39:59 | 00,000,766 | ---- | C] () -- C:\Windows\System\CRIcon.ico
[2010/01/09 16:34:25 | 00,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/01/09 16:34:25 | 00,039,888 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2010/01/09 16:34:24 | 00,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2010/01/09 16:34:24 | 00,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/01/09 16:34:23 | 00,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/01/09 16:29:43 | 42,160,824 | ---- | C] () -- C:\Users\c\Documents\Dell_System-Software_A04_R251002.exe
[2010/01/09 16:29:35 | 16,804,568 | ---- | C] () -- C:\Users\c\Documents\R249932.exe
[2010/01/09 16:29:34 | 01,162,471 | ---- | C] () -- C:\Users\c\Documents\1545A13.EXE
[2010/01/09 16:29:05 | 04,149,888 | ---- | C] () -- C:\Users\c\Documents\CW1358A2.exe
[2010/01/09 16:28:15 | 21,986,144 | ---- | C] () -- C:\Users\c\Documents\R215593.exe
[2010/01/09 16:28:14 | 10,153,608 | ---- | C] () -- C:\Users\c\Documents\R215450.exe
[2010/01/09 16:28:12 | 24,596,096 | ---- | C] () -- C:\Users\c\Documents\R197859.exe
[2010/01/09 16:28:12 | 02,284,048 | ---- | C] () -- C:\Users\c\Documents\R197840.exe
[2010/01/09 16:28:11 | 00,159,856 | ---- | C] () -- C:\Users\c\Documents\R182065.exe
[2010/01/09 15:17:22 | 00,014,610 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/01/09 15:15:57 | 31,817,60512 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/09 15:06:52 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2010/01/09 15:06:52 | 00,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2010/01/09 15:06:52 | 00,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2010/01/09 15:06:50 | 00,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2010/01/09 15:06:12 | 00,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/01/09 15:06:11 | 00,001,591 | ---- | C] () -- C:\Windows\System32\Uninst_EAPModules.bat
[2010/01/09 15:06:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2010/01/09 15:06:09 | 00,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010/01/09 15:06:07 | 00,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2010/01/09 15:04:04 | 00,005,430 | ---- | C] () -- C:\Windows\System\MyMulti.ico
[2010/01/09 15:04:03 | 06,815,264 | ---- | C] () -- C:\Windows\System\DriveIcon.dll
[2010/01/09 13:22:58 | 00,003,584 | ---- | C] () -- C:\Users\c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 10:45:14 | 00,001,055 | ---- | C] () -- C:\Users\c\Desktop\Spybot - Search & Destroy.lnk
[2010/01/08 02:45:20 | 00,000,036 | ---- | C] () -- C:\Users\c\AppData\Local\housecall.guid.cache
[2010/01/08 00:25:44 | 00,001,702 | ---- | C] () -- C:\Users\c\Desktop\Defraggler.lnk
[2010/01/05 22:33:56 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/01/05 18:43:47 | 00,000,935 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010/01/05 18:43:41 | 00,000,971 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010/01/05 18:43:26 | 00,001,390 | ---- | C] () -- C:\Users\c\Desktop\DivX Movies.lnk
[2010/01/04 05:40:14 | 00,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/01/04 05:40:12 | 00,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010/01/04 05:40:06 | 00,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/01/04 05:40:04 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/04 05:40:04 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/04 05:40:02 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/01/04 05:40:01 | 00,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/01/04 05:39:57 | 00,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010/01/04 05:39:42 | 00,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/01/04 05:39:41 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/01/04 05:39:07 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/01/04 05:39:03 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010/01/03 01:34:50 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/01/03 01:34:50 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/01/03 01:34:50 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/01/03 01:34:50 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/01/03 01:34:50 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/01/03 01:22:42 | 03,817,750 | R--- | C] () -- C:\Users\c\Desktop\ComboFix.exe
[2010/01/02 21:31:26 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/01/02 21:31:22 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/01/02 21:14:42 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/01/02 20:52:43 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/01/02 19:55:22 | 02,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/02 12:33:16 | 00,000,680 | ---- | C] () -- C:\Users\c\AppData\Local\d3d9caps.dat
[2010/01/02 12:33:15 | 05,242,880 | -HS- | C] () -- C:\Users\c\NTUSER.DAT
[2010/01/02 12:33:15 | 00,524,288 | -HS- | C] () -- C:\Users\c\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2010/01/02 12:33:15 | 00,524,288 | -HS- | C] () -- C:\Users\c\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/01/02 12:33:15 | 00,065,536 | -HS- | C] () -- C:\Users\c\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/01/02 12:33:15 | 00,000,020 | -HS- | C] () -- C:\Users\c\ntuser.ini
[2010/01/02 12:29:58 | 00,001,849 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2010/01/02 12:29:37 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2010/01/02 12:27:54 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/01/02 12:23:53 | 00,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/01/02 12:23:52 | 00,333,257 | RHS- | C] () -- C:\bootmgr
[2010/01/02 12:23:33 | 00,000,022 | RH-- | C] () -- C:\Windows\dell_version
[2010/01/02 12:17:47 | 00,000,871 | ---- | C] () -- C:\Users\c\Desktop\ZoneAlarm Security.lnk
[2010/01/02 12:17:34 | 00,422,437 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2010/01/02 11:52:45 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\m.lnk
[2010/01/02 11:03:38 | 00,001,670 | ---- | C] () -- C:\Users\c\Desktop\CCleaner.lnk
[2010/01/02 10:52:19 | 00,000,812 | ---- | C] () -- C:\Users\c\Desktop\SpywareBlaster.lnk
[2010/01/02 10:01:52 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >










OTL Extras logfile created on: 1/12/2010 1:39:30 AM - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\c\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 96.30 Gb Free Space | 71.68% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 14.56 Gb Free Space | 99.40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: H-C
Current User Name: c
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2933721720-2347061927-632480297-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3818D8FF-4054-45F0-A78B-F99030AFE491}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{54283A93-8044-45A0-A4A0-7CCD6EAE3BF8}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin N Wireless USB Adapter Setup
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"HDMI" = Intel® Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"SpywareBlaster_is1" = SpywareBlaster 4.2
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 1/8/2010 11:42:02 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:42:02 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:43:46 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:43:46 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:44:46 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:45:10 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:45:10 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:45:10 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:45:11 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

Error - 1/8/2010 11:45:45 AM | Computer Name = H-C | Source = avast! | ID = 33554522
Description = AAVM - scanning error: FATAL: NOT ENOUGH DATA GOT FROM ASYNC IO CONTROL!!!!!!,
00001900.

[ Application Events ]
Error - 1/10/2010 12:38:31 AM | Computer Name = H-C | Source = PerfNet | ID = 2005
Description =

Error - 1/10/2010 1:20:46 AM | Computer Name = H-C | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2010 1:25:54 AM | Computer Name = H-C | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: cbc Start Time: 01ca91b4b3fe5a37 Termination Time: 0

Error - 1/10/2010 3:19:31 AM | Computer Name = H-C | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2010 9:16:51 AM | Computer Name = H-C | Source = Application Hang | ID = 1002
Description = The program taskmgr.exe version 6.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 120c Start Time: 01ca91f693f67acd Termination Time: 16

Error - 1/11/2010 8:22:27 AM | Computer Name = H-C | Source = WinMgmt | ID = 10
Description =

Error - 1/11/2010 2:47:59 PM | Computer Name = H-C | Source = Software Licensing Service | ID = 1001
Description = The Software Licensing service failed to start. hr=0x80070002, [2,
4]

Error - 1/11/2010 2:48:57 PM | Computer Name = H-C | Source = WinMgmt | ID = 10
Description =

Error - 1/11/2010 4:29:42 PM | Computer Name = H-C | Source = WinMgmt | ID = 10
Description =

Error - 1/12/2010 2:29:01 AM | Computer Name = H-C | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 798 Start Time: 01ca92fcb926a38c Termination Time: 0

[ Broadcom Wireless LAN Events ]
Error - 1/9/2010 5:50:35 PM | Computer Name = H-C | Source = WLAN-Tray | ID = 0
Description = 16:50:35, Sat, Jan 09, 10 Error - Error in WNetOpenEnum trying to disconnect
drives

Error - 1/9/2010 6:36:28 PM | Computer Name = H-C | Source = WLAN-Tray | ID = 0
Description = 17:36:28, Sat, Jan 09, 10 Error - Error in WNetOpenEnum trying to disconnect
drives

Error - 1/10/2010 1:11:34 AM | Computer Name = H-C | Source = WLAN-Tray | ID = 0
Description = 00:11:34, Sun, Jan 10, 10 Error - Error in WNetOpenEnum trying to disconnect
drives

[ System Events ]
Error - 1/11/2010 2:49:05 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7000
Description =

Error - 1/11/2010 2:49:05 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7000
Description =

Error - 1/11/2010 2:49:05 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7026
Description =

Error - 1/11/2010 4:28:29 PM | Computer Name = H-C | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2
Description =

Error - 1/11/2010 4:29:34 PM | Computer Name = H-C | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 1/11/2010 4:29:43 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7000
Description =

Error - 1/11/2010 4:29:43 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7000
Description =

Error - 1/11/2010 4:29:43 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7000
Description =

Error - 1/11/2010 4:29:44 PM | Computer Name = H-C | Source = Service Control Manager | ID = 7000
Description =

Error - 1/11/2010 4:47:48 PM | Computer Name = H-C | Source = BROWSER | ID = 8032
Description =


< End of report >

#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:19 PM

Posted 12 January 2010 - 08:18 AM

Hi,

there are no obvious signs of infection in your OTL log, please run a scan for rootkits instead:

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#6 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 02:10 PM

here is the log sir.


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-12 13:47:53
Windows 6.0.6002 Service Pack 2
Running: 8whqw7zi.exe; Driver: C:\Users\c\AppData\Local\Temp\pxldipow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwAlpcConnectPort [0x8E3770A2]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwAlpcCreatePort [0x8E377972]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwConnectPort [0x8E376AF8]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateFile [0x8E3700D8]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateKey [0x8E38EAA6]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreatePort [0x8E377602]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0x8E377760]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteFile [0x8E370F9A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteKey [0x8E3904BC]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteValueKey [0x8E38FDB2]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey [0x8E390E86]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0x8E3910C4]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKeyEx [0x8E391576]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenFile [0x8E370A8C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRenameKey [0x8E39230C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwReplaceKey [0x8E391840]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0x8E376690]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRestoreKey [0x8E391F4C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0x8E3713A4]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0x8E392894]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetValueKey [0x8E38F4D6]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 13D 81CC1880 8 Bytes [A2, 70, 37, 8E, 72, 79, 37, ...]
.text ntkrnlpa.exe!KeSetEvent + 1C1 81CC1904 4 Bytes [F8, 6A, 37, 8E]
.text ntkrnlpa.exe!KeSetEvent + 1D9 81CC191C 4 Bytes [D8, 00, 37, 8E]
.text ntkrnlpa.exe!KeSetEvent + 1E9 81CC192C 4 Bytes JMP 38EAA681
.text ntkrnlpa.exe!KeSetEvent + 205 81CC1948 4 Bytes [02, 76, 37, 8E]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[288] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[288] USER32.dll!IsWindowUnicode + 37 75AC90B5 5 Bytes JMP 20C291E8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] kernel32.dll!SetUnhandledExceptionFilter 772FA84F 5 Bytes JMP 209A37DD C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[456] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[492] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[568] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[580] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[588] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[656] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[756] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[828] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[868] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[976] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1008] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1240] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1328] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1456] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\WLTRYSVC.EXE[1988] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] KERNEL32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\bcmwltry.exe[2020] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\IDT\WDM\sttray.exe[2132] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\igfxpers.exe[2140] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\hkcmd.exe[2164] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\unsecapp.exe[2192] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2264] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\igfxsrvc.exe[2564] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3072] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[3096] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[3164] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\WmiApSrv.exe[3192] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[3288] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Users\c\Desktop\8whqw7zi.exe[3340] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\RUNDLL32.EXE[3452] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\wbem\wmiprvse.exe[3688] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\Explorer.EXE[4548] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\System32\snmptrap.exe[5484] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] ntdll.dll!NtAccessCheckByType 77444044 5 Bytes JMP 20C28709 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] ntdll.dll!NtAlpcImpersonateClientOfPort 77444214 5 Bytes JMP 20C28D51 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] ntdll.dll!NtImpersonateClientOfPort 774449E4 5 Bytes JMP 20C28CD0 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] ntdll.dll!NtSetInformationProcess 77445324 5 Bytes JMP 20C28923 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] kernel32.dll!OpenProcess 77317267 5 Bytes JMP 20C283E4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] ADVAPI32.dll!ImpersonateNamedPipeClient 763B3A48 5 Bytes JMP 20C28DD5 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] ADVAPI32.dll!SetThreadToken 763C8E21 5 Bytes JMP 20C28FAE C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] USER32.dll!FindWindowA 75AC9D76 5 Bytes JMP 20C28207 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Windows\system32\IoctlSvc.exe[5620] USER32.dll!FindWindowW 75ADA441 5 Bytes JMP 20C281D2 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[364] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[456] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\wininit.exe[492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\services.exe[568] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00130002
IAT C:\Windows\system32\services.exe[568] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00130000
IAT C:\Windows\system32\services.exe[568] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\lsass.exe[580] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\lsm.exe[588] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[656] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\svchost.exe[868] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\svchost.exe[976] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1008] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe[1040] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1240] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1328] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1456] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[1756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\WLTRYSVC.EXE[1988] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\bcmwltry.exe[2020] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Program Files\Alwil Software\Avast4\ashDisp.exe[2120] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Program Files\IDT\WDM\sttray.exe[2132] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\igfxpers.exe[2140] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\hkcmd.exe[2164] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\wbem\unsecapp.exe[2192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\taskeng.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\igfxsrvc.exe[2564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe[2852] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[3072] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[3096] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\svchost.exe[3164] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\wbem\WmiApSrv.exe[3192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\SearchIndexer.exe[3288] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Users\c\Desktop\8whqw7zi.exe[3340] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\RUNDLL32.EXE[3452] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\wbem\wmiprvse.exe[3688] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\Explorer.EXE[4548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\System32\snmptrap.exe[5484] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
IAT C:\Windows\system32\IoctlSvc.exe[5620] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C282D4] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:19 PM

Posted 12 January 2010 - 02:18 PM

Hi,

please run a scan with Combofix:
Please download ComboFix from one of these locations:

Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Temporarily disable isable your AntiVirus and AntiSpyware applications. They may otherwise interfere with our tools
    Usually this can be done via a right click on the System Tray icon, check this tutorial for disabling the most common security programs: Link

  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

And a scan with Malwarebytes:
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.

What kind of keyboard and mouse do you have? Are they wireless? What makes you believe you have a keylogger, where any of your passwords compromised?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 02:25 PM

ok will do now. brb in 20m

#9 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 02:59 PM

Hi.
this is the first part of the log,

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3034.2131 [GMT -5:00]
Running from: c:\users\c\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\oem8.inf

.
((((((((((((((((((((((((( Files Created from 2009-12-12 to 2010-01-12 )))))))))))))))))))))))))))))))
.

