Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

vista freezing, opaque screen, busy cursor


  • This topic is locked This topic is locked
5 replies to this topic

#1 forestchild

forestchild

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 10 September 2010 - 05:13 AM

Starting yesterday my computer began having issues. First the cursor went busy. Then when I clicked on the screen I was wanting to use it turned opaque as if I had clicked something else and frozen. I was not able to access anything else on my computer including the task manager or shut down. I force shut down and tried again. It happened twice more, the first time was after several hours of use, the second was after only about half an hour. I ran the SUPER antispyware program hoping that was it, it froze again. I restored my settings back two weeks and it still persisted twice today.
The last time it froze after i reset it, the system said it needed to check for consistency. I had never seen that before.
As requested I ran the dds and I included those files. However when I started gmer the options on the right aren't selected those that I can deselect them, so I don't have the gmer file for you. I've included a screenshot to help explain. This freezing is really annoying. I really appreciate your help. thumbup2.gif


DDS (Ver_10-03-17.01) - NTFSX64
Run by Robin at 17:56:56.65 on 09/10/2010 Fri
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_21
AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
SP: Symantec Endpoint Protection *enabled* (Updated) {6C85A515-B91D-4D2B-AF18-40984A4A8493}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
D:\Combined Community Codec Pack\Bittorrent\uTorrent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
D:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Robin\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.goo.ne.jp/
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files (x86)\veoh networks\veohwebplayer\VeohIEToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [uTorrent] "d:\combined community codec pack\bittorrent\uTorrent.exe"
uRun: [Skype] "c:\program files (x86)\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Trigger New Acer AlaunchX] c:\acer\preload\command\alaunchx\AppInRun.exe