2010-01-12 19:38 . 2010-01-12 19:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-12 19:38 . 2010-01-12 19:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-12 01:56 . 2010-01-12 01:56 -------- d-----w- c:\users\c\AppData\Local\Nero_AG
2010-01-12 00:56 . 2010-01-12 00:58 -------- d-----w- c:\users\c\AppData\Roaming\Nero
2010-01-12 00:54 . 2010-01-12 00:54 -------- d-----w- c:\programdata\Nero
2010-01-12 00:54 . 2010-01-12 00:54 -------- d-----w- c:\program files\Nero
2010-01-12 00:54 . 2010-01-12 00:54 -------- d-----w- c:\program files\Common Files\Nero
2010-01-12 00:53 . 2010-01-12 00:53 -------- d-----w- c:\program files\Microsoft.NET
2010-01-12 00:30 . 2010-01-12 00:30 -------- d-----w- c:\users\c\AppData\Local\PowerDVD DX
2010-01-12 00:30 . 2010-01-12 00:30 -------- d-----w- c:\program files\CyberLink
2010-01-09 21:35 . 2009-10-10 05:45 380928 ----a-w- c:\windows\system32\aestecap.dll
2010-01-09 21:35 . 2009-07-21 00:34 139264 ----a-w- c:\windows\system32\aestacap.dll
2010-01-09 21:35 . 2009-05-13 08:25 511488 ----a-w- c:\windows\system32\ctapo32.dll
2010-01-09 21:35 . 2009-03-03 06:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2010-01-09 21:35 . 2009-11-07 04:50 536576 ----a-w- c:\windows\system32\idtmini1.exe
2010-01-09 21:35 . 2009-11-07 04:50 3313664 ----a-w- c:\windows\system32\stlang.dll
2010-01-09 21:35 . 2009-05-13 08:26 47104 ----a-w- c:\windows\system32\ctppld.dll
2010-01-09 21:35 . 2009-03-03 06:47 86016 ----a-w- c:\windows\system32\AESTCom.dll
2010-01-09 21:27 . 2010-01-10 06:40 -------- d-----w- c:\users\c\AppData\Local\Deployment
2010-01-09 21:27 . 2010-01-09 21:27 -------- d-----w- c:\users\c\AppData\Local\Apps
2010-01-09 20:13 . 2010-01-09 21:54 -------- d-----w- c:\windows\system32\Lang
2010-01-09 20:13 . 2009-03-27 14:06 993816 ----a-w- c:\windows\system32\igxpun.exe
2010-01-09 20:13 . 2009-01-16 13:13 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-01-09 20:09 . 2010-01-09 20:09 -------- d-----w- c:\program files\Cisco
2010-01-09 20:04 . 2009-02-23 21:20 62976 ----a-w- c:\windows\system32\drivers\RTSTOR.sys
2010-01-09 20:04 . 2009-02-04 03:39 6815264 ----a-w- c:\windows\system\DriveIcon.dll
2010-01-09 20:03 . 2010-01-09 20:03 -------- d-----w- C:\Intel
2010-01-09 19:48 . 2010-01-09 19:48 -------- d-----w- c:\program files\Marvell
2010-01-09 19:47 . 2010-01-12 00:29 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-09 19:47 . 2010-01-09 19:47 -------- d-----w- c:\users\c\AppData\Roaming\TMP
2010-01-09 19:45 . 2010-01-11 23:58 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-09 19:40 . 2010-01-12 10:30 -------- d-----w- c:\program files\Java
2010-01-09 19:32 . 2010-01-09 19:32 -------- d-----w- C:\dell
2010-01-09 19:24 . 2010-01-09 19:24 45056 ----a-r- c:\users\c\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2010-01-09 19:24 . 2010-01-09 19:24 10134 ----a-r- c:\users\c\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe
2010-01-09 19:24 . 2010-01-09 22:27 -------- d-----w- c:\program files\Dell
2010-01-09 19:24 . 2010-01-09 19:24 -------- d-----w- c:\windows\system32\vmm32
2010-01-08 15:45 . 2010-01-12 13:27 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-08 15:45 . 2010-01-12 13:24 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-08 07:58 . 2010-01-08 07:58 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-08 05:25 . 2010-01-08 05:25 -------- d-----w- c:\program files\Defraggler
2010-01-06 03:34 . 2010-01-06 03:34 -------- d-----w- c:\program files\Windows Portable Devices
2010-01-06 03:31 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-01-06 03:31 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-01-06 03:31 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-01-06 03:31 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-01-06 03:31 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-01-06 03:31 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-01-06 03:31 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-01-06 03:31 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-01-06 03:31 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-01-06 03:31 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-01-06 03:31 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-01-06 03:31 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-01-06 03:30 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-01-06 03:30 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-01-06 03:30 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-01-06 03:16 . 2010-01-09 18:23 -------- d-----w- c:\users\c\AppData\Roaming\DivX
2010-01-05 23:43 . 2010-01-05 23:43 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-01-05 23:43 . 2010-01-05 23:43 -------- d-----w- c:\program files\DivX
2010-01-05 23:43 . 2010-01-05 23:43 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-05 23:00 . 2010-01-05 23:00 -------- d-----w- c:\windows\system32\Macromed
2010-01-04 21:04 . 2010-01-04 21:05 -------- d-----w- c:\windows\system32\ca-ES
2010-01-04 21:04 . 2010-01-04 21:05 -------- d-----w- c:\windows\system32\eu-ES
2010-01-04 21:04 . 2010-01-04 21:05 -------- d-----w- c:\windows\system32\vi-VN
2010-01-04 19:51 . 2010-01-04 19:51 -------- d-----w- c:\windows\system32\EventProviders
2010-01-04 10:39 . 2009-04-11 06:28 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2010-01-04 10:38 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-01-04 10:38 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-01-04 10:38 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-01-04 10:38 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-01-04 10:38 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-01-04 10:38 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-01-04 10:38 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-01-04 10:38 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-01-04 10:38 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-01-04 10:38 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-01-04 10:38 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-01-04 10:16 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-01-04 10:16 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-01-04 10:16 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-04 10:16 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-01-03 02:43 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-03 02:31 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-01-03 01:59 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-01-03 01:25 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-01-03 01:25 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-01-03 01:25 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-01-03 01:25 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2010-01-03 01:25 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-01-03 01:25 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2010-01-03 01:25 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2010-01-03 01:10 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-01-03 01:10 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-01-03 00:55 . 2009-11-03 01:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2010-01-03 00:55 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-01-03 00:55 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-01-03 00:55 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-01-03 00:55 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-01-03 00:55 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-01-03 00:55 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-01-03 00:52 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-01-03 00:52 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-03 00:52 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2010-01-03 00:52 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-03 00:52 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-01-03 00:52 . 2009-04-11 06:28 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-01-03 00:44 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2010-01-03 00:39 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-01-03 00:32 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll
2010-01-03 00:32 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-01-03 00:32 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-01-03 00:12 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-01-03 00:11 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2010-01-03 00:11 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\mfps.dll
2010-01-03 00:11 . 2009-04-11 06:27 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-01-03 00:11 . 2009-04-11 06:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-01-03 00:11 . 2009-04-11 04:54 2048 ----a-w- c:\windows\system32\mferror.dll
2010-01-03 00:08 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2010-01-03 00:02 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-01-03 00:02 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-01-03 00:02 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-01-03 00:02 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-01-02 23:55 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2010-01-02 23:55 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-12 18:54 . 2010-01-03 03:12 9881885 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-12 00:30 . 2010-01-09 21:41 -------- d-----w- c:\programdata\Dell
2010-01-09 21:54 . 2010-01-09 21:46 -------- d-----w- c:\program files\Intel
2010-01-09 21:51 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-09 21:35 . 2010-01-09 21:34 -------- d-----w- c:\program files\IDT
2010-01-09 20:10 . 2010-01-02 17:33 680 ----a-w- c:\users\c\AppData\Local\d3d9caps.dat
2010-01-06 03:33 . 2010-01-06 03:33 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-04 21:05 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-01-04 21:05 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-04 21:05 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2010-01-04 21:05 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2010-01-04 21:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-04 21:05 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2010-01-03 02:14 . 2010-01-03 02:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-02 17:33 . 2010-01-02 17:33 48600 ----a-w- c:\users\c\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-02 17:29 . 2010-01-02 17:29 -------- d-----w- c:\program files\Alwil Software
2010-01-02 17:27 . 2010-01-02 17:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-01-02 17:18 . 2010-01-02 17:17 422437 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2009-11-21 06:40 . 2010-01-03 01:52 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2010-01-03 01:52 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2010-01-03 01:52 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2010-01-03 01:52 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-14 00:47 . 2009-11-14 00:47 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
2009-11-07 04:50 . 2010-01-09 21:34 918016 ----a-w- c:\windows\system32\stapo.dll
2009-11-07 04:50 . 2010-01-09 21:34 420864 ----a-w- c:\windows\system32\drivers\stwrt.sys
2009-11-07 04:50 . 2010-01-09 21:34 405504 ----a-w- c:\windows\system32\stcplx.dll
2009-11-07 04:50 . 2010-01-09 21:34 503808 ------w- c:\windows\system32\stapi32.dll
2009-11-07 04:50 . 2010-01-09 21:34 175616 ----a-w- c:\windows\system32\st326255.dll
2009-10-28 19:37 . 2009-10-28 19:37 528896 ----a-w- c:\windows\system32\drivers\RTL8192su.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-01-03_06.39.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-04 10:40 . 2009-04-11 06:28 52224 c:\windows\winsxs\x86_wudfusbcciddriver.inf_31bf3856ad364e35_6.0.6002.18005_none_646528b4fed68d6e\WUDFUsbccidDriver.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 94208 c:\windows\winsxs\x86_wpf-windowsformsintegration_31bf3856ad364e35_6.0.6002.18005_none_fc07886f78f1dcd7\WindowsFormsIntegration.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 41344 c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6002.18005_none_2c768fb876f0e8b7\PresentationHostProxy.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 68960 c:\windows\winsxs\x86_wpf-penimc_31bf3856ad364e35_6.0.6002.18005_none_ad9c8bf401cf9f35\PenIMC.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 40448 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdusb.sys
+ 2010-01-06 03:31 . 2009-10-01 01:01 61952 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdmtpus.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 68608 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdmtpip.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 78336 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdmtpbt.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 33280 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdconns.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 87552 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\SearchFilterHost.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 71680 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\propdefs.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 87040 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\mssitlb.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 35328 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\msscb.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 99680 c:\windows\winsxs\x86_wcf-infocard_api_dll_31bf3856ad364e35_6.0.6002.18005_none_a5d273d4acc201ce\infocardapi.dll
+ 2010-01-04 10:39 . 2009-04-11 04:42 65536 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
+ 2010-01-09 21:43 . 2009-04-30 10:01 23552 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\usbuhci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 19968 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\usbohci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 39936 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\usbehci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 15872 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\hcrstco.dll
+ 2010-01-09 21:43 . 2009-04-30 10:19 23552 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\usbuhci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:19 19968 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\usbohci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:19 39936 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\usbehci.sys
+ 2010-01-09 21:43 . 2009-04-30 12:17 15872 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\hcrstco.dll
+ 2010-01-09 21:43 . 2009-04-30 10:19 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6001.22423_none_cb6f6a79279d6e95\usbccgp.sys
+ 2010-01-04 10:39 . 2009-04-11 06:32 82408 c:\windows\winsxs\x86_sbp2.inf_31bf3856ad364e35_6.0.6002.18005_none_47241df8f34504ba\sbp2port.sys
+ 2010-01-04 10:39 . 2009-03-30 04:42 85320 c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_29b27e22fffa4776\PerfCounter.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 97592 c:\windows\winsxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.0.6002.18005_none_779867b84af56065\ngen.exe
+ 2010-01-04 10:39 . 2009-03-30 04:42 66368 c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6002.18005_none_1fd1ab49e8ca6ebb\mscorsvw.exe
+ 2010-01-04 10:39 . 2009-03-30 04:42 74048 c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_118cda1df5183636\mscorsec.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 93504 c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6002.18005_none_a96e1e1ec6870b85\mscormmc.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 90960 c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_c2ba992d4a006fcd\mscorld.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 80208 c:\windows\winsxs\x86_netfx-mscordbc_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_6ccb593bc60a1852\mscordbc.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 59720 c:\windows\winsxs\x86_netfx-dfdll_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_882bc28c54dfc639\dfdll.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 86360 c:\windows\winsxs\x86_netfx-corperfmonext_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_b2c317a7c345a801\CORPerfMonExt.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 95544 c:\windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_38d775cdebe1fba0\alink.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 54272 c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39\vcomp90.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 62976 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90RUS.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 46080 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90KOR.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 46592 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90JPN.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 64512 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ITA.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 66048 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90FRA.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESP.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESN.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 56832 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ENU.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 66560 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90DEU.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 39936 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHT.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 38912 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHS.DLL
+ 2010-01-09 20:08 . 2010-01-09 20:08 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90u.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2\vcomp.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_3b0e32bdc9afe437\vcomp.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80KOR.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80JPN.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ITA.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80FRA.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ESP.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80DEU.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80CHT.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80CHS.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80KOR.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80JPN.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ITA.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80FRA.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ESP.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ENU.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80DEU.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80CHT.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80CHS.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 57856 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfcm80u.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfcm80.dll
+ 2010-01-12 00:52 . 2010-01-12 00:52 57856 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfcm80u.dll
+ 2010-01-12 00:52 . 2010-01-12 00:52 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfcm80.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 96256 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
+ 2010-01-12 00:52 . 2010-01-12 00:52 97280 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
+ 2010-01-06 03:31 . 2009-10-01 01:02 87552 c:\windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.0.6002.18112_none_130696d2c3f64ac4\WPDShServiceObj.dll
+ 2010-01-06 03:31 . 2009-10-01 01:02 30208 c:\windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.0.6002.18112_none_130696d2c3f64ac4\WPDShextAutoplay.exe
+ 2010-01-06 03:31 . 2009-10-01 01:01 60928 c:\windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18112_none_4cde706de936888c\PortableDeviceConnectApi.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 81920 c:\windows\winsxs\x86_microsoft-windows-wpd-busenumservice_31bf3856ad364e35_6.0.6002.18112_none_79dbda7dc92efc79\wpdbusenum.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 61440 c:\windows\winsxs\x86_microsoft-windows-webdavredir-davclient_31bf3856ad364e35_6.0.6002.18005_none_95b8e24b4f6105d0\davclnt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 57856 c:\windows\winsxs\x86_microsoft-windows-v..ck-uninstallremoval_31bf3856ad364e35_6.0.6002.18005_none_825070d3d8da2dcc\compcln.exe
+ 2010-01-06 03:32 . 2009-09-10 02:00 92672 c:\windows\winsxs\x86_microsoft-windows-uianimation_31bf3856ad364e35_7.0.6002.18108_none_7edc01bff7a1cb45\UIAnimation.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 71168 c:\windows\winsxs\x86_microsoft-windows-telnet-server-tlntsvr_31bf3856ad364e35_6.0.6002.18005_none_c0b01f5fedf47482\tlntsvr.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 70656 c:\windows\winsxs\x86_microsoft-windows-telnet-client_31bf3856ad364e35_6.0.6002.18005_none_ba1d0a71222c35d2\telnet.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 84992 c:\windows\winsxs\x86_microsoft-windows-t..cesframework-msctfp_31bf3856ad364e35_6.0.6002.18005_none_ccc8d878ec130fe3\msctfp.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 26112 c:\windows\winsxs\x86_microsoft-windows-syshiper_31bf3856ad364e35_6.0.6002.18005_none_77fb27ec5025e18b\syshiper.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 67584 c:\windows\winsxs\x86_microsoft-windows-security-licensing-wmi_31bf3856ad364e35_6.0.6002.18005_none_50382e6ff6c7e8f5\slwmi.dll
+ 2010-01-06 03:32 . 2009-09-24 22:54 26112 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.22164_none_2de0cf8ef1d7d6cc\printfilterpipelineprxy.dll
+ 2010-01-06 03:32 . 2009-09-24 22:54 26112 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18060_none_2d53319bd8bdd1a6\printfilterpipelineprxy.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 61440 c:\windows\winsxs\x86_microsoft-windows-m..mponents-jetintlerr_31bf3856ad364e35_6.0.6002.18005_none_115c4d1dbd8c05af\msjter40.dll
+ 2010-01-06 03:32 . 2009-09-25 01:27 37888 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_7.0.6002.18107_none_9f26906a6b93696c\cdd.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 88064 c:\windows\winsxs\x86_microsoft-windows-fdbth_31bf3856ad364e35_6.1.6002.18005_none_1d6c7085cffdc449\fdBth.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 37376 c:\windows\winsxs\x86_microsoft-windows-es-configurepassword_31bf3856ad364e35_6.0.6002.18005_none_e9e5c7caedfa0e18\EhStorPwdMgr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 65536 c:\windows\winsxs\x86_microsoft-windows-devicepairingapp_31bf3856ad364e35_6.1.6002.18005_none_39b8a7fe9df9ac9e\DevicePairingWizard.exe
+ 2010-01-06 03:31 . 2009-10-01 01:02 31232 c:\windows\winsxs\x86_microsoft-windows-d..thmtpcontexthandler_31bf3856ad364e35_7.0.6002.18112_none_302fc434dcfbe04c\BthMtpContextHandler.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 44544 c:\windows\winsxs\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6002.18005_none_ef1cb7f16f3c7508\IMJPUEX.EXE
+ 2010-01-04 10:39 . 2009-04-11 06:28 37888 c:\windows\winsxs\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6002.18005_none_ef1cb7f16f3c7508\IMJPDCTP.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 41984 c:\windows\winsxs\x86_microsoft-windows-content-filter-mime_31bf3856ad364e35_7.0.6002.18005_none_128b99fd3c7c81a4\mimefilt.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 56320 c:\windows\winsxs\x86_microsoft-windows-content-filter-html_31bf3856ad364e35_7.0.6002.18005_none_15e75f093a4b2c5d\xmlfilter.dll
+ 2010-01-04 10:40 . 2009-04-11 06:32 69096 c:\windows\winsxs\x86_hpcisss.inf_31bf3856ad364e35_6.0.6002.18005_none_7b6943886defef38\HpCISSs.sys
+ 2010-01-04 10:39 . 2009-04-11 06:28 54784 c:\windows\winsxs\x86_devicepairingproxy_31bf3856ad364e35_6.1.6002.18005_none_fa885864b1bfe82e\DevicePairingProxy.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 50688 c:\windows\winsxs\x86_bthmtpenum.inf_31bf3856ad364e35_6.0.6002.18112_none_01d56cf0911e704e\bthmtpenum.sys
+ 2010-01-09 21:45 . 2009-06-17 10:59 30208 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22153_none_7481c9e2d1fafbb2\BTHUSB.SYS
+ 2010-01-09 21:45 . 2009-06-17 10:59 22528 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22153_none_7481c9e2d1fafbb2\bthenum.sys
+ 2010-01-09 21:45 . 2009-06-17 13:23 30208 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.18052_none_73f72ccdb8de4291\BTHUSB.SYS
+ 2010-01-04 10:39 . 2009-02-18 18:39 94208 c:\windows\winsxs\msil_windowsformsintegration_31bf3856ad364e35_6.0.6002.18005_none_2aca67b8cb7eb3f2\WindowsFormsIntegration.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 26112 c:\windows\System32\WLTRYSVC.EXE
+ 2010-01-09 20:06 . 2008-11-17 12:29 51712 c:\windows\System32\wltrynt.dll
+ 2010-01-10 21:31 . 2010-01-12 15:55 84904 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-01-06 03:32 . 2009-09-10 02:00 92672 c:\windows\System32\UIAnimation.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 67584 c:\windows\System32\slwmi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 87552 c:\windows\System32\SearchFilterHost.exe
- 2010-01-03 02:31 . 2008-05-27 05:17 87552 c:\windows\System32\SearchFilterHost.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 71680 c:\windows\System32\propdefs.dll
- 2010-01-03 02:31 . 2008-05-27 05:18 71680 c:\windows\System32\propdefs.dll
- 2010-01-03 00:42 . 2009-03-03 04:39 26112 c:\windows\System32\printfilterpipelineprxy.dll
+ 2010-01-06 03:32 . 2009-09-24 22:54 26112 c:\windows\System32\printfilterpipelineprxy.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 41344 c:\windows\System32\PresentationHostProxy.dll
+ 2010-01-09 21:34 . 2009-01-16 14:16 59392 c:\windows\System32\oemdspif.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 87040 c:\windows\System32\mssitlb.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 35328 c:\windows\System32\msscb.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 61440 c:\windows\System32\msjter40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 84992 c:\windows\System32\msctfp.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 41984 c:\windows\System32\mimefilt.dll
+ 2010-01-05 23:00 . 2010-01-05 23:00 85173 c:\windows\System32\Macromed\Flash\uninstall_plugin.exe
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\TRK\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\THA\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\SVE\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\SLV\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\SKY\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\RUS\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\PTG\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\PTB\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\PLK\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\NOR\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\NLD\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 53248 c:\windows\System32\Lang\TvWizard\KOR\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 53248 c:\windows\System32\Lang\TvWizard\JPN\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\ITA\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\HUN\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\HEB\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\FRA\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\FIN\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\ESP\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\ELL\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 61440 c:\windows\System32\Lang\TvWizard\DEU\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\DAN\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\CSY\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 53248 c:\windows\System32\Lang\TvWizard\CHT\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 53248 c:\windows\System32\Lang\TvWizard\CHS\resource.dll
+ 2010-01-09 21:54 . 2009-01-16 13:18 57344 c:\windows\System32\Lang\TvWizard\ARA\resource.dll
+ 2010-01-09 20:13 . 2009-03-27 14:06 65536 c:\windows\System32\Lang\HDMI\ENU\HDMIENU.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 99680 c:\windows\System32\infocardapi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 44544 c:\windows\System32\IME\IMEJP10\IMJPUEX.EXE
+ 2010-01-04 10:39 . 2009-04-11 06:28 37888 c:\windows\System32\IME\IMEJP10\IMJPDCTP.DLL
+ 2010-01-09 20:06 . 2009-01-16 14:15 51712 c:\windows\System32\igfxsrvc.dll
+ 2010-01-09 21:34 . 2009-01-16 14:15 23552 c:\windows\System32\igfxexps.dll
+ 2010-01-09 21:34 . 2009-01-16 14:52 97448 c:\windows\System32\igfcg500m.bin
+ 2010-01-09 20:06 . 2009-01-16 14:15 94208 c:\windows\System32\hccutils.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 88064 c:\windows\System32\fdBth.dll
+ 2010-01-04 19:51 . 2010-01-04 19:51 13312 c:\windows\System32\EventProviders\spcmsg.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 37376 c:\windows\System32\EhStorPwdMgr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 52224 c:\windows\System32\DriverStore\FileRepository\wudfusbcciddriver.inf_d7a408ce\WUDFUsbccidDriver.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 40448 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdUsb.sys
+ 2010-01-06 03:31 . 2009-10-01 01:01 61952 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdMtpUS.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 68608 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdMtpIP.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 78336 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdMtpbt.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 33280 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdConns.dll
+ 2010-01-04 10:39 . 2009-04-11 04:42 65536 c:\windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
+ 2010-01-09 21:43 . 2009-04-30 10:01 23552 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\usbuhci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 19968 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\usbohci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 39936 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\usbehci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 15872 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\hcrstco.dll
+ 2010-01-09 21:43 . 2009-04-30 10:19 23552 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\usbuhci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:19 19968 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\usbohci.sys
+ 2010-01-09 21:43 . 2009-04-30 10:19 39936 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\usbehci.sys
+ 2010-01-09 21:43 . 2009-04-30 12:17 15872 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\hcrstco.dll
+ 2010-01-09 21:43 . 2009-04-30 10:19 73216 c:\windows\System32\DriverStore\FileRepository\usb.inf_60b37809\usbccgp.sys
+ 2010-01-09 21:34 . 2009-11-07 04:50 29184 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\suhlp.exe
+ 2010-01-09 21:34 . 2009-11-07 04:50 82944 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\idtpima.exe
+ 2010-01-09 21:34 . 2009-05-13 08:26 47104 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\ctppld.dll
+ 2010-01-09 21:34 . 2009-03-03 07:43 81920 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstSrv.exe
+ 2010-01-09 21:34 . 2009-03-03 06:47 86016 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AESTCom.dll
+ 2010-01-09 21:34 . 2009-03-03 06:57 61440 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstAren.dll
+ 2010-01-04 10:39 . 2009-04-11 06:32 82408 c:\windows\System32\DriverStore\FileRepository\sbp2.inf_dd2a3429\sbp2port.sys
+ 2010-01-09 21:39 . 2009-02-23 21:20 62976 c:\windows\System32\DriverStore\FileRepository\rtusbstor.inf_11fdc645\RTSTOR.sys
+ 2010-01-09 21:34 . 2009-01-16 14:16 59392 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\oemdspif.dll
+ 2010-01-09 21:34 . 2009-01-16 14:15 51712 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxsrvc.dll
+ 2010-01-09 21:34 . 2009-01-16 14:15 23552 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxexps.dll
+ 2010-01-09 21:34 . 2009-01-16 14:52 97448 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfcg500m.bin
+ 2010-01-09 21:34 . 2009-01-16 14:15 94208 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\hccutils.dll
+ 2010-01-09 20:06 . 2008-10-07 12:41 69632 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\oemdspif.dll
+ 2010-01-09 20:06 . 2008-10-07 12:40 52224 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxsrvc.dll
+ 2010-01-09 20:06 . 2008-10-07 12:41 24576 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxexps.dll
+ 2010-01-04 10:40 . 2009-04-11 06:32 69096 c:\windows\System32\DriverStore\FileRepository\hpcisss.inf_3d49a363\HpCISSs.sys
+ 2010-01-06 03:31 . 2009-10-01 01:01 50688 c:\windows\System32\DriverStore\FileRepository\bthmtpenum.inf_201caa7f\BthMtpEnum.sys
+ 2010-01-09 21:45 . 2009-06-17 13:23 30208 c:\windows\System32\DriverStore\FileRepository\bth.inf_b1fd87b1\BTHUSB.SYS
+ 2010-01-09 20:06 . 2008-11-17 12:29 87280 c:\windows\System32\DriverStore\FileRepository\bcmwl6.inf_8f8d8063\bcmwlcoi.dll
+ 2010-01-09 21:43 . 2009-04-30 10:01 23552 c:\windows\System32\drivers\usbuhci.sys
- 2008-01-21 02:32 . 2008-01-21 02:32 23552 c:\windows\System32\drivers\usbuhci.sys
+ 2010-01-04 10:39 . 2009-04-11 04:42 65536 c:\windows\System32\drivers\USBSTOR.SYS
+ 2010-01-09 21:43 . 2009-04-30 10:01 39936 c:\windows\System32\drivers\usbehci.sys
+ 2010-01-09 20:06 . 2008-11-17 12:29 18424 c:\windows\System32\drivers\bcm42rly.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 65536 c:\windows\System32\DevicePairingWizard.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 54784 c:\windows\System32\DevicePairingProxy.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 61440 c:\windows\System32\davclnt.dll
+ 2010-01-09 21:46 . 2008-02-22 18:06 53248 c:\windows\System32\CSVer.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 57856 c:\windows\System32\compcln.exe
+ 2010-01-06 03:32 . 2009-09-25 01:27 37888 c:\windows\System32\cdd.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 54784 c:\windows\System32\bcmwlrmt.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 87280 c:\windows\System32\bcmwlcoi.dll
+ 2010-01-12 00:30 . 2008-05-23 19:06 89088 c:\windows\System32\atl71.dll
+ 2010-01-12 00:42 . 2010-01-12 00:42 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-12 00:42 . 2010-01-12 00:42 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-12 00:42 . 2010-01-12 00:42 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-04 10:40 . 2009-02-18 18:39 68960 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 85320 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 97592 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2010-01-04 10:39 . 2009-03-30 04:42 66368 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2010-01-04 10:39 . 2009-03-30 04:42 74048 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 90960 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 80208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 59720 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 77112 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2010-01-04 10:39 . 2009-03-30 04:42 86360 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 95544 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 93504 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2010-01-04 21:11 . 2010-01-04 21:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\e9421ef836aa4ff7b3ee8b447c4e6bf8\UIAutomationProvider.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\aa83a8003e94bba0bcca50d71abef0d3\System.Windows.Presentation.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\539d1cb402d753bc0bd7a15eb88c460e\System.Web.DynamicData.Design.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\c88a31f5fdc889dd861f0b331eb09211\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7024209a25fd769d41cf64aca922d2dd\System.AddIn.Contract.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\532c2b963925149aec2a7c6279fe0168\PresentationFontCache.ni.exe
+ 2010-01-04 21:11 . 2010-01-04 21:11 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\4c9923cefc3ac18a2219d93babeb7a1e\PresentationCFFRasterizer.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\f2357073ee21b77797e72c8e448b3a0b\napcrypt.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\036c8b7507da5eb7b63c18121932e821\Microsoft.Vsa.ni.dll
+ 2010-01-04 21:11 . 2010-01-04 21:11 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1f8716cb1e90566b6748073d98494b54\Microsoft.VisualC.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5eaa92b900f6a65fc0ece4dc335e186\Microsoft.Build.Framework.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e72542171b942257c2415e221890349c\Microsoft.Build.Framework.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\232aa21775c58cdfc584c9aea828a6ed\dfsvc.ni.exe
+ 2010-01-04 21:11 . 2010-01-04 21:11 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5b0159d1e1269d2da867b576bd6359d5\Accessibility.ni.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 49152 c:\windows\assembly\GAC\VsWebSite.Interop\8.0.0.0__b03f5f7f11d50a3a\VsWebSite.Interop.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 73728 c:\windows\assembly\GAC\VSLangProj80\8.0.0.0__b03f5f7f11d50a3a\VSLangProj80.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 16384 c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 57344 c:\windows\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop.8.0\8.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.textmanager.interop.8.0.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 69632 c:\windows\assembly\GAC\Microsoft.VisualStudio.CommandBars\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.CommandBars.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 13312 c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2010-01-09 21:43 . 2009-04-30 10:01 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\usbd.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 8704 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\hccoin.dll
+ 2010-01-09 21:43 . 2009-04-30 10:19 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\usbd.sys
+ 2010-01-09 21:43 . 2009-04-30 12:17 8704 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\hccoin.dll
+ 2010-01-06 03:30 . 2009-10-08 21:07 4096 c:\windows\winsxs\x86_microsoft-windows-oleaccrc_31bf3856ad364e35_6.0.6002.18156_none_7ae05aee84ac8b45\oleaccrc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 9728 c:\windows\winsxs\x86_microsoft-windows-fdbth_31bf3856ad364e35_6.1.6002.18005_none_1d6c7085cffdc449\fdBthProxy.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 1591 c:\windows\System32\Uninst_EAPModules.bat
+ 2010-01-04 10:39 . 2009-04-11 06:28 9728 c:\windows\System32\fdBthProxy.dll
+ 2010-01-09 21:43 . 2009-04-30 10:01 5888 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\usbd.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 8704 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\hccoin.dll
+ 2010-01-09 21:43 . 2009-04-30 10:19 5888 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\usbd.sys
+ 2010-01-09 21:43 . 2009-04-30 12:17 8704 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\hccoin.dll
+ 2010-01-09 21:43 . 2009-04-30 10:01 5888 c:\windows\System32\drivers\usbd.sys
- 2008-01-21 02:32 . 2008-01-21 02:32 5888 c:\windows\System32\drivers\usbd.sys
+ 2010-01-09 20:06 . 2008-11-17 12:29 6656 c:\windows\System32\bcmwlrc.dll
- 2010-01-03 05:25 . 2010-01-03 05:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-01-12 18:59 . 2010-01-12 18:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-03 05:25 . 2010-01-03 05:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-12 18:59 . 2010-01-12 18:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-12 00:53 . 2010-01-12 00:53 4096 c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 540672 c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6002.18005_none_670656a59d28c52a\System.Workflow.Runtime.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 355328 c:\windows\winsxs\x86_wsdapi_31bf3856ad364e35_6.0.6002.18005_none_c09f05df4a786b69\WSDApi.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 299368 c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6002.18005_none_cb1ee58d05b10b78\XPSViewer.exe
+ 2010-01-04 10:39 . 2009-02-18 18:39 385024 c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6002.18005_none_56a789714b8827c4\UIAutomationClientsideProviders.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 167936 c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6002.18005_none_dc64713c3e6a3a55\UIAutomationClient.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 532480 c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6002.18005_none_0215a43c25db4bb0\ReachFramework.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 779136 c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6002.18005_none_58b184e643a21434\PresentationNative_v0300.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 323952 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6002.18005_none_71dfac5d1d3fa985\PresentationHost.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 129912 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.18005_none_71f6e6451d210713\PresentationHostDLL.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 163840 c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6002.18005_none_eca0aa05a7644a3b\PresentationFramework.Royale.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 397312 c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6002.18005_none_334a1181065d30ab\PresentationFramework.Luna.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 102816 c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6002.18005_none_cb80d8278b743c82\PresentationCFFRasterizerNative_v0300.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 598016 c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6002.18005_none_51f8b7ea4a9d538d\PresentationBuildTasks.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 839168 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdmtpdr.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 226816 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18112_none_2177efcb83dd35a0\wpdmtp.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 227840 c:\windows\winsxs\x86_wpdfs.inf_31bf3856ad364e35_6.0.6002.18112_none_27ca7fa9cfc85a60\wpdfs.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 185344 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\SearchProtocolHost.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 441344 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\SearchIndexer.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 670720 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\mssvp.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 203264 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\mssphtb.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 351744 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\mssph.dll
+ 2010-01-04 10:40 . 2009-04-11 01:59 107612 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_7.0.6002.18005_none_8ae0ca49e0ec3b69\StructuredQuerySchema.bin
+ 2010-01-04 10:40 . 2009-04-11 06:28 231424 c:\windows\winsxs\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.6002.18005_none_9a40a539f634f9c9\msshsq.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 970752 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 430080 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6002.18005_none_2583e58a40cfd5e1\System.IdentityModel.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 179048 c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6002.18005_none_020cd51c1a47b5b7\SMConfigInstaller.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 619864 c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6002.18005_none_33c323d46ec96a90\icardagt.exe
+ 2010-01-09 21:43 . 2009-04-30 10:01 226816 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\usbport.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 196608 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.22126_none_c022d5bc19dc5da5\usbhub.sys
+ 2010-01-04 10:39 . 2009-04-11 04:43 196096 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\usbhub.sys
+ 2010-01-09 21:43 . 2009-04-30 10:19 226816 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\usbport.sys
+ 2010-01-09 21:43 . 2009-04-30 10:20 196608 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.22423_none_be3962f61cb8bc7c\usbhub.sys
+ 2010-01-04 10:39 . 2009-04-11 04:43 196096 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6002.18005_none_cce3e0020b941ebb\usbhub.sys
+ 2010-01-09 21:43 . 2009-04-30 10:20 196608 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6001.22423_none_cb6f6a79279d6e95\usbhub.sys
+ 2010-01-04 10:40 . 2009-04-11 04:43 148992 c:\windows\winsxs\x86_tdibth.inf_31bf3856ad364e35_6.0.6002.18005_none_2fb0f05990b02736\rfcomm.sys
+ 2010-01-04 10:40 . 2009-02-18 18:39 368640 c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6002.18005_none_752bdbc9733e18f3\System.Printing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 486400 c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6002.18005_none_f311611fdd79c9ec\System.Data.OracleClient.dll
+ 2010-01-04 10:39 . 2009-04-11 06:27 513000 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpSoftEx.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 779264 c:\windows\winsxs\x86_ntprint.inf_31bf3856ad364e35_6.0.6002.18005_none_3cec160db7d4ac84\I386\MXDWDRV.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 407552 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6002.18005_none_9bffb484c4fe88e5\MPSSVC.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 435024 c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_367ac697383d5676\webengine.dll
+ 2010-01-06 03:29 . 2009-09-04 06:59 388920 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6002.22219_none_fcfe427e14d1391e\SOS.dll
+ 2010-01-06 03:29 . 2009-09-04 06:59 388936 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6002.18107_none_13cb1683fb2a8c7f\SOS.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 388936 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_13cb4437fb2a58ec\SOS.dll
+ 2010-01-04 17:34 . 2009-08-14 10:46 388920 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6001.22474_none_fd28beb6147a3db6\SOS.dll
+ 2010-01-04 17:34 . 2009-08-14 10:46 388920 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6001.18292_none_13f893bdfad0dccb\SOS.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 115536 c:\windows\winsxs\x86_netfx-shfusion_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_5ab3d7c5cc906c6a\shfusion.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 140096 c:\windows\winsxs\x86_netfx-peverify_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_9c71fdd24a2894cf\peverify.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 227648 c:\windows\winsxs\x86_netfx-mscorsvc__dll_b03f5f7f11d50a3a_6.0.6002.18005_none_5acba868045b1e4a\mscorsvc.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 110912 c:\windows\winsxs\x86_netfx-mscorpe_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_f7bf4c895c898280\mscorpe.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 363856 c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_bf382f0b3181090a\mscorjit.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 278848 c:\windows\winsxs\x86_netfx-mscoree_dll_31bf3856ad364e35_6.0.6002.18005_none_b74b7531534b7350\mscoree.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 304976 c:\windows\winsxs\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_7001c67a5cbf82c8\mscordbi.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 989528 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6002.22219_none_142ffabd20dc5d09\mscordacwks.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 989000 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6002.18107_none_2afccec30735b06a\mscordacwks.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 989000 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6002.18005_none_2afcfc7707357cd7\mscordacwks.dll
+ 2010-01-04 17:34 . 2009-08-14 10:45 989528 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6001.22474_none_145a76f5208561a1\mscordacwks.dll
+ 2010-01-04 17:34 . 2009-08-14 10:45 989016 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6001.18292_none_2b2a4bfd06dc00b6\mscordacwks.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 572248 c:\windows\winsxs\x86_netfx-debugging_msdia70_b03f5f7f11d50a3a_6.0.6002.18005_none_d0b9c35f150739f0\diasymreader.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 227640 c:\windows\winsxs\x86_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_6.0.6002.18005_none_02ebab318e2004bf\ilasm.exe
+ 2010-01-04 10:39 . 2009-04-11 06:32 107496 c:\windows\winsxs\x86_mpio.inf_31bf3856ad364e35_6.0.6002.18005_none_1f1e55a78c760aba\mpio.sys
+ 2010-01-04 10:39 . 2009-04-11 06:28 375808 c:\windows\winsxs\x86_microsoft.windows.winhttp_31bf3856ad364e35_5.1.6002.18005_none_26b9727abf452f46\winhttp.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 546816 c:\windows\winsxs\x86_microsoft.windows.h..ler.wpd-driverclass_31bf3856ad364e35_6.0.6002.18112_none_6a8bd86c653628e0\wpd_ci.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 161784 c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e\ATL90.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 626688 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\msvcr80.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 548864 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\msvcp80.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 479232 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\msvcm80.dll
+ 2010-01-05 23:43 . 2010-01-05 23:43 632656 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
+ 2010-01-05 23:43 . 2010-01-05 23:43 554832 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
+ 2010-01-05 23:43 . 2010-01-05 23:43 479232 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcm80.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 479232 c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcm80.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 163840 c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6002.18005_none_ef0049a993399a2b\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 134144 c:\windows\winsxs\x86_microsoft-windows-wpd-portabledevicesqm_31bf3856ad364e35_7.0.6002.18112_none_46439f2b6f000426\sqmapi.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 160256 c:\windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18112_none_4cde706de936888c\PortableDeviceTypes.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 100864 c:\windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18112_none_4cde706de936888c\PortableDeviceClassExtension.dll
+ 2010-01-06 03:31 . 2009-10-01 01:02 334848 c:\windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18112_none_4cde706de936888c\PortableDeviceApi.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 241152 c:\windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18005_none_4cec3f51e92bbb79\PortableDeviceApi.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 347648 c:\windows\winsxs\x86_microsoft-windows-wmi-core-wbemess-dll_31bf3856ad364e35_6.0.6002.18005_none_65c0c8302cc2b28b\wbemess.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 162304 c:\windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.0.6002.18005_none_a29e34dbf412e9da\WMIsvc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 247296 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6002.18005_none_124e37978886d513\WmiPrvSE.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 499712 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6002.18005_none_124e37978886d513\WmiPrvSD.dll
+ 2010-01-06 03:32 . 2009-09-25 02:07 189440 c:\windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_7.0.6002.18107_none_86efc43840ac1e52\WindowsCodecsExt.dll
+ 2010-01-06 03:32 . 2009-09-25 02:10 974848 c:\windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_7.0.6002.18107_none_89dfaf462924c1eb\WindowsCodecs.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 712704 c:\windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6002.18005_none_986d30869e3fe947\WindowsCodecs.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 199680 c:\windows\winsxs\x86_microsoft-windows-webdavredir-webclient_31bf3856ad364e35_6.0.6002.18005_none_571142c8b0d36ecd\WebClnt.dll
+ 2010-01-04 10:39 . 2009-04-11 04:14 114688 c:\windows\winsxs\x86_microsoft-windows-webdavredir-mrxdav_31bf3856ad364e35_6.0.6002.18005_none_16965e43c2dd6fe6\mrxdav.sys
+ 2010-01-04 10:40 . 2009-04-11 06:28 165376 c:\windows\winsxs\x86_microsoft-windows-wcn-netsh-helper_31bf3856ad364e35_6.1.6002.18005_none_ac3446f48f4d809d\WcnNetsh.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 413696 c:\windows\winsxs\x86_microsoft-windows-wcn-config-registrar_31bf3856ad364e35_6.0.6002.18005_none_2f082cdcbf0b91f1\wcncsvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 291328 c:\windows\winsxs\x86_microsoft-windows-w..simpleconfigeappeer_31bf3856ad364e35_6.1.6002.18005_none_c9a0ba3ab813001c\WscEapPr.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 532480 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.0.6002.18005_none_884f8c864562464f\wuapi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 968192 c:\windows\winsxs\x86_microsoft-windows-w..g-registrar-wizard2_31bf3856ad364e35_6.1.6002.18005_none_94c755d771369fee\wcnwiz2.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 747008 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WsmSvc.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 196608 c:\windows\winsxs\x86_microsoft-windows-w..ewmdrmcompatibility_31bf3856ad364e35_6.0.6002.18112_none_aeefe03423bfee4f\PortableDeviceWMDRM.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 143872 c:\windows\winsxs\x86_microsoft-windows-w..eakerstemmer-korean_31bf3856ad364e35_7.0.6002.18005_none_15ef6e2976a1ba03\korwbrkr.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 350208 c:\windows\winsxs\x86_microsoft-windows-w..cationcompatibility_31bf3856ad364e35_6.0.6002.18112_none_7007d7d4dbaec336\WPDSp.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 311808 c:\windows\winsxs\x86_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.0.6002.18005_none_4d1e72de7140762a\swprv.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 385536 c:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 928768 c:\windows\winsxs\x86_microsoft-windows-v..ck-uninstallremoval_31bf3856ad364e35_6.0.6002.18005_none_825070d3d8da2dcc\scavenge.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 502272 c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 627712 c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
+ 2010-01-06 03:30 . 2009-10-08 21:08 555520 c:\windows\winsxs\x86_microsoft-windows-uiautomationcore_31bf3856ad364e35_6.0.6002.18156_none_b1ceff3f3f65520f\UIAutomationCore.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6002.18005_none_e2638f7c8b886c1e\EncDec.dll
+ 2010-01-04 10:40 . 2009-04-11 06:33 897000 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
+ 2010-01-04 10:40 . 2009-04-11 06:28 595456 c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 169984 c:\windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 324608 c:\windows\winsxs\x86_microsoft-windows-t..ventextservice-core_31bf3856ad364e35_6.0.6002.18005_none_26404dc7656f3862\TableTextService.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 936960 c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18005_none_cc7c00e534312d1f\journal.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 807424 c:\windows\winsxs\x86_microsoft-windows-t..icesframework-msctf_31bf3856ad364e35_6.0.6002.18005_none_77af2925ebe6e4e5\msctf.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 353280 c:\windows\winsxs\x86_microsoft-windows-shlwapi_31bf3856ad364e35_6.0.6002.18005_none_fbc52b10a1d0b696\shlwapi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 190464 c:\windows\winsxs\x86_microsoft-windows-servicepackerror_31bf3856ad364e35_6.0.6002.18005_none_9096f9ef97c7c9b8\sperror.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 164352 c:\windows\winsxs\x86_microsoft-windows-servicepackcoordinator_31bf3856ad364e35_6.0.6002.18005_none_36ac9b2124b2bf26\spwizui.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 112640 c:\windows\winsxs\x86_microsoft-windows-servicepackcoordinator_31bf3856ad364e35_6.0.6002.18005_none_36ac9b2124b2bf26\spreview.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 289792 c:\windows\winsxs\x86_microsoft-windows-servicepackcoordinator_31bf3856ad364e35_6.0.6002.18005_none_36ac9b2124b2bf26\spinstall.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 268800 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6002.18005_none_2401c41a5264a20d\schannel.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 215040 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18005_none_7e9e65df5fac8e64\msv1_0.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 592896 c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 497664 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6002.18005_none_e8c25637adef5b44\kerberos.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 430080 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_6.0.6002.18005_none_4a457c5b2b08ce95\vbscript.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 512000 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_6.0.6002.18005_none_84cb61a2f4462259\jscript.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 361984 c:\windows\winsxs\x86_microsoft-windows-s..ty-licensing-slc-ux_31bf3856ad364e35_6.0.6002.18005_none_8c636822b2598b6a\SLUI.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 582144 c:\windows\winsxs\x86_microsoft-windows-s..ty-licensing-slc-ux_31bf3856ad364e35_6.0.6002.18005_none_8c636822b2598b6a\SLCommDlg.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 472064 c:\windows\winsxs\x86_microsoft-windows-s..sor-native-whitebox_31bf3856ad364e35_6.0.6002.18005_none_a2e0e86f2e99e936\secproc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 518144 c:\windows\winsxs\x86_microsoft-windows-s..sor-native-whitebox_31bf3856ad364e35_6.0.6002.18005_none_a2e0e86f2e99e936\RMActivate.exe
+ 2010-01-04 10:39 . 2009-04-11 06:27 279552 c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 958464 c:\windows\winsxs\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6002.18005_none_a44c9668365113ed\MineSweeper.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 347136 c:\windows\winsxs\x86_microsoft-windows-s..or-native-serverbox_31bf3856ad364e35_6.0.6002.18005_none_71aa389a61339ad6\RMActivate_ssp.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 179712 c:\windows\winsxs\x86_microsoft-windows-s..nt-configuration-ui_31bf3856ad364e35_6.0.6002.18005_none_a5e51f926e94dc52\snmpsnap.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 732160 c:\windows\winsxs\x86_microsoft-windows-s..nboxgames-solitaire_31bf3856ad364e35_6.0.6002.18005_none_7708d364f8cec1b9\Solitaire.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 476672 c:\windows\winsxs\x86_microsoft-windows-s..native-whitebox-isv_31bf3856ad364e35_6.0.6002.18005_none_eb3d570aeccb8177\secproc_isv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 526336 c:\windows\winsxs\x86_microsoft-windows-s..native-whitebox-isv_31bf3856ad364e35_6.0.6002.18005_none_eb3d570aeccb8177\RMActivate_isv.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 558080 c:\windows\winsxs\x86_microsoft-windows-s..mmaintenanceservice_31bf3856ad364e35_6.0.6002.18005_none_3f396b56dd591e23\sysmain.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 735232 c:\windows\winsxs\x86_microsoft-windows-s..mes-spidersolitaire_31bf3856ad364e35_6.0.6002.18005_none_84a3ad727270f018\SpiderSolitaire.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 721408 c:\windows\winsxs\x86_microsoft-windows-s..l-inboxgames-hearts_31bf3856ad364e35_6.0.6002.18005_none_f5f5773b60fa9900\Hearts.exe
+ 2010-01-04 10:40 . 2009-04-11 02:52 684032 c:\windows\winsxs\x86_microsoft-windows-s..ive-blackbox-driver_31bf3856ad364e35_6.0.6002.18005_none_0b5dfb3fa4f88147\spsys.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 724480 c:\windows\winsxs\x86_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_6.0.6002.18005_none_5a5d3ea699fc973f\FreeCell.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 228352 c:\windows\winsxs\x86_microsoft-windows-s..icensing-slc-client_31bf3856ad364e35_6.0.6002.18005_none_c70ad3fba30f2730\SLC.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 346624 c:\windows\winsxs\x86_microsoft-windows-s..ative-serverbox-isv_31bf3856ad364e35_6.0.6002.18005_none_f7024894fb90ab91\RMActivate_ssp_isv.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.18005_none_b5e6182342361aab\rpcrt4.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 466944 c:\windows\winsxs\x86_microsoft-windows-riched32_31bf3856ad364e35_6.0.6002.18005_none_9eec2ce27fbd701c\riched20.dll
+ 2010-01-04 10:40 . 2009-04-11 04:14 225280 c:\windows\winsxs\x86_microsoft-windows-rdbss_31bf3856ad364e35_6.0.6002.18005_none_5bc050d85e8b3ae0\rdbss.sys
+ 2010-01-04 10:40 . 2009-04-11 06:28 736256 c:\windows\winsxs\x86_microsoft-windows-r..t-managementconsole_31bf3856ad364e35_6.0.6002.18005_none_f4442f949850c43c\ntmsmgr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 880640 c:\windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6002.18005_none_8a585db5935f36ca\RacEngn.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 332288 c:\windows\winsxs\x86_microsoft-windows-r..ement-client-v1-api_31bf3856ad364e35_6.0.6002.18005_none_e9e915e490665d32\msdrm.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 754688 c:\windows\winsxs\x86_microsoft-windows-propsys_31bf3856ad364e35_7.0.6002.18005_none_f5b95c0eb6772c81\propsys.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 373760 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18005_none_dc87d5dda8042659\iisw3adm.dll
+ 2010-01-06 03:32 . 2009-09-25 01:48 351232 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_7.0.6002.18107_none_9f011af59951f340\XpsPrint.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 378368 c:\windows\winsxs\x86_microsoft-windows-pnpdevicemanager_31bf3856ad364e35_6.0.6002.18005_none_15c2137e1ca283f9\devmgr.dll
+ 2010-01-06 03:32 . 2009-09-25 02:04 321024 c:\windows\winsxs\x86_microsoft-windows-photometadatahandler_31bf3856ad364e35_7.0.6002.18107_none_bdcd592c6d8ad7f7\PhotoMetadataHandler.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 425472 c:\windows\winsxs\x86_microsoft-windows-photometadatahandler_31bf3856ad364e35_6.0.6002.18005_none_cc5ada6ce2a5ff53\PhotoMetadataHandler.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 852480 c:\windows\winsxs\x86_microsoft-windows-photolibraryshell_31bf3856ad364e35_6.0.6002.18005_none_952f3214ee181145\PhotoLibraryMain.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 293376 c:\windows\winsxs\x86_microsoft-windows-photo-printing-wizard_31bf3856ad364e35_6.0.6002.18005_none_56d44957da339830\photowiz.dll
+ 2010-01-06 03:32 . 2009-09-25 01:33 369664 c:\windows\winsxs\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_7.0.6002.18107_none_9297a600cdc57a69\WMPhoto.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 321536 c:\windows\winsxs\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6002.18005_none_a125274142e0a1c5\WMPhoto.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 327168 c:\windows\winsxs\x86_microsoft-windows-peertopeergraphing_31bf3856ad364e35_6.0.6002.18005_none_64ae53e0e6e05555\P2PGraph.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 644608 c:\windows\winsxs\x86_microsoft-windows-peertopeerbase_31bf3856ad364e35_6.0.6002.18005_none_6dc3b4192328b522\p2psvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 403968 c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6002.18005_none_ac334ecffd43e504\WinCollab.exe
+ 2010-01-06 03:32 . 2009-09-24 22:55 258048 c:\windows\winsxs\x86_microsoft-windows-p..ting-spooler-client_31bf3856ad364e35_6.0.6002.22197_none_9543bd3e2f3469c3\winspool.drv
+ 2010-01-06 03:32 . 2009-09-24 22:54 258048 c:\windows\winsxs\x86_microsoft-windows-p..ting-spooler-client_31bf3856ad364e35_6.0.6002.18088_none_94c5f0a9160dc75f\winspool.drv
+ 2010-01-04 10:40 . 2009-04-11 06:28 160768 c:\windows\winsxs\x86_microsoft-windows-p..pooler-core-spoolss_31bf3856ad364e35_6.0.6002.18005_none_5d250beb8b820ea2\spoolss.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 443392 c:\windows\winsxs\x86_microsoft-windows-p..ooler-networkclient_31bf3856ad364e35_6.0.6002.18005_none_3b5eb3c56e0bcf3e\win32spl.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 621568 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.18005_none_3206d7078fcfe427\localspl.dll
+ 2010-01-06 03:32 . 2009-09-24 22:55 667648 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.22164_none_2de0cf8ef1d7d6cc\printfilterpipelinesvc.exe
+ 2010-01-06 03:32 . 2009-09-24 22:54 667648 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18060_none_2d53319bd8bdd1a6\printfilterpipelinesvc.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 666624 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18005_none_2d991295d888a8b3\printfilterpipelinesvc.exe
+ 2010-01-06 03:30 . 2009-10-08 21:08 234496 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.0.6002.18156_none_6c3b296e1fad2902\oleacc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 563712 c:\windows\winsxs\x86_microsoft-windows-ole-automation_31bf3856ad364e35_6.0.6002.18005_none_beeba399f89bfe74\oleaut32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 469504 c:\windows\winsxs\x86_microsoft-windows-newdev_31bf3856ad364e35_6.0.6002.18005_none_1361c4604dcae2ff\newdev.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 438784 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6002.18005_none_cf0fe8f527aca355\IKEEXT.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 334848 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6002.18005_none_cf0fe8f527aca355\BFE.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:32 223208 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6002.18005_none_5886e5e1b26f52ab\netio.sys
+ 2010-01-04 10:40 . 2009-04-11 06:28 805376 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NaturalLanguage6.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 396288 c:\windows\winsxs\x86_microsoft-windows-n..rity-domain-clients_31bf3856ad364e35_6.0.6002.18005_none_1cc5f4e4ef578833\ipsmsnap.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 463872 c:\windows\winsxs\x86_microsoft-windows-n..n_service_migplugin_31bf3856ad364e35_6.0.6002.18005_none_603a0855476eea04\IasMigReader.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 454144 c:\windows\winsxs\x86_microsoft-windows-n..n_service_migplugin_31bf3856ad364e35_6.0.6002.18005_none_603a0855476eea04\IasMigPlugin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 324608 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6002.18005_none_d31a09b83321829f\sdohlp.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 119296 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6002.18005_none_d31a09b83321829f\iasrecst.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 302592 c:\windows\winsxs\x86_microsoft-windows-n..essprotection-agent_31bf3856ad364e35_6.0.6002.18005_none_0883ae29eaa2c24f\QAGENTRT.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 679936 c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 406528 c:\windows\winsxs\x86_microsoft-windows-msvcp60_31bf3856ad364e35_6.0.6002.18005_none_448d0d9cae814deb\msvcp60.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 931840 c:\windows\winsxs\x86_microsoft-windows-msmq-queuemanager-core_31bf3856ad364e35_6.0.6002.18005_none_81a35cb05cbb7077\mqqm.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 603136 c:\windows\winsxs\x86_microsoft-windows-msmq-admin_31bf3856ad364e35_6.0.6002.18005_none_b9397aaa3a8e3002\mqsnap.dll
+ 2010-01-04 10:39 . 2009-04-11 04:12 617984 c:\windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.0.6002.18005_none_c92df35a758f4008\adtschema.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 539136 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-migration_31bf3856ad364e35_6.0.6002.18005_none_e00b3823f9132c02\MediaPlayer-DLMigPlugin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 978432 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_6.0.6002.18005_none_7019944ec1eeb995\drmv2clt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 710144 c:\windows\winsxs\x86_microsoft-windows-magnify_31bf3856ad364e35_6.0.6002.18005_none_7019507895d1ab0f\Magnify.exe
+ 2010-01-04 10:40 . 2009-04-11 06:32 438744 c:\windows\winsxs\x86_microsoft-windows-m..update-genuineintel_31bf3856ad364e35_6.0.6002.18005_none_beab856daf6f1990\mcupdate_GenuineIntel.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 290816 c:\windows\winsxs\x86_microsoft-windows-m..ss-components-jetes_31bf3856ad364e35_6.0.6002.18005_none_389d8fc5ca0a2dbf\msjtes40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 663552 c:\windows\winsxs\x86_microsoft-windows-m..server-provider-dll_31bf3856ad364e35_6.0.6002.18005_none_66e4aed5831b0254\sqloledb.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 524288 c:\windows\winsxs\x86_microsoft-windows-m..qlserver-driver-dll_31bf3856ad364e35_6.0.6002.18005_none_670fff83fbb3b2fd\sqlsrv32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 454656 c:\windows\winsxs\x86_microsoft-windows-m..ponents-jetxbasepdx_31bf3856ad364e35_6.0.6002.18005_none_93fcc57f1de720d2\msxbde40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 368640 c:\windows\winsxs\x86_microsoft-windows-m..ponents-jetxbasepdx_31bf3856ad364e35_6.0.6002.18005_none_93fcc57f1de720d2\mspbde40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 241664 c:\windows\winsxs\x86_microsoft-windows-m..onents-jetexchlotus_31bf3856ad364e35_6.0.6002.18005_none_c5272e4c4a94dfdc\msltus40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 409600 c:\windows\winsxs\x86_microsoft-windows-m..onents-jetexchlotus_31bf3856ad364e35_6.0.6002.18005_none_c5272e4c4a94dfdc\msexch40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 618496 c:\windows\winsxs\x86_microsoft-windows-m..mponents-jetintlerr_31bf3856ad364e35_6.0.6002.18005_none_115c4d1dbd8c05af\mswstr10.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 856064 c:\windows\winsxs\x86_microsoft-windows-m..mponents-jetintlerr_31bf3856ad364e35_6.0.6002.18005_none_115c4d1dbd8c05af\mswdat10.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 950272 c:\windows\winsxs\x86_microsoft-windows-m..lepc-mobilitycenter_31bf3856ad364e35_6.0.6002.18005_none_5c856de60864e540\mblctr.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 339968 c:\windows\winsxs\x86_microsoft-windows-m..components-jetexcel_31bf3856ad364e35_6.0.6002.18005_none_1ffa239a3f5ee094\msexcl40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 409600 c:\windows\winsxs\x86_microsoft-windows-m..c-drivermanager-dll_31bf3856ad364e35_6.0.6002.18005_none_121e2b45e71aef1a\odbc32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 539136 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MediaPlayer-DLMigPlugin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 454144 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\IasMigPlugin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 282624 c:\windows\winsxs\x86_microsoft-windows-m..-components-jettext_31bf3856ad364e35_6.0.6002.18005_none_089319a1a388344c\mstext40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 643072 c:\windows\winsxs\x86_microsoft-windows-m..-components-jetrepl_31bf3856ad364e35_6.0.6002.18005_none_055b5efda590fdde\msrepl40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 344064 c:\windows\winsxs\x86_microsoft-windows-m..-components-jet2x3x_31bf3856ad364e35_6.0.6002.18005_none_e98aa69fb791ca32\msrd3x40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 319488 c:\windows\winsxs\x86_microsoft-windows-m..-components-jet2x3x_31bf3856ad364e35_6.0.6002.18005_none_e98aa69fb791ca32\msrd2x40.dll
+ 2010-01-06 03:32 . 2009-09-25 01:27 634880 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_7.0.6002.18107_none_9f26906a6b93696c\dxgkrnl.sys
+ 2010-01-04 10:40 . 2009-04-11 04:23 626176 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6002.18005_none_adb411aae0ae90c8\dxgkrnl.sys
+ 2010-01-04 10:39 . 2009-04-11 06:28 287744 c:\windows\winsxs\x86_microsoft-windows-ldap-client_31bf3856ad364e35_6.0.6002.18005_none_f527c0a3538d7f27\Wldap32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 891392 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 545792 c:\windows\winsxs\x86_microsoft-windows-ime-korean-tipprofile_31bf3856ad364e35_6.0.6002.18005_none_93b8c56ddb4ef71b\imkrtip.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 126976 c:\windows\winsxs\x86_microsoft-windows-ime-korean-skfpad_31bf3856ad364e35_6.0.6002.18005_none_4e74df4559bbd0f2\imkrskf.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 285184 c:\windows\winsxs\x86_microsoft-windows-ime-korean-cacpad_31bf3856ad364e35_6.0.6002.18005_none_726d1e487f8f2305\imkrcac.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 378368 c:\windows\winsxs\x86_microsoft-windows-imapiv2-base_31bf3856ad364e35_6.0.6002.18005_none_c4f5e8f20fc383b8\imapi2.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 331264 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\nativerd.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 270336 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6002.18005_none_498f236589a5fb8f\iertutil.dll
+ 2010-01-04 10:39 . 2009-04-11 06:27 636080 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 477184 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6002.18005_none_4a14627340869040\mshtmled.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 461824 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6002.18005_none_61d2035837982fea\msfeeds.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 380928 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6002.18005_none_fd7d8f6368e05785\ieapfltr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 398848 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6002.18005_none_763be585549efdf9\iedkcs32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 418304 c:\windows\winsxs\x86_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_5b6f7698fe19d857\imtcui.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:27 361472 c:\windows\winsxs\x86_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_5b6f7698fe19d857\IMTCPROP.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 543744 c:\windows\winsxs\x86_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_5b6f7698fe19d857\IMTCCORE.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 170496 c:\windows\winsxs\x86_microsoft-windows-i..tional-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_5b6f7698fe19d857\IMTCCFG.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 199168 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.18005_none_13ce8bde797c36f2\iphlpsvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 368640 c:\windows\winsxs\x86_microsoft-windows-i..lified-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_19fcd6ed45154956\imscui.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 653824 c:\windows\winsxs\x86_microsoft-windows-i..lified-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_19fcd6ed45154956\ImSCCore.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 124416 c:\windows\winsxs\x86_microsoft-windows-i..lified-chinese-core_31bf3856ad364e35_6.0.6002.18005_none_19fcd6ed45154956\ImSCCfg.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 293376 c:\windows\winsxs\x86_microsoft-windows-i..hinese-imepadapplet_31bf3856ad364e35_6.0.6002.18005_none_fd148db3f8a0d120\IMTCCAC.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 131584 c:\windows\winsxs\x86_microsoft-windows-i..ed-chinese-csapplet_31bf3856ad364e35_6.0.6002.18005_none_436ce1d9dde0c3d5\PINTLCSA.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 608768 c:\windows\winsxs\x86_microsoft-windows-i..chinese-tip_profile_31bf3856ad364e35_6.0.6002.18005_none_d625df0975cb809f\IMTCTIP.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 677376 c:\windows\winsxs\x86_microsoft-windows-i..2-filesystemsupport_31bf3856ad364e35_6.0.6002.18005_none_83a4ebe36223c8bf\imapi2fs.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 323584 c:\windows\winsxs\x86_microsoft-windows-i..-chinese-tipprofile_31bf3856ad364e35_6.0.6002.18005_none_8badd9770ab52201\IMSCTIP.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 576512 c:\windows\winsxs\x86_microsoft-windows-grouppolicy-base_31bf3856ad364e35_6.0.6002.18005_none_2a0edaeae4247151\gpsvc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 297472 c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6002.18005_none_5b6a2308467356b7\gdi32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 950784 c:\windows\winsxs\x86_microsoft-windows-g..policy-admin-gpedit_31bf3856ad364e35_6.0.6002.18005_none_d01da5a1620933d1\gpedit.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 163840 c:\windows\winsxs\x86_microsoft-windows-eventlog-commandline_31bf3856ad364e35_6.0.6002.18005_none_c2bfaeab79f1d2d4\wevtutil.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 250368 c:\windows\winsxs\x86_microsoft-windows-eventlog-api_31bf3856ad364e35_6.0.6002.18005_none_ae1c7b28626bfdb3\wevtapi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 205824 c:\windows\winsxs\x86_microsoft-windows-eudcedit_31bf3856ad364e35_6.0.6002.18005_none_5b83fdb1bc9ff285\eudcedit.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 114176 c:\windows\winsxs\x86_microsoft-windows-es-shellextension_31bf3856ad364e35_6.0.6002.18005_none_fae9cb63f2d528b4\EhStorShell.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 117248 c:\windows\winsxs\x86_microsoft-windows-es-authentication_31bf3856ad364e35_6.0.6002.18005_none_43a835ad13baa605\EhStorAuthn.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 485888 c:\windows\winsxs\x86_microsoft-windows-enhancedvideorenderer_31bf3856ad364e35_6.0.6002.18005_none_918df6b7c9a84a60\evr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 120320 c:\windows\winsxs\x86_microsoft-windows-enhancedstorage-api_31bf3856ad364e35_6.0.6002.18005_none_d71a47f60ce8447a\EhStorAPI.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 564224 c:\windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6002.18005_none_a077655af3dc2c88\emdmgmt.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 183808 c:\windows\winsxs\x86_microsoft-windows-e..-protocol-host-peer_31bf3856ad364e35_6.0.6002.18005_none_65ff0438c08bf3b7\eapphost.dll
+ 2010-01-06 03:32 . 2009-09-25 01:33 829440 c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_7.0.6002.18107_none_ddc19bafdeb30271\d3d10warp.dll
+ 2010-01-06 03:32 . 2009-09-25 01:30 481792 c:\windows\winsxs\x86_microsoft-windows-directx-dxgi_31bf3856ad364e35_7.0.6002.18107_none_2ddc701ea6935db8\dxgi.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 519680 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d11_31bf3856ad364e35_7.0.6002.18107_none_e31646a255b2bb52\d3d11.dll
+ 2010-01-06 03:32 . 2009-09-25 01:30 190464 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10_31bf3856ad364e35_7.0.6002.18107_none_e3165d6a55b2a1b1\d3d10core.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 218112 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_7.0.6002.18107_none_438775313198baea\d3d10_1core.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 161280 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_7.0.6002.18107_none_438775313198baea\d3d10_1.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 486912 c:\windows\winsxs\x86_microsoft-windows-directx-d3d10level9_31bf3856ad364e35_7.0.6002.18107_none_d6bc647e27993a91\d3d10level9.dll
+ 2010-01-06 03:32 . 2009-09-25 01:27 793088 c:\windows\winsxs\x86_microsoft-windows-directwrite-fontcache_31bf3856ad364e35_7.0.6002.18107_none_f80806179955d90c\FntCache.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 483328 c:\windows\winsxs\x86_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.0.6002.18005_none_b3d9d2699e1659b0\samsrv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 478208 c:\windows\winsxs\x86_microsoft-windows-devicepairingdll_31bf3856ad364e35_6.1.6002.18005_none_381d869e9efd77a1\DevicePairing.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 828928 c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_7.0.6002.18107_none_9afade8fe3f79d22\d2d1.dll
+ 2010-01-06 03:32 . 2009-09-25 01:33 195584 c:\windows\winsxs\x86_microsoft-windows-d..x-directxdiagnostic_31bf3856ad364e35_7.0.6002.18107_none_17218ffde5ca9cc0\dxdiagn.dll
+ 2010-01-06 03:32 . 2009-09-25 01:32 252928 c:\windows\winsxs\x86_microsoft-windows-d..x-directxdiagnostic_31bf3856ad364e35_7.0.6002.18107_none_17218ffde5ca9cc0\dxdiag.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 729600 c:\windows\winsxs\x86_microsoft-windows-d..s-ime-japanese-core_31bf3856ad364e35_6.0.6002.18005_none_7156d67f8ac9ab5b\IMJP10K.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 203264 c:\windows\winsxs\x86_microsoft-windows-d..pwindowmanager-udwm_31bf3856ad364e35_6.0.6002.18005_none_8a7e96cabd99b875\uDWM.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 327680 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.0.6002.18005_none_93df2440cd459aa5\IMJPAPI.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 364032 c:\windows\winsxs\x86_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.0.6002.18005_none_7be20a3685f7fe82\IMETIP.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 278016 c:\windows\winsxs\x86_microsoft-windows-d..japanese-propertyui_31bf3856ad364e35_6.0.6002.18005_none_94ac99e3674d854f\imjputyc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 343552 c:\windows\winsxs\x86_microsoft-windows-d..e-handwritingapplet_31bf3856ad364e35_6.0.6002.18005_none_10945746ed5b64ff\IMJPCAC.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 826880 c:\windows\winsxs\x86_microsoft-windows-d..e-coretipjpnprofile_31bf3856ad364e35_6.0.6002.18005_none_e3c57db0fb1e8e2b\IMJPTIP.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 578560 c:\windows\winsxs\x86_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.0.6002.18005_none_cf352948ca2d1809\MSCAND20.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:27 310784 c:\windows\winsxs\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6002.18005_none_ef1cb7f16f3c7508\IMJPDCT.EXE
+ 2010-01-04 10:40 . 2009-04-11 06:28 978944 c:\windows\winsxs\x86_microsoft-windows-crypt32-dll_31bf3856ad364e35_6.0.6002.18005_none_5d5b3ae7daf59226\crypt32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:27 194048 c:\windows\winsxs\x86_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.0.6002.18005_none_78ed24422a0dc451\drvinst.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 136192 c:\windows\winsxs\x86_microsoft-windows-content-filter-html_31bf3856ad364e35_7.0.6002.18005_none_15e75f093a4b2c5d\nlhtml.dll
+ 2010-01-06 03:32 . 2009-09-25 01:38 847360 c:\windows\winsxs\x86_microsoft-windows-component-opcom_31bf3856ad364e35_7.0.6002.18107_none_9694f99f3a97a698\OpcServices.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 450560 c:\windows\winsxs\x86_microsoft-windows-comdlg32_31bf3856ad364e35_6.0.6002.18005_none_b79c8aada2c95ef1\comdlg32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 560640 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6002.18005_none_4ede66c2b66f93f3\msdtcprx.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 550400 c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
+ 2010-01-04 10:40 . 2009-04-11 06:33 614376 c:\windows\winsxs\x86_microsoft-windows-codeintegrity_31bf3856ad364e35_6.0.6002.18005_none_a2636a4a01e1af92\ci.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 323584 c:\windows\winsxs\x86_microsoft-windows-c..tionauthorityclient_31bf3856ad364e35_6.0.6002.18005_none_d9692e8839c95372\certcli.dll
+ 2010-01-06 03:32 . 2009-09-25 01:35 135680 c:\windows\winsxs\x86_microsoft-windows-c..nt-xpsrasterservice_31bf3856ad364e35_7.0.6002.18107_none_0dfb54ccb407a2d9\XpsRasterService.dll
+ 2010-01-06 03:32 . 2009-09-25 01:36 280064 c:\windows\winsxs\x86_microsoft-windows-c..ent-xpsgdiconverter_31bf3856ad364e35_7.0.6002.18107_none_064a6d5573576b79\XpsGdiConverter.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 268800 c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 758784 c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
+ 2010-01-04 10:39 . 2009-04-11 06:33 926184 c:\windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94\winresume.exe
+ 2010-01-04 10:40 . 2009-04-11 06:33 986600 c:\windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94\winload.exe
+ 2010-01-04 10:39 . 2009-04-11 06:32 405992 c:\windows\winsxs\x86_microsoft-windows-b..re-memorydiagnostic_31bf3856ad364e35_6.0.6002.18005_none_da20c77601bf260a\memtest.exe
+ 2010-01-04 10:39 . 2009-04-11 06:33 926184 c:\windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6002.18005_none_6b24103689ec6965\winresume.exe
+ 2010-01-04 10:40 . 2009-04-11 06:33 986600 c:\windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6002.18005_none_6b24103689ec6965\winload.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 315392 c:\windows\winsxs\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.0.6002.18005_none_788b3d32e1c18b26\audiosrv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 800768 c:\windows\winsxs\x86_microsoft-windows-advapi32_31bf3856ad364e35_6.0.6002.18005_none_e533cab683a383fc\advapi32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 199168 c:\windows\winsxs\x86_microsoft-windows-a..terface-ldapc-layer_31bf3856ad364e35_6.0.6002.18005_none_611ded45639f24c8\adsldpc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 542720 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6002.18005_none_0e11b25def6a9c75\AcLayers.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 459264 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6002.18005_none_0e10b213ef6b831e\AcSpecfc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:32 180712 c:\windows\winsxs\x86_iscsi.inf_31bf3856ad364e35_6.0.6002.18005_none_3eaf3ebff0c87d7a\msiscsi.sys
+ 2010-01-04 10:40 . 2009-02-18 18:38 879448 c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6002.18005_none_cb66ec8b18dd702e\infocard.exe
+ 2010-01-04 10:40 . 2009-04-11 04:42 561152 c:\windows\winsxs\x86_hdaudbus.inf_31bf3856ad364e35_6.0.6002.18005_none_790d0bed83a8ec35\hdaudbus.sys
+ 2010-01-04 10:40 . 2009-04-11 06:28 301568 c:\windows\winsxs\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.6002.18005_none_15e4ec5734c7f588\srchadmin.dll
+ 2010-01-09 21:45 . 2009-06-17 10:59 196608 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22153_none_7481c9e2d1fafbb2\fsquirt.exe
+ 2010-01-09 21:45 . 2009-06-17 10:59 507904 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.22153_none_7481c9e2d1fafbb2\bthport.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 196608 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.18052_none_73f72ccdb8de4291\fsquirt.exe
+ 2010-01-09 21:45 . 2009-06-17 13:23 507904 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.18052_none_73f72ccdb8de4291\bthport.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 196608 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.18005_none_74303d47b8b302e1\fsquirt.exe
+ 2010-01-04 10:40 . 2009-04-11 04:43 507904 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6002.18005_none_74303d47b8b302e1\bthport.sys
+ 2010-01-04 10:39 . 2009-02-18 18:38 150360 c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6002.18005_none_08b92fa9b7d2e1a2\WsatConfig.exe
+ 2010-01-04 10:39 . 2009-02-18 18:39 385024 c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6002.18005_none_b8ccd8327f35c5df\UIAutomationClientsideProviders.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 167936 c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6002.18005_none_23108d9a8560f8b8\UIAutomationClient.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 540672 c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6002.18005_none_da0a9f69bc7eab2e\System.Workflow.Runtime.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 970752 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 970752 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 430080 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6002.18005_none_1d35f4104460221f\System.IdentityModel.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 626688 c:\windows\winsxs\msil_system.drawing_b03f5f7f11d50a3a_6.0.6002.18005_none_8f6eb5fdf12629bc\System.Drawing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 970752 c:\windows\winsxs\msil_system.deployment_b03f5f7f11d50a3a_6.0.6002.18005_none_5fd691f73142d41f\System.Deployment.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 745472 c:\windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.0.6002.18005_none_3153bfada5516881\System.Data.SqlXml.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 425984 c:\windows\winsxs\msil_system.configuration_b03f5f7f11d50a3a_6.0.6002.18005_none_2afff036370d4fd2\System.configuration.dll
+ 2010-01-04 10:39 . 2009-02-18 18:38 129880 c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6002.18005_none_12354c1054c35525\SMSvcHost.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 154472 c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6002.18005_none_4aa84200fc580287\ServiceModelReg.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 532480 c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6002.18005_none_439ad0affea2839f\ReachFramework.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 864256 c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6002.18005_none_ad960e0439a9be86\PresentationUI.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 163840 c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6002.18005_none_9c96b85b8e663ccc\PresentationFramework.Royale.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 397312 c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6002.18005_none_1a0e64ec6d65920e\PresentationFramework.Luna.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 598016 c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6002.18005_none_9e0bf58c35ba287c\PresentationBuildTasks.dll
+ 2010-01-04 10:39 . 2009-04-11 06:31 417792 c:\windows\winsxs\msil_mmcex_31bf3856ad364e35_6.0.6002.18005_none_fdd3b6785be3af44\MMCEx.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 659456 c:\windows\winsxs\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6002.18005_none_ad69093e0186cb39\Microsoft.VisualBasic.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 397312 c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6002.18005_none_c7bec71ffdedf435\Microsoft.Transactions.Bridge.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 389120 c:\windows\winsxs\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6002.18005_none_387c914c0ed279d3\Microsoft.Build.Engine.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 166752 c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6002.18005_none_eb63fcdad4ebfd16\ComSvcConfig.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 299368 c:\windows\System32\XPSViewer\XPSViewer.exe
+ 2010-01-06 03:32 . 2009-09-25 01:35 135680 c:\windows\System32\XpsRasterService.dll
+ 2010-01-06 03:32 . 2009-09-25 01:48 351232 c:\windows\System32\XpsPrint.dll
+ 2010-01-06 03:32 . 2009-09-25 01:36 280064 c:\windows\System32\XpsGdiConverter.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 747008 c:\windows\System32\WsmSvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 291328 c:\windows\System32\WscEapPr.dll
+ 2010-01-06 03:32 . 2009-09-25 01:33 369664 c:\windows\System32\WMPhoto.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 287744 c:\windows\System32\Wldap32.dll
+ 2010-01-06 03:32 . 2009-09-24 22:54 258048 c:\windows\System32\winspool.drv
- 2008-01-21 02:33 . 2008-01-21 02:33 258048 c:\windows\System32\winspool.drv
+ 2010-01-04 10:39 . 2009-04-11 06:33 926184 c:\windows\System32\winresume.exe
+ 2010-01-04 10:40 . 2009-04-11 06:33 986600 c:\windows\System32\winload.exe

#10 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 03:00 PM

the rest of the log




+ 2010-01-06 03:32 . 2009-09-25 02:07 189440 c:\windows\System32\WindowsCodecsExt.dll
+ 2010-01-06 03:32 . 2009-09-25 02:10 974848 c:\windows\System32\WindowsCodecs.dll
- 2010-01-03 01:00 . 2008-08-12 03:39 443392 c:\windows\System32\win32spl.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 443392 c:\windows\System32\win32spl.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 163840 c:\windows\System32\wevtutil.exe
- 2008-01-21 02:34 . 2008-01-21 02:34 250368 c:\windows\System32\wevtapi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 250368 c:\windows\System32\wevtapi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 199680 c:\windows\System32\WebClnt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 968192 c:\windows\System32\wcnwiz2.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 165376 c:\windows\System32\WcnNetsh.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 413696 c:\windows\System32\wcncsvc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 162304 c:\windows\System32\wbem\WMIsvc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 247296 c:\windows\System32\wbem\WmiPrvSE.exe
- 2010-01-03 00:42 . 2009-03-03 02:16 247296 c:\windows\System32\wbem\WmiPrvSE.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 499712 c:\windows\System32\wbem\WmiPrvSD.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 347648 c:\windows\System32\wbem\wbemess.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 347648 c:\windows\System32\wbem\wbemess.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 385536 c:\windows\System32\vds.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 502272 c:\windows\System32\usp10.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 627712 c:\windows\System32\user32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 203264 c:\windows\System32\uDWM.dll
+ 2010-01-09 21:54 . 2009-01-16 13:16 398336 c:\windows\System32\TVWizudlg.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 169984 c:\windows\System32\taskeng.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 558080 c:\windows\System32\sysmain.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 311808 c:\windows\System32\swprv.dll
+ 2010-01-04 10:40 . 2009-04-11 01:59 107612 c:\windows\System32\StructuredQuerySchema.bin
+ 2010-01-09 21:34 . 2008-12-20 11:01 173056 c:\windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 155648 c:\windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd32.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 139264 c:\windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36032.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 155648 c:\windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp32.dll
- 2010-01-03 02:31 . 2008-05-27 05:17 301568 c:\windows\System32\srchadmin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 301568 c:\windows\System32\srchadmin.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 524288 c:\windows\System32\sqlsrv32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 164352 c:\windows\System32\spwizui.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 112640 c:\windows\System32\spreview.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 160768 c:\windows\System32\spoolss.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 289792 c:\windows\System32\spinstall.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 190464 c:\windows\System32\sperror.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 361984 c:\windows\System32\SLUI.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 582144 c:\windows\System32\SLCommDlg.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 228352 c:\windows\System32\SLC.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 353280 c:\windows\System32\shlwapi.dll
+ 2010-01-04 10:39 . 2009-04-11 06:27 279552 c:\windows\System32\services.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 476672 c:\windows\System32\secproc_isv.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 472064 c:\windows\System32\secproc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 472064 c:\windows\System32\secproc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 185344 c:\windows\System32\SearchProtocolHost.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 441344 c:\windows\System32\SearchIndexer.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 324608 c:\windows\System32\sdohlp.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 595456 c:\windows\System32\schedsvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 928768 c:\windows\System32\scavenge.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 483328 c:\windows\System32\samsrv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 550400 c:\windows\System32\rpcss.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 346624 c:\windows\System32\RMActivate_ssp_isv.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 346624 c:\windows\System32\RMActivate_ssp_isv.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 347136 c:\windows\System32\RMActivate_ssp.exe
- 2008-01-21 02:33 . 2008-01-21 02:33 347136 c:\windows\System32\RMActivate_ssp.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 526336 c:\windows\System32\RMActivate_isv.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 518144 c:\windows\System32\RMActivate.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 466944 c:\windows\System32\riched20.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 880640 c:\windows\System32\RacEngn.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 758784 c:\windows\System32\qmgr.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 302592 c:\windows\System32\QAGENTRT.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 754688 c:\windows\System32\propsys.dll
+ 2010-01-06 03:32 . 2009-09-24 22:54 667648 c:\windows\System32\printfilterpipelinesvc.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 779136 c:\windows\System32\PresentationNative_v0300.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 323952 c:\windows\System32\PresentationHost.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 102816 c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 293376 c:\windows\System32\photowiz.dll
+ 2010-01-06 03:32 . 2009-09-25 02:04 321024 c:\windows\System32\PhotoMetadataHandler.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 644608 c:\windows\System32\p2psvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 327168 c:\windows\System32\P2PGraph.dll
+ 2010-01-06 03:32 . 2009-09-25 01:38 847360 c:\windows\System32\OpcServices.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 563712 c:\windows\System32\oleaut32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 409600 c:\windows\System32\odbc32.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 409600 c:\windows\System32\odbc32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 136192 c:\windows\System32\nlhtml.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 469504 c:\windows\System32\newdev.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 592896 c:\windows\System32\netlogon.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 805376 c:\windows\System32\NaturalLanguage6.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 454656 c:\windows\System32\msxbde40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 618496 c:\windows\System32\mswstr10.dll
- 2006-11-02 06:47 . 2006-11-02 09:46 856064 c:\windows\System32\mswdat10.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 856064 c:\windows\System32\mswdat10.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 679936 c:\windows\System32\msvcrt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 406528 c:\windows\System32\msvcp60.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 282624 c:\windows\System32\mstext40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 282624 c:\windows\System32\mstext40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 670720 c:\windows\System32\mssvp.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 203264 c:\windows\System32\mssphtb.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 351744 c:\windows\System32\mssph.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 231424 c:\windows\System32\msshsq.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 643072 c:\windows\System32\msrepl40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 344064 c:\windows\System32\msrd3x40.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 344064 c:\windows\System32\msrd3x40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 319488 c:\windows\System32\msrd2x40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 368640 c:\windows\System32\mspbde40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 241664 c:\windows\System32\msltus40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 290816 c:\windows\System32\msjtes40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 339968 c:\windows\System32\msexcl40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 409600 c:\windows\System32\msexch40.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 560640 c:\windows\System32\msdtcprx.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 332288 c:\windows\System32\msdrm.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 807424 c:\windows\System32\msctf.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 278848 c:\windows\System32\mscoree.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 407552 c:\windows\System32\MPSSVC.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 539136 c:\windows\System32\migwiz\dlmanifests\Microsoft-Windows-MediaPlayer\MediaPlayer-DLMigPlugin.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 539136 c:\windows\System32\migwiz\dlmanifests\Microsoft-Windows-MediaPlayer\MediaPlayer-DLMigPlugin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 454144 c:\windows\System32\migwiz\dlmanifests\Microsoft-Windows-IasServer-MigPlugin\IasMigPlugin.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 539136 c:\windows\System32\migration\MediaPlayer-DLMigPlugin.dll
- 2008-01-21 02:35 . 2008-01-21 02:35 539136 c:\windows\System32\migration\MediaPlayer-DLMigPlugin.dll
+ 2010-01-04 10:40 . 2009-04-11 06:32 438744 c:\windows\System32\mcupdate_GenuineIntel.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 950272 c:\windows\System32\mblctr.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 710144 c:\windows\System32\Magnify.exe
- 2006-11-02 08:39 . 2006-11-02 09:45 710144 c:\windows\System32\Magnify.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 143872 c:\windows\System32\korwbrkr.dll
- 2010-01-03 02:31 . 2008-05-27 05:17 143872 c:\windows\System32\korwbrkr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 891392 c:\windows\System32\kernel32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 396288 c:\windows\System32\ipsmsnap.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 396288 c:\windows\System32\ipsmsnap.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 199168 c:\windows\System32\iphlpsvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 729600 c:\windows\System32\IMJP10K.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 578560 c:\windows\System32\IME\shared\MSCAND20.DLL
- 2008-01-21 02:34 . 2008-01-21 02:34 578560 c:\windows\System32\IME\shared\MSCAND20.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 364032 c:\windows\System32\IME\shared\IMETIP.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 418304 c:\windows\System32\IME\IMETC10\imtcui.DLL
- 2008-01-21 02:33 . 2008-01-21 02:33 418304 c:\windows\System32\IME\IMETC10\imtcui.DLL
- 2008-01-21 02:34 . 2008-01-21 02:34 608768 c:\windows\System32\IME\IMETC10\IMTCTIP.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 608768 c:\windows\System32\IME\IMETC10\IMTCTIP.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 361472 c:\windows\System32\IME\IMETC10\IMTCPROP.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 543744 c:\windows\System32\IME\IMETC10\IMTCCORE.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 170496 c:\windows\System32\IME\IMETC10\IMTCCFG.DLL
- 2008-01-21 02:33 . 2008-01-21 02:33 170496 c:\windows\System32\IME\IMETC10\IMTCCFG.DLL
- 2008-01-21 02:34 . 2008-01-21 02:34 293376 c:\windows\System32\IME\IMETC10\applets\IMTCCAC.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 293376 c:\windows\System32\IME\IMETC10\applets\IMTCCAC.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 368640 c:\windows\System32\IME\IMESC5\imscui.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 368640 c:\windows\System32\IME\IMESC5\imscui.DLL
- 2008-01-21 02:33 . 2008-01-21 02:33 323584 c:\windows\System32\IME\IMESC5\IMSCTIP.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 323584 c:\windows\System32\IME\IMESC5\IMSCTIP.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 653824 c:\windows\System32\IME\IMESC5\ImSCCore.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 124416 c:\windows\System32\IME\IMESC5\ImSCCfg.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 124416 c:\windows\System32\IME\IMESC5\ImSCCfg.DLL
- 2008-01-21 02:34 . 2008-01-21 02:34 131584 c:\windows\System32\IME\IMESC5\applets\PINTLCSA.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 131584 c:\windows\System32\IME\IMESC5\applets\PINTLCSA.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 545792 c:\windows\System32\IME\imekr8\imkrtip.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 545792 c:\windows\System32\IME\imekr8\imkrtip.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 126976 c:\windows\System32\IME\imekr8\applets\imkrskf.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 126976 c:\windows\System32\IME\imekr8\applets\imkrskf.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 285184 c:\windows\System32\IME\imekr8\applets\imkrcac.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 285184 c:\windows\System32\IME\imekr8\applets\imkrcac.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 278016 c:\windows\System32\IME\IMEJP10\imjputyc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 826880 c:\windows\System32\IME\IMEJP10\IMJPTIP.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:27 310784 c:\windows\System32\IME\IMEJP10\IMJPDCT.EXE
- 2008-01-21 02:34 . 2008-01-21 02:34 327680 c:\windows\System32\IME\IMEJP10\IMJPAPI.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 327680 c:\windows\System32\IME\IMEJP10\IMJPAPI.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 343552 c:\windows\System32\IME\IMEJP10\APPLETS\IMJPCAC.DLL
- 2008-01-21 02:34 . 2008-01-21 02:34 343552 c:\windows\System32\IME\IMEJP10\APPLETS\IMJPCAC.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 677376 c:\windows\System32\imapi2fs.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 378368 c:\windows\System32\imapi2.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 438784 c:\windows\System32\IKEEXT.DLL
+ 2010-01-09 21:34 . 2009-01-16 14:51 982196 c:\windows\System32\igkrng500.bin
+ 2010-01-09 20:06 . 2009-01-16 15:11 141848 c:\windows\System32\igfxtray.exe
+ 2010-01-09 20:06 . 2009-01-16 14:16 257536 c:\windows\System32\igfxTMM.dll
+ 2010-01-09 20:06 . 2009-01-16 15:11 252952 c:\windows\System32\igfxsrvc.exe
+ 2010-01-09 21:34 . 2009-01-16 14:15 200192 c:\windows\System32\igfxpph.dll
+ 2010-01-09 20:06 . 2009-01-16 15:10 150552 c:\windows\System32\igfxpers.exe
+ 2010-01-09 21:34 . 2009-01-16 15:10 173080 c:\windows\System32\igfxext.exe
+ 2010-01-09 21:34 . 2009-01-16 14:15 130048 c:\windows\System32\igfxdo.dll
+ 2010-01-09 20:06 . 2009-01-16 14:14 210432 c:\windows\System32\igfxdev.dll
+ 2010-01-09 21:34 . 2009-01-16 15:02 155648 c:\windows\System32\igfxCoIn_v1637.dll
+ 2010-01-09 20:06 . 2008-10-07 13:13 147456 c:\windows\System32\igfxCoIn_v1576.dll
+ 2010-01-09 21:34 . 2009-01-16 15:10 668696 c:\windows\System32\igfxcfg.exe
+ 2010-01-09 20:06 . 2008-10-07 13:03 147172 c:\windows\System32\igfcg550.bin
+ 2010-01-09 21:34 . 2009-01-16 14:52 139824 c:\windows\System32\igfcg500.bin
+ 2010-01-09 21:34 . 2009-01-16 14:48 536576 c:\windows\System32\igdumdx32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:52 417344 c:\windows\System32\igcompkrng500.bin
+ 2010-01-04 10:40 . 2009-02-18 18:38 619864 c:\windows\System32\icardagt.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 119296 c:\windows\System32\iasrecst.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 463872 c:\windows\System32\IasMigReader.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 454144 c:\windows\System32\IasMigPlugin.dll
+ 2010-01-09 20:06 . 2009-01-16 15:10 173592 c:\windows\System32\hkcmd.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 576512 c:\windows\System32\gpsvc.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 950784 c:\windows\System32\gpedit.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 297472 c:\windows\System32\gdi32.dll
+ 2010-01-06 03:32 . 2009-09-25 01:27 793088 c:\windows\System32\FntCache.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 485888 c:\windows\System32\evr.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 485888 c:\windows\System32\evr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 205824 c:\windows\System32\eudcedit.exe
- 2006-11-02 08:48 . 2006-11-02 09:45 205824 c:\windows\System32\eudcedit.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 268800 c:\windows\System32\es.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 428544 c:\windows\System32\EncDec.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 428544 c:\windows\System32\EncDec.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 564224 c:\windows\System32\emdmgmt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 114176 c:\windows\System32\EhStorShell.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 117248 c:\windows\System32\EhStorAuthn.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 120320 c:\windows\System32\EhStorAPI.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 183808 c:\windows\System32\eapphost.dll
+ 2010-01-06 03:32 . 2009-09-25 01:30 481792 c:\windows\System32\dxgi.dll
+ 2010-01-06 03:32 . 2009-09-25 01:33 195584 c:\windows\System32\dxdiagn.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 252928 c:\windows\System32\dxdiag.exe
+ 2010-01-06 03:32 . 2009-09-25 01:32 252928 c:\windows\System32\dxdiag.exe
+ 2010-01-04 10:39 . 2009-04-11 06:27 194048 c:\windows\System32\drvinst.exe
- 2008-01-21 02:35 . 2008-01-21 02:35 978432 c:\windows\System32\drmv2clt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 978432 c:\windows\System32\drmv2clt.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 839168 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdMtpDr.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 226816 c:\windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdMtp.dll
+ 2010-01-06 03:31 . 2009-10-01 01:01 227840 c:\windows\System32\DriverStore\FileRepository\wpdfs.inf_07b511b6\WpdFs.dll
+ 2010-01-09 21:43 . 2009-04-30 10:01 226816 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\usbport.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 196608 c:\windows\System32\DriverStore\FileRepository\usbport.inf_ff2669e5\usbhub.sys
+ 2010-01-04 10:39 . 2009-04-11 04:43 196096 c:\windows\System32\DriverStore\FileRepository\usbport.inf_2c537348\usbhub.sys
+ 2010-01-09 21:43 . 2009-04-30 10:19 226816 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\usbport.sys
+ 2010-01-09 21:43 . 2009-04-30 10:20 196608 c:\windows\System32\DriverStore\FileRepository\usbport.inf_1f52634f\usbhub.sys
+ 2010-01-04 10:39 . 2009-04-11 04:43 196096 c:\windows\System32\DriverStore\FileRepository\usb.inf_e9aaaa78\usbhub.sys
+ 2010-01-09 21:43 . 2009-04-30 10:20 196608 c:\windows\System32\DriverStore\FileRepository\usb.inf_60b37809\usbhub.sys
+ 2010-01-04 10:40 . 2009-04-11 04:43 148992 c:\windows\System32\DriverStore\FileRepository\tdibth.inf_16daba33\rfcomm.sys
+ 2010-01-09 21:34 . 2009-11-07 04:50 420864 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stwrt.sys
+ 2010-01-09 21:34 . 2009-11-07 04:50 495708 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\sttray.exe
+ 2010-01-09 21:34 . 2009-11-07 04:50 405504 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stcplx.dll
+ 2010-01-09 21:34 . 2009-11-07 04:50 918016 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stapo.dll
+ 2010-01-09 21:34 . 2009-11-07 04:50 503808 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stapi32.dll
+ 2010-01-09 21:34 . 2009-11-07 04:50 229458 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stacsv.exe
+ 2010-01-09 21:34 . 2009-11-07 04:50 175616 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\st326255.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 173056 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\sluapo32.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 155648 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\sltshd32.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 139264 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\slh36032.dll
+ 2010-01-09 21:34 . 2008-12-20 11:01 155648 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\slcshp32.dll
+ 2010-01-09 21:34 . 2009-11-07 04:50 536576 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\idtmini1.exe
+ 2010-01-09 21:34 . 2009-05-13 08:25 511488 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\ctapo32.dll
+ 2010-01-09 21:34 . 2009-10-10 05:45 380928 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstEcap.dll
+ 2010-01-09 21:34 . 2009-07-21 00:34 139264 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstAcap.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 779264 c:\windows\System32\DriverStore\FileRepository\ntprint.inf_fceaf475\I386\MXDWDRV.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:32 107496 c:\windows\System32\DriverStore\FileRepository\mpio.inf_f6a6d96f\mpio.sys
+ 2010-01-09 21:34 . 2009-01-16 15:02 155648 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igxpco32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:51 982196 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igkrng500.bin
+ 2010-01-09 21:34 . 2009-01-16 15:11 141848 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxtray.exe
+ 2010-01-09 21:34 . 2009-01-16 14:16 257536 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxTMM.dll
+ 2010-01-09 21:34 . 2009-01-16 15:11 252952 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxsrvc.exe
+ 2010-01-09 21:34 . 2009-01-16 14:15 200192 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxpph.dll
+ 2010-01-09 21:34 . 2009-01-16 15:10 150552 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxpers.exe
+ 2010-01-09 21:34 . 2009-01-16 15:10 173080 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxext.exe
+ 2010-01-09 21:34 . 2009-01-16 14:15 130048 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxdo.dll
+ 2010-01-09 21:34 . 2009-01-16 14:14 210432 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxdev.dll
+ 2010-01-09 21:34 . 2009-01-16 15:10 668696 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxcfg.exe
+ 2010-01-09 21:34 . 2009-01-16 14:52 139824 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfcg500.bin
+ 2010-01-09 21:34 . 2009-01-16 14:48 536576 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igdumdx32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:52 417344 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igcompkrng500.bin
+ 2010-01-09 21:34 . 2009-01-16 15:10 173592 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\hkcmd.exe
+ 2010-01-09 20:06 . 2008-10-07 13:13 147456 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igxpco32.dll
+ 2010-01-09 20:06 . 2008-11-11 16:05 150040 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxtray.exe
+ 2010-01-09 20:06 . 2008-10-07 12:41 258048 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxTMM.dll
+ 2010-01-09 20:06 . 2008-11-11 16:05 256536 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxsrvc.exe
+ 2010-01-09 20:06 . 2008-10-07 12:41 217088 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxpph.dll
+ 2010-01-09 20:06 . 2008-11-11 16:05 154136 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxpers.exe
+ 2010-01-09 20:06 . 2008-11-11 16:05 178712 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxext.exe
+ 2010-01-09 20:06 . 2008-10-07 12:40 135168 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxdo.dll
+ 2010-01-09 20:06 . 2008-10-07 12:40 221184 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxdev.dll
+ 2010-01-09 20:06 . 2008-11-11 16:05 670232 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxcfg.exe
+ 2010-01-09 20:06 . 2008-10-07 13:03 147172 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfcg550.bin
+ 2010-01-09 20:06 . 2008-10-07 13:00 548864 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igdumdx32.dll
+ 2010-01-09 20:06 . 2008-10-07 13:03 445796 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igcompkrng500.bin
+ 2010-01-09 20:06 . 2008-11-11 16:05 178712 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\hkcmd.exe
+ 2010-01-09 20:06 . 2008-10-07 12:40 106496 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\hccutils.dll
+ 2010-01-04 10:39 . 2009-04-11 06:32 180712 c:\windows\System32\DriverStore\FileRepository\iscsi.inf_7cf731e4\msiscsi.sys
+ 2010-01-04 10:40 . 2009-04-11 04:42 561152 c:\windows\System32\DriverStore\FileRepository\hdaudbus.inf_9689af2f\hdaudbus.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 196608 c:\windows\System32\DriverStore\FileRepository\bth.inf_b1fd87b1\fsquirt.exe
+ 2010-01-09 21:45 . 2009-06-17 13:23 507904 c:\windows\System32\DriverStore\FileRepository\bth.inf_b1fd87b1\bthport.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 196608 c:\windows\System32\DriverStore\FileRepository\bth.inf_00899617\fsquirt.exe
+ 2010-01-04 10:40 . 2009-04-11 04:43 507904 c:\windows\System32\DriverStore\FileRepository\bth.inf_00899617\bthport.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 226816 c:\windows\System32\drivers\usbport.sys
+ 2010-01-09 21:43 . 2009-04-30 10:01 196608 c:\windows\System32\drivers\usbhub.sys
+ 2010-01-04 10:40 . 2009-04-11 02:52 684032 c:\windows\System32\drivers\spsys.sys
+ 2010-01-04 10:40 . 2009-04-11 04:14 225280 c:\windows\System32\drivers\rdbss.sys
+ 2010-01-04 10:39 . 2009-04-11 06:32 223208 c:\windows\System32\drivers\netio.sys
+ 2010-01-04 10:39 . 2009-04-11 06:32 180712 c:\windows\System32\drivers\msiscsi.sys
+ 2010-01-04 10:39 . 2009-04-11 04:14 114688 c:\windows\System32\drivers\mrxdav.sys
+ 2010-01-04 10:40 . 2009-04-11 04:42 561152 c:\windows\System32\drivers\hdaudbus.sys
+ 2010-01-06 03:32 . 2009-09-25 01:27 634880 c:\windows\System32\drivers\dxgkrnl.sys
+ 2010-01-04 10:39 . 2009-04-11 06:28 378368 c:\windows\System32\devmgr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 478208 c:\windows\System32\DevicePairing.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 519680 c:\windows\System32\d3d11.dll
+ 2010-01-06 03:32 . 2009-09-25 01:33 829440 c:\windows\System32\d3d10warp.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 486912 c:\windows\System32\d3d10level9.dll
+ 2010-01-06 03:32 . 2009-09-25 01:30 190464 c:\windows\System32\d3d10core.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 218112 c:\windows\System32\d3d10_1core.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 161280 c:\windows\System32\d3d10_1.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 828928 c:\windows\System32\d2d1.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 978944 c:\windows\System32\crypt32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 450560 c:\windows\System32\comdlg32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:33 614376 c:\windows\System32\ci.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 323584 c:\windows\System32\certcli.dll
+ 2010-01-04 10:39 . 2009-04-11 06:33 926184 c:\windows\System32\Boot\winresume.exe
+ 2010-01-04 10:40 . 2009-04-11 06:33 986600 c:\windows\System32\Boot\winload.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 334848 c:\windows\System32\BFE.DLL
+ 2010-01-09 20:06 . 2008-11-17 12:29 311296 c:\windows\System32\bcmwlu00.exe
+ 2010-01-09 20:06 . 2008-11-17 12:29 153088 c:\windows\System32\bcmwlapi.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 315392 c:\windows\System32\audiosrv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 800768 c:\windows\System32\advapi32.dll
+ 2010-01-04 10:39 . 2009-04-11 04:12 617984 c:\windows\System32\adtschema.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 199168 c:\windows\System32\adsldpc.dll
+ 2010-01-12 00:42 . 2010-01-12 00:42 245760 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-01-12 18:58 . 2010-01-12 18:58 125008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-01-10 05:11 . 2010-01-10 05:11 202788 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-01-03 02:06 . 2008-06-20 01:14 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 129912 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-01-04 10:39 . 2009-02-18 18:38 150360 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-01-04 10:39 . 2009-02-18 18:38 129880 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 179048 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 154472 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
- 2010-01-03 02:06 . 2008-06-20 01:14 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 879448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 166752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2010-01-04 10:40 . 2009-03-30 04:42 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2010-01-03 01:25 . 2008-10-13 22:26 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2010-01-06 03:29 . 2009-09-04 06:59 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 115536 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 140096 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 227648 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 110912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 304976 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 989000 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 389120 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 227640 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2010-01-04 10:40 . 2009-03-30 04:42 572248 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 242688 c:\windows\Installer\f1afe5.msi
+ 2010-01-12 00:52 . 2010-01-12 00:52 424960 c:\windows\Installer\f1afdf.msi
+ 2010-01-09 20:09 . 2010-01-09 20:09 369664 c:\windows\Installer\4be18c4.msi
+ 2010-01-09 20:09 . 2010-01-09 20:09 370176 c:\windows\Installer\4be18be.msi
+ 2010-01-09 20:09 . 2010-01-09 20:09 371200 c:\windows\Installer\4be18b8.msi
+ 2010-01-09 20:08 . 2010-01-09 20:08 228352 c:\windows\Installer\4be18b2.msi
+ 2010-01-05 23:43 . 2010-01-05 23:43 169472 c:\windows\Installer\22d29af.msi
+ 2010-01-12 00:54 . 2010-01-12 00:54 300328 c:\windows\Installer\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}\ARPPRODUCTICON.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}\NeroExpress.exe_81A8FD91A6494AD5B4998149EAAC7E7C.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}\ARPPRODUCTICON.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}\NeroRescueAgent.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}\ARPPRODUCTICON.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{397516AE-7DFE-4F90-84E0-BD616D559434}\ARPPRODUCTICON.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{0420F95C-11FF-4E02-B967-6CC22B188F9F}\ScDesktopBackItUp._AB9F1F47710540918A47B78D2BED5DAD.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{0420F95C-11FF-4E02-B967-6CC22B188F9F}\ScBackItUp.Exe_6DE631547FD24BC5962A4E5F07A1BE20.exe
+ 2010-01-12 00:55 . 2010-01-12 00:55 587048 c:\windows\Installer\{0420F95C-11FF-4E02-B967-6CC22B188F9F}\ARPPRODUCTICON.exe
+ 2010-01-04 10:39 . 2009-04-11 06:32 405992 c:\windows\Boot\PCAT\memtest.exe
+ 2010-01-04 21:15 . 2010-01-04 21:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\887460ada9d601c2c9a6e0d1dc601465\WsatConfig.ni.exe
+ 2010-01-04 21:16 . 2010-01-04 21:16 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\70bc990f0f7a58c35d79382448630097\WindowsFormsIntegration.ni.dll
+ 2010-01-04 21:11 . 2010-01-04 21:11 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3a698ac61604e1572a84fe4e7d6fd966\UIAutomationTypes.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c65be2ec062c00505e101220d0c2eb7\UIAutomationClient.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\be9b52aafecc9c1b08db718a58eafbfb\TaskScheduler.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c73cc61bf1648a39c7bc355876568763\System.Xml.Linq.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\89ba2b31c9ce5273d2f5a36a53b8b58b\System.Web.Routing.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\7077a03939b7318d55d5210981f27a2d\System.Web.RegularExpressions.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d495c6a4cb8b743c71b9791010917141\System.Web.Extensions.Design.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\f5d75109d1d6816707f8dba8fd33e1c5\System.Web.Entity.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\6270fd4baca2b5bf7937b98653bac4ac\System.Web.Entity.Design.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\174ec89978615d60e3f33cb3bdbce451\System.Web.DynamicData.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\665bd3596598dec5ab8219bdce0f0bd0\System.Web.Abstractions.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5cbea3b1a1d74123219b69306b8c8af2\System.Transactions.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\35f20a6b69d5c7033b4b1873456e5074\System.ServiceProcess.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\aba334ce1f18c6e0e386972872c56b01\System.Security.ni.dll
+ 2010-01-04 21:11 . 2010-01-04 21:11 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e2c7aa4752b968c96989bbfba59f5183\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\9ac51e5cd82beb4ca955b93a71aec4cd\System.Net.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\0ea1e0e08dbc3640a3633c93d16a3ab5\System.Messaging.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a3a76226460de2153a62bdbfed9228b9\System.Management.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\c2e457de2c979da979465169a93cb30b\System.Management.Instrumentation.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a7873337b8c858861d0108197a3d37f5\System.IO.Log.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\6bf4a0b75632068b6a502b5e8a0d3f8d\System.IdentityModel.Selectors.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.Wrapper.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\058b8dc1b71c008e1273d08e32b07ace\System.Drawing.Design.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\feabddf5426e1f1715ac6c013ce784cc\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c57ed7ebb3d17c24907a0782451b7cd6\System.DirectoryServices.Protocols.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2f7becf8b4e0ccbf8ffd212927b70a82\System.Data.Services.Client.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1ec816c4ea2815668ad7705cd4066f45\System.Data.Services.Design.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\bababadbbc162adc9bfb7b9809d36cb4\System.Data.Entity.Design.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ab950a36b4a28e15db331f47ebfc96c7\System.Data.DataSetExtensions.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f50be83adfef6acfd3e02d7a24391d8c\System.Configuration.Install.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3c47f263c85451be6746ccbc666b44a5\System.AddIn.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\138f252c39cdaa2e4997ec18a4c3ccc1\sysglobl.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\731636905a88412a09aa1b34c93ef9e9\SMSvcHost.ni.exe
+ 2010-01-04 21:14 . 2010-01-04 21:14 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\0ff31ba4e5bd7fc222d882b7231e8b85\SMDiagnostics.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\8bfa3a729396b55d7265e2abb15fde0a\ServiceModelReg.ni.exe
+ 2010-01-06 03:34 . 2010-01-06 03:34 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a409c40a6067264d0592415fcfc266d\PresentationFramework.Luna.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\61019556ac408cc39cc478101b0d3cb4\PresentationFramework.Aero.ni.dll
+ 2010-01-06 03:34 . 2010-01-06 03:34 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\54e0042aba64d42f476234184b1b8f77\PresentationFramework.Classic.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4f2d2ab098b61f2d9593eee9f0db4c36\PresentationFramework.Classic.ni.dll
+ 2010-01-06 03:34 . 2010-01-06 03:34 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3ae3d45b608b6e0fcb51d3a903563621\PresentationFramework.Royale.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2f6201bea0cfd6c7ee372e349255115d\PresentationFramework.Luna.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f9a62c4ca2bca5ab724d74903fa71aa\PresentationFramework.Royale.ni.dll
+ 2010-01-06 03:34 . 2010-01-06 03:34 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0fa8eb806fadfff925850522a53c3c18\PresentationFramework.Aero.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\7c282584af5527180512f26675b59144\napsnap.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\c1e82286d1578d4019cfda522ef7c6bb\napinit.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 115712 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\2105b5cc9efae3165c5f4662907c8e1c\naphlpr.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\80cb6fed1eebfeaef56f1892d08454b8\MSBuild.ni.exe
+ 2010-01-04 21:14 . 2010-01-04 21:14 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\e1e2dd0aa186b923360746f7797a0922\MMCFxCommon.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\69c2d5e3f487a461d7645c0f5797d6a4\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\4b45c2b645791b44078b675e67a023c2\Microsoft.ManagementConsole.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\68cb8490d54c7151003aa53b87e6589a\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\16a7c71d0e71d53733f8bc291bac430e\Microsoft.Build.Utilities.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8213b21ca9ff6c1e036b2d8976cd98b7\Microsoft.Build.Engine.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d241bc85712234b0cc5c16629b6ae6c1\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\f5613b7fe566cd83e8bb050919b35faf\EventViewer.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\df82585a40edb6fe010b3a3512daf491\CustomMarshalers.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\63990cc28cb95a5230b77d8a83850a0d\ComSvcConfig.ni.exe
+ 2010-01-04 21:15 . 2010-01-04 21:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\71f79621897558b1e06a7c4f26b12b71\AspNetMMCExt.ni.dll
+ 2010-01-04 10:39 . 2009-02-18 18:38 150360 c:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe
+ 2010-01-04 10:39 . 2009-02-18 18:39 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2010-01-03 02:07 . 2008-06-20 01:14 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2010-01-03 02:07 . 2008-06-20 01:14 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
- 2010-01-03 02:07 . 2008-06-20 01:14 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2010-01-03 02:07 . 2008-06-20 01:14 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-01-04 10:39 . 2009-02-18 18:38 129880 c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2010-01-04 10:40 . 2009-02-18 18:38 154472 c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-01-04 10:39 . 2009-02-18 18:39 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2010-01-04 10:39 . 2009-04-11 06:31 417792 c:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 417792 c:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-01-04 10:39 . 2009-03-30 04:42 389120 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 166752 c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2010-01-04 10:40 . 2009-02-18 18:39 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-01-03 01:25 . 2008-10-13 22:26 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 167936 c:\windows\assembly\GAC\Microsoft.VisualStudio.Shell.Interop.8.0\8.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.shell.interop.8.0.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 176128 c:\windows\assembly\GAC\Microsoft.VisualStudio.Debugger.Interop\8.0.1.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Debugger.Interop.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 135168 c:\windows\assembly\GAC\EnvDTE80\8.0.0.0__b03f5f7f11d50a3a\envdte80.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 110592 c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1630208 c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6002.18005_none_8dcf92850b377416\System.Workflow.ComponentModel.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1138688 c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6002.18005_none_34516bee752078a5\System.Workflow.Activities.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1245184 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.18005_none_595885f044e7eacb\WindowsBase.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 5283840 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.18005_none_7071d512531832f5\PresentationFramework.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1576960 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\tquery.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1480704 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\mssrch.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 5931008 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6002.18005_none_14d43cbeebc619fa\System.ServiceModel.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5242880 c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6002.18005_none_f703314f16d55e23\System.Web.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 2933760 c:\windows\winsxs\x86_system.data_b77a5c561934e089_6.0.6002.18005_none_9471e5afb481f4d5\System.Data.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1737064 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18005_none_ae1c8b4b8d1614c8\wpfgfx_v0300.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 4214784 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18005_none_ae1c8b4b8d1614c8\PresentationCore.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 1169736 c:\windows\winsxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.0.6002.18005_none_3fca9527a692e5a2\vbc.exe
+ 2010-01-06 03:29 . 2009-09-04 06:59 5818704 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6002.22219_none_1b6bd7d648db5136\mscorwks.dll
+ 2010-01-06 03:29 . 2009-09-04 06:59 5812544 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6002.18107_none_3238abdc2f34a497\mscorwks.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5812544 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6002.18005_none_3238d9902f347104\mscorwks.dll
+ 2010-01-04 17:34 . 2009-08-14 10:46 5818704 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6001.22474_none_1b96540e488455ce\mscorwks.dll
+ 2010-01-04 17:34 . 2009-08-14 10:46 5812560 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6001.18292_none_326629162edaf4e3\mscorwks.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 1160000 c:\windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.0.6002.18005_none_2948a78dd2343939\cscomp.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 1340752 c:\windows\winsxs\x86_netfx-_vsavb7rt_b03f5f7f11d50a3a_6.0.6002.18005_none_7eebb955b924e3a2\VsaVb7rt.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 4550656 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6002.22219_none_b0c508e8db53ecb1\mscorlib.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 4550656 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6002.18107_none_c791dceec1ad4012\mscorlib.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 4550656 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6002.18005_none_c7920aa2c1ad0c7f\mscorlib.dll
+ 2010-01-04 17:34 . 2009-08-14 10:45 4550656 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6001.22474_none_b0ef8520dafcf149\mscorlib.dll
+ 2010-01-04 17:34 . 2009-08-14 10:45 4546560 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6001.18292_none_c7bf5a28c153905e\mscorlib.dll
+ 2010-01-04 10:40 . 2009-04-11 06:21 1837568 c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.6002.18005_none_8da2227b631d87ae\GdiPlus.dll
+ 2010-01-04 10:40 . 2009-04-11 06:21 1748992 c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll
+ 2010-01-04 10:40 . 2009-04-11 06:21 1686016 c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 3783672 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90u.dll
+ 2010-01-09 20:08 . 2010-01-09 20:08 3768312 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 1093120 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80u.dll
+ 2010-01-09 20:07 . 2010-01-09 20:07 1101824 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80.dll
+ 2010-01-12 00:52 . 2010-01-12 00:52 1093120 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
+ 2010-01-12 00:52 . 2010-01-12 00:52 1105920 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1112064 c:\windows\winsxs\x86_microsoft-windows-x..rtificateenrollment_31bf3856ad364e35_6.0.6002.18005_none_f5822ffe8bc8ab63\CertEnroll.dll
+ 2010-01-06 03:31 . 2009-10-01 01:02 2537472 c:\windows\winsxs\x86_microsoft-windows-wpd-shellextension_31bf3856ad364e35_6.0.6002.18112_none_130696d2c3f64ac4\wpdshext.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1382912 c:\windows\winsxs\x86_microsoft-windows-wmvsdecd_31bf3856ad364e35_6.0.6002.18005_none_6864f3a9a1ecf5f1\WMVSDECD.DLL
+ 2010-01-04 10:40 . 2009-04-11 04:24 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_badef2c697a8950c\win32k.sys
+ 2010-01-04 10:40 . 2009-04-11 06:28 3217408 c:\windows\winsxs\x86_microsoft-windows-w..ystemassessmenttool_31bf3856ad364e35_6.0.6002.18005_none_7d8070e4b47bc446\WinSAT.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1362944 c:\windows\winsxs\x86_microsoft-windows-w..ovider-cimwin32-dll_31bf3856ad364e35_6.0.6002.18005_none_d1966a3d033196d1\cimwin32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1533440 c:\windows\winsxs\x86_microsoft-windows-w..ig-registrar-wizard_31bf3856ad364e35_6.0.6002.18005_none_3f1e3108fc83e9d7\wcnwiz.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1055232 c:\windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_5cb8478314f93f13\VSSVC.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1077248 c:\windows\winsxs\x86_microsoft-windows-vssapi_31bf3856ad364e35_6.0.6002.18005_none_d6d2575c7ee3769a\vssapi.dll
+ 2010-01-06 03:32 . 2009-09-10 02:00 1164800 c:\windows\winsxs\x86_microsoft-windows-uiribbon_31bf3856ad364e35_7.0.6002.18108_none_663bd42f9b3acad1\UIRibbonRes.dll
+ 2010-01-06 03:32 . 2009-09-10 02:01 3023360 c:\windows\winsxs\x86_microsoft-windows-uiribbon_31bf3856ad364e35_7.0.6002.18108_none_663bd42f9b3acad1\UIRibbon.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2066432 c:\windows\winsxs\x86_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.0.6002.18005_none_31d980c8c2ca01c9\mstscax.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1404928 c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18005_none_cc7c00e534312d1f\InkObj.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1068032 c:\windows\winsxs\x86_microsoft-windows-shdocvw_31bf3856ad364e35_6.0.6002.18005_none_e96066910907f91c\shdocvw.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1591296 c:\windows\winsxs\x86_microsoft-windows-setupapi_31bf3856ad364e35_6.0.6002.18005_none_36e0d2bcc35fa5a1\setupapi.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1469952 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\winsetup.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 3408896 c:\windows\winsxs\x86_microsoft-windows-security-licensing-slc_31bf3856ad364e35_6.0.6002.18005_none_5062f685f6a7c614\SLsvc.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 1081856 c:\windows\winsxs\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6002.18005_none_0816f786fb93afde\PurblePlace.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1081344 c:\windows\winsxs\x86_microsoft-windows-s..nsing-slc-clientext_31bf3856ad364e35_6.0.6002.18005_none_92363e2826b7b08d\SLCExt.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2323968 c:\windows\winsxs\x86_microsoft-windows-photoviewer_31bf3856ad364e35_6.0.6002.18005_none_de2a0448ccda047c\PhotoViewer.dll
+ 2010-01-04 10:40 . 2009-04-11 06:32 3549672 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
+ 2010-01-04 10:40 . 2009-04-11 06:32 3601896 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe
+ 2010-01-04 10:40 . 2009-03-14 00:44 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18005_none_f4739330689c1e73\OESpamFilter.dat
+ 2010-01-04 10:40 . 2009-04-11 06:32 1083880 c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
+ 2010-01-04 10:40 . 2009-04-11 06:27 1202168 c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18005_none_5ac2574df94f7762\ntdll.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 3174400 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\netshell.dll
+ 2010-01-04 10:40 . 2009-04-11 05:03 2644480 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0009.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1336320 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18005_none_8a59754e93f83a6b\msxml6.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1183232 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18005_none_8a59b9a693f7ed88\msxml3.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 7463936 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\migcore.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1160704 c:\windows\winsxs\x86_microsoft-windows-mfc42x_31bf3856ad364e35_6.0.6002.18005_none_f500474d52b08466\mfc42u.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1135104 c:\windows\winsxs\x86_microsoft-windows-mfc42x_31bf3856ad364e35_6.0.6002.18005_none_f500474d52b08466\mfc42.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2386944 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.18005_none_091dfcd9d2f94c8b\WMVCORE.DLL
+ 2010-01-04 10:40 . 2009-04-11 06:28 2868224 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18005_none_9e4aa84809e375cf\mf.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 2167808 c:\windows\winsxs\x86_microsoft-windows-m..console-nodemanager_31bf3856ad364e35_6.0.6002.18005_none_821b36631e2a1d6c\mmcndmgr.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 1792512 c:\windows\winsxs\x86_microsoft-windows-m..-management-console_31bf3856ad364e35_6.0.6002.18005_none_115ec41c72c40a06\mmc.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1589248 c:\windows\winsxs\x86_microsoft-windows-m..-components-jetcore_31bf3856ad364e35_6.0.6002.18005_none_067a34a7a4d4c786\msjet40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1257984 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsasrv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2241536 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6002.18005_none_0565f737b0a68a4d\msi.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1856512 c:\windows\winsxs\x86_microsoft-windows-imageanalysis_31bf3856ad364e35_6.0.6002.18005_none_4a4790c62744fde7\dbgeng.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 6079488 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6002.18005_none_668de5abab40d495\ieframe.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 3596288 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.18005_none_b6ce90e7d3ebb69f\urlmon.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1730560 c:\windows\winsxs\x86_microsoft-windows-help-datalayer_31bf3856ad364e35_6.0.6002.18005_none_c6a620ca1b78b485\apds.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2134528 c:\windows\winsxs\x86_microsoft-windows-f..tiondiscoveryfolder_31bf3856ad364e35_6.1.6002.18005_none_3b1f3c1ec2500723\FunctionDiscoveryFolder.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 2926592 c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1017856 c:\windows\winsxs\x86_microsoft-windows-eventlog_31bf3856ad364e35_6.0.6002.18005_none_deafd5260ffafad0\wevtsvc.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1143296 c:\windows\winsxs\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6002.18005_none_57f8aa83200752e7\wercon.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1459200 c:\windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.0.6002.18005_none_f3cfbfed292d8a55\esent.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1788416 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 1030144 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10_31bf3856ad364e35_7.0.6002.18107_none_e3165d6a55b2a1b1\d3d10.dll
+ 2010-01-06 03:32 . 2009-09-25 01:27 1064448 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_7.0.6002.18107_none_c5fb66ed8775b3a4\DWrite.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1314816 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6002.18005_none_a85bb0eceb07f6d8\quartz.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 2092544 c:\windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6002.18005_none_b86505b69725e0c7\dfsr.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 2012160 c:\windows\winsxs\x86_microsoft-windows-d..opwindowmanager-api_31bf3856ad364e35_6.0.6002.18005_none_e1fa5d993d1f2640\milcore.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1053696 c:\windows\winsxs\x86_microsoft-windows-com-dtc-runtime-tm_31bf3856ad364e35_6.0.6002.18005_none_9b84072e17e1adce\msdtctm.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1316864 c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
+ 2010-01-06 03:32 . 2009-09-25 01:49 1554432 c:\windows\winsxs\x86_microsoft-windows-c..t-xpsomandstreaming_31bf3856ad364e35_7.0.6002.18107_none_a27672456d27e8b6\xpsservices.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1078784 c:\windows\winsxs\x86_microsoft-windows-c..rformance-xperfcore_31bf3856ad364e35_6.0.6002.18005_none_d8fceca06bba3391\diagperf.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1209856 c:\windows\winsxs\x86_microsoft-windows-c..fe-catsrvut-comsvcs_31bf3856ad364e35_6.0.6002.18005_none_74adde399cffc649\comsvcs.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1381376 c:\windows\winsxs\x86_microsoft-windows-c..ent-indexing-common_31bf3856ad364e35_6.0.6002.18005_none_089f86d6d4321d42\Query.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1324032 c:\windows\winsxs\x86_microsoft-windows-browseui_31bf3856ad364e35_6.0.6002.18005_none_32ce5abee3779868\browseui.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1985024 c:\windows\winsxs\x86_microsoft-windows-authentication-authui_31bf3856ad364e35_6.0.6002.18005_none_0ddef622f289ad43\authui.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2160128 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6002.18005_none_0e0fb1c9ef6c69c7\AcGenral.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1555456 c:\windows\winsxs\x86_microsoft-windows-a..e-upgrade-homebasic_31bf3856ad364e35_6.0.6002.18005_none_5ac948af103307aa\WindowsAnytimeUpgradeCPL.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1245184 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.18005_none_990a637f2cc56302\WindowsBase.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 3149824 c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6002.18005_none_da6b514d5c49c6bc\System.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 2048000 c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6002.18005_none_817bab7349a47d09\System.XML.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1630208 c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6002.18005_none_ea63e555cd89906e\System.Workflow.ComponentModel.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1138688 c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6002.18005_none_2a8d0893508c855f\System.Workflow.Activities.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5025792 c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.18005_none_30c75e2643dc18b4\System.Windows.Forms.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 5931008 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6002.18005_none_a4c5d52e8af71342\System.ServiceModel.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 5931008 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6002.18005_none_6c41576213059a49\System.ServiceModel.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5062656 c:\windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.0.6002.18005_none_b525864303710290\System.Design.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 5283840 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.18005_none_78a30f10f11e86c4\PresentationFramework.dll
+ 2010-01-04 10:40 . 2009-04-11 06:31 3375104 c:\windows\winsxs\msil_miguicontrols_31bf3856ad364e35_6.0.6002.18005_none_b034519a39bcde59\MIGUIControls.dll
+ 2010-01-06 03:32 . 2009-09-25 01:49 1554432 c:\windows\System32\xpsservices.dll
- 2008-01-21 02:35 . 2008-01-21 02:35 1382912 c:\windows\System32\WMVSDECD.DLL
+ 2010-01-04 10:39 . 2009-04-11 06:28 1382912 c:\windows\System32\WMVSDECD.DLL
+ 2010-01-09 20:06 . 2008-11-17 12:29 3810304 c:\windows\System32\WLTRAY.EXE
+ 2010-01-04 10:40 . 2009-04-11 06:28 3217408 c:\windows\System32\WinSAT.exe
- 2008-01-21 02:32 . 2008-01-21 02:32 1555456 c:\windows\System32\WindowsAnytimeUpgradeCPL.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1555456 c:\windows\System32\WindowsAnytimeUpgradeCPL.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1017856 c:\windows\System32\wevtsvc.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 1143296 c:\windows\System32\wercon.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 1143296 c:\windows\System32\wercon.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 1533440 c:\windows\System32\wcnwiz.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1362944 c:\windows\System32\wbem\cimwin32.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1055232 c:\windows\System32\VSSVC.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1077248 c:\windows\System32\vssapi.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 4216840 c:\windows\System32\vs08\vcredist_x86.exe
+ 2010-01-09 20:06 . 2008-11-17 12:29 2682880 c:\windows\System32\vcredist_x86.exe
+ 2010-01-06 03:32 . 2009-09-10 02:00 1164800 c:\windows\System32\UIRibbonRes.dll
+ 2010-01-06 03:32 . 2009-09-10 02:01 3023360 c:\windows\System32\UIRibbon.dll
+ 2010-01-09 21:34 . 2009-01-16 15:11 8198680 c:\windows\System32\TVWSetup.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1576960 c:\windows\System32\tquery.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 3408896 c:\windows\System32\SLsvc.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 1081344 c:\windows\System32\SLCExt.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1068032 c:\windows\System32\shdocvw.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1591296 c:\windows\System32\setupapi.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 1381376 c:\windows\System32\Query.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1381376 c:\windows\System32\Query.dll
- 2010-01-02 23:37 . 2008-04-26 08:08 1314816 c:\windows\System32\quartz.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1314816 c:\windows\System32\quartz.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1469952 c:\windows\System32\oobe\winsetup.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1316864 c:\windows\System32\ole32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 1202168 c:\windows\System32\ntdll.dll
+ 2010-01-04 10:40 . 2009-04-11 05:03 2644480 c:\windows\System32\NlsLexicons0009.dll
- 2010-01-03 01:37 . 2008-06-26 01:45 2644480 c:\windows\System32\NlsLexicons0009.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 3174400 c:\windows\System32\netshell.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1480704 c:\windows\System32\mssrch.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 1589248 c:\windows\System32\msjet40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1589248 c:\windows\System32\msjet40.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2241536 c:\windows\System32\msi.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1053696 c:\windows\System32\msdtctm.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 2167808 c:\windows\System32\mmcndmgr.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 2167808 c:\windows\System32\mmcndmgr.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 1792512 c:\windows\System32\mmc.exe
+ 2010-01-04 10:40 . 2009-04-11 06:27 1792512 c:\windows\System32\mmc.exe
+ 2010-01-04 10:40 . 2009-04-11 06:28 2012160 c:\windows\System32\milcore.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 7463936 c:\windows\System32\migwiz\migcore.dll
+ 2010-01-12 00:30 . 2008-05-23 19:06 1047552 c:\windows\System32\MFC71u.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 1160704 c:\windows\System32\mfc42u.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 1160704 c:\windows\System32\mfc42u.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 1135104 c:\windows\System32\mfc42.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1135104 c:\windows\System32\mfc42.dll
+ 2010-01-09 20:06 . 2009-01-16 14:14 5702656 c:\windows\System32\igfxress.dll
+ 2010-01-09 21:34 . 2009-01-16 14:53 3821568 c:\windows\System32\igdumd32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:41 2576384 c:\windows\System32\igd10umd32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:28 4112384 c:\windows\System32\ig4icd32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:29 2674688 c:\windows\System32\ig4dev32.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 2134528 c:\windows\System32\FunctionDiscoveryFolder.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1459200 c:\windows\System32\esent.dll
+ 2010-01-06 03:32 . 2009-09-25 01:27 1064448 c:\windows\System32\DWrite.dll
+ 2010-01-09 21:34 . 2009-11-07 04:50 3313664 c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\stlang.dll
+ 2010-01-09 21:39 . 2009-02-04 03:39 6815264 c:\windows\System32\DriverStore\FileRepository\rtusbstor.inf_11fdc645\DriveIcon.dll
+ 2010-01-09 21:34 . 2009-01-16 15:11 8198680 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\TVWSetup.exe
+ 2010-01-09 21:34 . 2009-01-16 14:14 5702656 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igfxress.dll
+ 2010-01-09 21:34 . 2009-01-16 14:53 3821568 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igdumd32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:53 4568064 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igdkmd32.sys
+ 2010-01-09 21:34 . 2009-01-16 14:41 2576384 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\igd10umd32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:28 4112384 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\ig4icd32.dll
+ 2010-01-09 21:34 . 2009-01-16 14:29 2674688 c:\windows\System32\DriverStore\FileRepository\kit17303.inf_d4596927\ig4dev32.dll
+ 2010-01-09 20:06 . 2008-10-07 13:03 2026604 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igkrng500.bin
+ 2010-01-09 20:06 . 2008-10-07 12:40 5672960 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igfxress.dll
+ 2010-01-09 20:06 . 2008-10-07 13:04 3411968 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igdumd32.dll
+ 2010-01-09 20:06 . 2008-10-07 13:04 2473472 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igdkmd32.sys
+ 2010-01-09 20:06 . 2008-10-07 12:57 2256896 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\igd10umd32.dll
+ 2010-01-09 20:06 . 2008-10-07 12:51 3870720 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\ig4icd32.dll
+ 2010-01-09 20:06 . 2008-10-07 12:51 2359296 c:\windows\System32\DriverStore\FileRepository\kit15860.inf_394a9acc\ig4dev32.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 1331192 c:\windows\System32\DriverStore\FileRepository\bcmwl6.inf_8f8d8063\BCMWL6.SYS
+ 2010-01-09 20:06 . 2008-11-17 12:29 3850240 c:\windows\System32\DriverStore\FileRepository\bcmwl6.inf_8f8d8063\bcmihvui.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 4157440 c:\windows\System32\DriverStore\FileRepository\bcmwl6.inf_8f8d8063\bcmihvsrv.dll
+ 2010-01-04 10:40 . 2009-04-11 06:32 1083880 c:\windows\System32\drivers\ntfs.sys
+ 2010-01-09 21:34 . 2009-01-16 14:53 4568064 c:\windows\System32\drivers\igdkmd32.sys
+ 2010-01-09 20:06 . 2008-11-17 12:29 1331192 c:\windows\System32\drivers\BCMWL6.SYS
+ 2010-01-04 10:40 . 2009-04-11 06:28 1078784 c:\windows\System32\diagperf.dll
+ 2010-01-04 10:40 . 2009-04-11 06:27 2092544 c:\windows\System32\dfsr.exe
+ 2010-01-04 10:39 . 2009-04-11 06:28 1856512 c:\windows\System32\dbgeng.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1788416 c:\windows\System32\d3d9.dll
+ 2010-01-06 03:32 . 2009-09-25 01:31 1030144 c:\windows\System32\d3d10.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1209856 c:\windows\System32\comsvcs.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1112064 c:\windows\System32\CertEnroll.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1324032 c:\windows\System32\browseui.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 1324032 c:\windows\System32\browseui.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 2809856 c:\windows\System32\BCMWLTRY.EXE
+ 2010-01-09 20:06 . 2008-11-17 12:29 4485120 c:\windows\System32\bcmttls.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 1044992 c:\windows\System32\BCMLogon.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 3850240 c:\windows\System32\bcmihvui.dll
+ 2010-01-09 20:06 . 2008-11-17 12:29 4157440 c:\windows\System32\bcmihvsrv.dll
- 2008-01-21 02:34 . 2008-01-21 02:34 1985024 c:\windows\System32\authui.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1985024 c:\windows\System32\authui.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 1730560 c:\windows\System32\apds.dll
- 2008-01-21 02:33 . 2008-01-21 02:33 1730560 c:\windows\System32\apds.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1737064 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2010-01-03 01:26 . 2008-11-24 23:34 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 1340752 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 1169736 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2010-01-03 01:26 . 2008-10-13 22:26 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2010-01-03 01:26 . 2008-10-13 22:26 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 2933760 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2010-01-06 03:29 . 2009-09-04 06:59 5812544 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 1160000 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2010-01-12 00:55 . 2010-01-12 00:55 1968640 c:\windows\Installer\f1b009.msi
+ 2010-01-12 00:55 . 2010-01-12 00:55 2647552 c:\windows\Installer\f1b001.msi
+ 2010-01-12 00:55 . 2010-01-12 00:55 1373696 c:\windows\Installer\f1aff9.msi
+ 2010-01-12 00:55 . 2010-01-12 00:55 6188032 c:\windows\Installer\f1aff1.msi
+ 2010-01-09 19:24 . 2010-01-09 19:24 8691712 c:\windows\Installer\496e26e.msi
+ 2010-01-04 10:40 . 2009-04-11 06:27 2926592 c:\windows\explorer.exe
+ 2010-01-06 03:32 . 2010-01-06 03:32 3314176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c681da7e1c7b648cb456f2d90e7c50fe\WindowsBase.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 3314176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\93391bd2f02e492718c69bef3abc5a64\WindowsBase.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\ae08e8478c272fb17b2e547658a8fde5\UIAutomationClientsideProviders.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
+ 2010-01-06 03:31 . 2010-01-06 03:32 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\13cce38e8de5fd54853390e4e98abd0e\System.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b9c695758c43fa8640afaf9beec74f91\System.WorkflowServices.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 1911296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\517e0469710cc72c0586efba2a9d110f\System.Workflow.Runtime.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\972730fbda456df4c8d87ff150e2c36c\System.Workflow.ComponentModel.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6da6eeecf20f9359a911325fd7a18ce9\System.Workflow.Activities.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\162f9b45ceca6f7f6fa1fa41b3b2084a\System.Web.Services.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4c2a3d84c2c1ab539588d92b18a37f52\System.Web.Mobile.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\afe0124dd670d0b61a1b55c5dbd93333\System.Web.Extensions.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\fcd942c9b402129a7bb63e33d4d6bc7b\System.Speech.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\3006c4862c299479cd4395aab0269a7f\System.ServiceModel.Web.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 2346496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8956038e00dfe9da1a536959bbb607d4\System.Runtime.Serialization.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\db736b01f975bc856d824157d33d2881\System.Printing.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\98f1d0fed2373728306a45326e4c83f0\System.IdentityModel.ni.dll
+ 2010-01-04 21:11 . 2010-01-04 21:11 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9c09800674074a10d799efde7c2788ba\System.DirectoryServices.ni.dll
+ 2010-01-04 21:11 . 2010-01-04 21:11 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\549cfe37d8134be255178486f8078c5e\System.Deployment.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 6621696 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\550e7b31f1821d964f21f0a854e3f195\System.Data.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\957e2c5ff59a33030b5c9ffc9c5b6ee9\System.Data.SqlXml.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\779ba4946bd8c974895102253eb8c7bd\System.Data.Services.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 1119232 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\10e612c97e300a16246395b0d68723cf\System.Data.OracleClient.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2691e9103e50954a788f4ef5f53cb49e\System.Data.Linq.ni.dll
+ 2010-01-04 21:16 . 2010-01-04 21:16 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\0278c9665871d77276c468a10df64272\System.Data.Entity.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\1587d0b80517d46def2b0757d5a775dd\System.Core.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\cf35a30b950ad812920b038b04944bf6\ReachFramework.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7aa79d0fbc4f7c7e54c051a2a2b7a7b1\PresentationUI.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\3fa2d8cc13c3e37b189b5661ec1984bd\PresentationBuildTasks.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\1e5892dfb824f1e57680e93eb9469c06\Narrator.ni.exe
+ 2010-01-04 21:15 . 2010-01-04 21:15 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\270e47e44bfb30de570c000740b6209d\MMCEx.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\1fad431ffa60d2613385a4b541951bcc\MIGUIControls.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\e13c52c87b2fa9db839dfac3012dadd5\Microsoft.VisualBasic.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\833095a3b841a331bce23daa9d2149a2\Microsoft.Transactions.Bridge.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e4db8684bd2a60f57e4db8f200635498\Microsoft.JScript.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4b660a457d1414ba100abeeb6d31d6d3\Microsoft.Ink.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\8c476c6026d82e3d421a0bce639192cd\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\79f7119fa4bf61a72cbcf388cf068fa1\Microsoft.Build.Tasks.ni.dll
+ 2010-01-04 21:15 . 2010-01-04 21:15 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ea115a11f044813d30be7e07f4dece83\Microsoft.Build.Engine.ni.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-01-03 01:26 . 2008-10-13 22:26 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-01-03 02:07 . 2008-06-20 01:14 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2010-01-03 02:06 . 2008-06-20 01:14 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-01-04 10:40 . 2009-02-18 18:38 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2010-01-03 01:26 . 2008-11-24 23:34 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2010-01-03 01:58 . 2008-07-27 18:03 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2010-01-03 01:26 . 2008-11-24 23:34 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-01-04 10:40 . 2009-04-11 06:31 3375104 c:\windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll
- 2010-01-03 01:26 . 2008-10-13 22:26 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-01-04 10:40 . 2009-03-30 04:42 2933760 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 1737064 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2010-01-04 10:40 . 2009-02-18 18:39 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-01-06 03:29 . 2009-09-04 06:58 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-01-12 00:53 . 2010-01-12 00:53 8007680 c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 11584000 c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6002.18005_none_6e14a3ea0f1db90b\shell32.dll
+ 2010-01-04 10:40 . 2009-04-11 05:03 12240896 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0007.dll
+ 2010-01-04 10:39 . 2009-04-11 06:28 10927104 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.18005_none_f44d654c0a3f7224\MOVIEMK.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 10624512 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18005_none_0d553c2b4c3b84e1\wmp.dll
+ 2010-01-04 10:40 . 2009-04-11 06:28 11584000 c:\windows\System32\shell32.dll
- 2010-01-03 01:37 . 2008-06-26 01:45 12240896 c:\windows\System32\NlsLexicons0007.dll
+ 2010-01-04 10:40 . 2009-04-11 05:03 12240896 c:\windows\System32\NlsLexicons0007.dll
+ 2010-01-12 00:54 . 2010-01-12 00:54 11904512 c:\windows\Installer\f1afea.msi
+ 2010-01-09 19:48 . 2010-01-09 19:48 11464192 c:\windows\Installer\496e4e7.msi
+ 2010-01-04 21:11 . 2010-01-04 21:11 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\27b0a88bfa56a9390f516b0fa55f3dcb\System.Web.ni.dll
+ 2010-01-04 21:14 . 2010-01-04 21:14 17328640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\df2a5eddb476c275ff657264182a0d24\System.ServiceModel.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\9e71d1b6e05e1447f1b95f85d93bb0ca\System.Design.ni.dll
+ 2010-01-06 03:34 . 2010-01-06 03:34 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\394fd96b27f367e6ffb13bc8c35fdcb2\PresentationFramework.ni.dll
+ 2010-01-04 21:12 . 2010-01-04 21:12 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0444ab43ccfb3390d2eaab1d9a34772f\PresentationFramework.ni.dll
+ 2010-01-06 03:32 . 2010-01-06 03:32 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\bfbe98e8737c97d8c938275ceca2b1d8\PresentationCore.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5c25d899e7dcebd6b63d192b79bc6b8e\PresentationCore.ni.dll
+ 2010-01-06 03:31 . 2010-01-06 03:31 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\894183c0c47bd4772fbfad4c1a7e3b71\mscorlib.ni.dll
+ 2010-01-04 21:10 . 2010-01-04 21:10 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-11-07 495708]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-16 150552]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-16 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-16 173592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2008-11-17 12:29 3810304 ----a-w- c:\windows\System32\WLTRAY.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
2009-10-07 09:12 1086760 ----a-w- c:\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-05-23 19:06 128296 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 21:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(:(:4c,af,a5,4e,82,8d,ca,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [1/2/2010 12:29 PM 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\AEstSrv.exe [1/9/2010 4:34 PM 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [1/2/2010 12:29 PM 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [1/2/2010 12:29 PM 53328]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [10/14/2009 8:30 AM 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [10/14/2009 8:30 AM 476528]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [1/8/2010 10:45 AM 1153368]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [1/20/2008 9:33 PM 21504]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\System32\drivers\RTL8192su.sys [10/28/2009 2:37 PM 528896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uLocal Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
FF - ProfilePath - c:\users\c\AppData\Roaming\Mozilla\Firefox\Profiles\bkov646a.default\
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-12 14:38
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(588)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2010-01-12 14:42:26
ComboFix-quarantined-files.txt 2010-01-12 19:42
ComboFix2.txt 2010-01-03 06:42

Pre-Run: 102,597,898,240 bytes free
Post-Run: 102,538,326,016 bytes free

Current=7 Default=7 Failed=1 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 046758F2E36B2AD28E2519E734A1C04D

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:19 PM

Posted 12 January 2010 - 03:08 PM

Hi,

can you please post a new DDS report. Have things improved with the machine?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 03:22 PM

to answer you Questions.

my passwords only show up in some of the websites where i have to use 1. it is a random thing. sometimes in 2 days i don't see it happening and then it happens. after restart everything goes back to normal.
B4 the reinstall of vista I had open ports all over the place with lots of data going out and i mean a lot of activity. after using RootRepeal ( i Think thats what i used) and having the Log showing few items in Red color i would like to make sure that there is nothing left of whatever that was before in this computer.

I use Microsoft wireless notebook optical mouse 4000 and the laptop keyboard.



I have 1 question. after running combofix, my icon's for the firewall and antivirus are gone. i checked on security center and it says they both are up and running. is that normal?


Malwarebytes' Anti-Malware 1.44
Database version: 3550
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

1/12/2010 3:08:27 PM
mbam-log-2010-01-12 (15-08-27).txt

Scan type: Quick Scan
Objects scanned: 94105
Time elapsed: 3 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by 6676, 12 January 2010 - 03:25 PM.


#13 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 03:51 PM

Hi,

can you please post a new DDS report. Have things improved with the machine?

regards myrti



hi.

yesterday i had FF updated since it is set up to do it by itself. after that update FF crashed like 6 times while watching a movie using the divX player. and no it wasn't porn :(

my internet keeps in and out and sometimes even when it says only local acces i'm able to surf the net at normal speed and sometimes it takes forever. I found out what it is in the Microsoft website but i will try their fix after i make sure this computer is clean.

brb with the log you need

#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:19 PM

Posted 12 January 2010 - 03:53 PM

Hi,

that is not supposed to happen. Could you please reboot and check if the icons come back.

If not please provide a new OTL log (only OTL.txt) to see if we can see the missing entries.

Please run rootrepeal once more:
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract the contents of RootRepeal.zip, to your desktop.
  • Double click Posted Image on your desktop.
  • Click on the report tab, then click scan
  • Check all seven boxes:
    Drivers
    Files
    Processes
    SSDT
    Stealth Objects
    Hidden Services
    Shadow SSDT
  • Click Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, Click the Save Report button. Save the log as RootRepeal.txt and post it in your next reply.
regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 6676

6676
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 January 2010 - 04:00 PM

brb with the new logs you need and thx for the help

DDS (Ver_09-12-01.01) - NTFSx86
Run by c at 15:55:48.20 on Tue 01/12/2010
Internet Explorer: 8.0.6001.18865
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3034.2069 [GMT -5:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_22764d41\aestsrv.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\c\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uLocal Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: ZoneAlarm Toolbar Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\c\appdata\roaming\mozilla\firefox\profiles\bkov646a.default\
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-2 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_22764d41\AEstSrv.exe [2010-1-9 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-2 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-1-2 53328]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-1-2 138680]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2009-10-14 476528]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-1-8 1153368]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-1-2 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-1-2 352920]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2009-10-28 528896]

=============== Created Last 30 ================

2010-01-12 20:03:43 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-12 20:03:40 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-12 20:03:40 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-12 19:42:33 0 d-sh--w- C:\$RECYCLE.BIN
2010-01-12 19:30:11 0 d-----w- C:\ComboFix
2010-01-12 00:54:49 0 d-----w- c:\programdata\Nero
2010-01-12 00:54:49 0 d-----w- c:\program files\Nero
2010-01-12 00:30:01 89088 ----a-w- c:\windows\system32\atl71.dll
2010-01-12 00:30:01 1047552 ----a-w- c:\windows\system32\MFC71u.dll
2010-01-10 11:36:04 0 d-----w- C:\Lop SD
2010-01-09 22:05:58 0 d-----w- c:\windows\system32\Dell
2010-01-09 21:54:49 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2010-01-09 21:54:49 121232 ----a-w- c:\windows\system32\IScrNB.bmp
2010-01-09 21:46:38 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-01-09 21:43:47 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2010-01-09 21:43:47 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2010-01-09 21:43:47 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2010-01-09 21:43:47 226816 ----a-w- c:\windows\system32\drivers\usbport.sys
2010-01-09 21:43:47 196608 ----a-w- c:\windows\system32\drivers\usbhub.sys
2010-01-09 21:41:19 0 d-----w- c:\programdata\Dell
2010-01-09 21:39:59 766 ----a-w- c:\windows\system\CRIcon.ico
2010-01-09 21:35:02 61440 ----a-w- c:\windows\system32\aestaren.dll
2010-01-09 21:35:02 511488 ----a-w- c:\windows\system32\ctapo32.dll
2010-01-09 21:35:02 380928 ----a-w- c:\windows\system32\aestecap.dll
2010-01-09 21:35:02 139264 ----a-w- c:\windows\system32\aestacap.dll
2010-01-09 21:35:01 86016 ----a-w- c:\windows\system32\AESTCom.dll
2010-01-09 21:35:01 536576 ----a-w- c:\windows\system32\idtmini1.exe
2010-01-09 21:35:01 47104 ----a-w- c:\windows\system32\ctppld.dll
2010-01-09 21:35:01 3313664 ----a-w- c:\windows\system32\stlang.dll
2010-01-09 21:35:01 12386396 ----a-w- c:\windows\system32\idtcpl.cpl
2010-01-09 21:34:10 0 d-----w- c:\program files\IDT
2010-01-09 20:17:22 14610 ----a-w- c:\windows\system32\results.xml
2010-01-09 20:13:08 993816 ----a-w- c:\windows\system32\igxpun.exe
2010-01-09 20:13:08 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-01-09 20:13:08 0 d-----w- c:\windows\system32\Lang
2010-01-09 20:09:11 0 d-----w- c:\program files\Cisco
2010-01-09 20:04:04 5430 ----a-w- c:\windows\system\MyMulti.ico
2010-01-09 20:04:03 6815264 ----a-w- c:\windows\system\DriveIcon.dll
2010-01-09 20:04:03 62976 ----a-w- c:\windows\system32\drivers\RTSTOR.sys
2010-01-09 20:03:07 0 d-----w- C:\Intel
2010-01-09 19:48:18 0 d-----w- c:\program files\Marvell
2010-01-09 19:47:17 0 d-----w- c:\users\c\appdata\roaming\TMP
2010-01-09 19:45:06 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-09 19:32:53 0 d-----w- C:\dell
2010-01-09 19:24:24 0 d-----w- c:\windows\system32\vmm32
2010-01-09 19:24:24 0 d-----w- c:\program files\Dell
2010-01-08 15:45:08 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-08 15:45:08 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-08 05:25:44 0 d-----w- c:\program files\Defraggler
2010-01-06 03:34:05 0 d-----w- c:\program files\Windows Portable Devices
2010-01-06 03:33:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-06 03:31:54 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-01-06 03:30:43 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-01-06 03:30:42 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-01-06 03:30:42 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-01-05 23:43:44 0 d-----w- c:\program files\common files\PX Storage Engine
2010-01-05 23:43:26 0 d-----w- c:\program files\DivX
2010-01-05 23:43:26 0 d-----w- c:\program files\common files\DivX Shared
2010-01-04 21:04:55 0 d-----w- c:\windows\system32\eu-ES
2010-01-04 21:04:55 0 d-----w- c:\windows\system32\ca-ES
2010-01-04 21:04:54 0 d-----w- c:\windows\system32\vi-VN
2010-01-04 19:51:37 0 d-----w- c:\windows\system32\EventProviders
2010-01-04 10:39:59 807424 ----a-w- c:\windows\system32\msctf.dll
2010-01-04 10:38:56 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-01-04 10:38:56 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-01-04 10:38:56 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-01-04 10:38:56 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-01-04 10:38:56 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-01-04 10:38:56 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-01-04 10:38:56 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-01-04 10:38:55 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-01-04 10:38:54 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-01-04 10:38:54 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-01-04 10:38:50 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-01-04 10:16:32 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-01-04 10:16:22 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-04 10:16:22 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-01-04 10:16:21 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-01-03 06:34:50 98816 ----a-w- c:\windows\sed.exe
2010-01-03 06:34:50 77312 ----a-w- c:\windows\MBR.exe
2010-01-03 06:34:50 261632 ----a-w- c:\windows\PEV.exe
2010-01-03 06:34:50 161792 ----a-w- c:\windows\SWREG.exe
2010-01-03 02:43:49 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-03 02:31:26 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-01-03 02:31:22 11967524 ----a-w- c:\windows\system32\korwbrkr.lex
2010-01-03 02:14:42 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-03 01:59:02 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-01-03 01:25:33 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-01-03 01:25:32 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-01-03 01:25:31 270848 ----a-w- c:\windows\system32\schannel.dll
2010-01-03 01:25:31 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-01-03 01:25:30 9728 ----a-w- c:\windows\system32\lsass.exe
2010-01-03 01:25:30 72704 ----a-w- c:\windows\system32\secur32.dll
2010-01-03 01:25:30 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-01-03 01:10:25 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-01-03 01:10:23 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-01-03 00:55:57 195456 ------w- c:\windows\system32\MpSigStub.exe
2010-01-03 00:55:22 2501921 ----a-w- c:\windows\system32\wlan.tmf
2010-01-03 00:55:21 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-01-03 00:55:21 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-01-03 00:55:21 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-01-03 00:55:21 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-01-03 00:55:21 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-01-03 00:55:20 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-01-03 00:52:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-01-03 00:52:51 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-03 00:52:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-01-03 00:52:51 23552 ----a-w- c:\windows\system32\lpk.dll
2010-01-03 00:52:51 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-03 00:52:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-01-03 00:44:49 6656 ----a-w- c:\windows\system32\kbd106n.dll
2010-01-03 00:39:02 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-01-03 00:32:07 1696768 ----a-w- c:\windows\system32\gameux.dll
2010-01-03 00:32:06 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-01-03 00:32:05 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-01-03 00:12:16 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-01-03 00:11:06 98816 ----a-w- c:\windows\system32\mfps.dll
2010-01-03 00:11:06 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-01-03 00:11:06 2868224 ----a-w- c:\windows\system32\mf.dll
2010-01-03 00:11:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-01-03 00:11:05 2048 ----a-w- c:\windows\system32\mferror.dll
2010-01-03 00:08:15 71680 ----a-w- c:\windows\system32\atl.dll
2010-01-03 00:02:16 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-01-03 00:02:02 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-01-03 00:02:02 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-01-03 00:02:02 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-01-03 00:01:21 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-01-02 23:55:52 623616 ----a-w- c:\windows\system32\localspl.dll
2010-01-02 23:55:42 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-01-02 23:49:17 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-01-02 23:49:16 43520 ----a-w- c:\windows\system32\msdxm.tlb
2010-01-02 23:49:16 18432 ----a-w- c:\windows\system32\amcompat.tlb
2010-01-02 23:38:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-01-02 23:38:11 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2010-01-02 23:28:03 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-01-02 23:27:43 243712 ----a-w- c:\windows\system32\rastls.dll
2010-01-02 23:24:57 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-01-02 23:20:12 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-01-02 23:19:56 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-01-02 23:19:55 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-01-02 23:19:55 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-01-02 23:19:55 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-01-02 23:19:54 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-01-02 17:39:29 0 d-----w- c:\program files\Belkin
2010-01-02 17:29:37 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-01-02 17:29:37 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2010-01-02 17:29:37 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2010-01-02 17:29:37 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-02 17:27:54 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-01-02 17:24:06 0 d-----w- c:\windows\Panther
2010-01-02 17:23:53 8192 --s-a-r- C:\BOOTSECT.BAK
2010-01-02 17:23:52 333257 --sha-r- C:\bootmgr
2010-01-02 17:23:52 0 d-----w- C:\Boot
2010-01-02 17:23:33 22 ---ha-r- c:\windows\dell_version
2010-01-02 17:23:33 0 d-----w- c:\windows\system32\OEM
2010-01-02 17:17:54 0 d-----w- c:\users\c\appdata\roaming\CheckPoint
2010-01-02 17:17:48 0 d-----w- c:\program files\CheckPoint
2010-01-02 17:17:33 0 d-----w- c:\program files\Zone Labs
2010-01-02 17:17:10 0 d-----w- c:\programdata\CheckPoint
2010-01-02 16:52:45 0 d-----w- c:\users\c\appdata\roaming\Malwarebytes
2010-01-02 16:52:41 0 d-----w- c:\programdata\Malwarebytes
2010-01-02 16:03:38 0 d-----w- c:\program files\CCleaner
2010-01-02 15:52:23 0 d---a-w- c:\programdata\TEMP
2010-01-02 15:52:19 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-01-02 15:52:19 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-01-02 15:52:18 0 d-----w- c:\program files\SpywareBlaster
2010-01-02 14:43:58 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-01-02 14:43:49 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-01-02 14:43:42 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-01-02 14:43:42 171608 ----a-w- c:\windows\system32\wuwebv.dll

==================== Find3M ====================

2010-01-09 21:51:30 86016 ----a-w- c:\windows\inf\infstrng.dat
2010-01-09 21:51:30 86016 ----a-w- c:\windows\inf\infstor.dat
2010-01-09 21:51:30 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-09 21:51:30 51200 ----a-w- c:\windows\inf\infpub.dat
2010-01-04 21:01:06 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2010-01-02 17:18:10 422437 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2009-11-22 20:44:20 446664 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2009-11-22 20:42:44 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-21 06:40:20 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34:39 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34:39 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-14 00:47:32 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47:28 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47:28 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47:28 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47:28 696320 ----a-w- c:\windows\system32\DivX.dll
2009-11-07 04:50:18 918016 ----a-w- c:\windows\system32\stapo.dll
2009-11-07 04:50:18 503808 ------w- c:\windows\system32\stapi32.dll
2009-11-07 04:50:18 405504 ----a-w- c:\windows\system32\stcplx.dll
2009-11-07 04:50:18 175616 ----a-w- c:\windows\system32\st326255.dll
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 15:56:24.41 ===============




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users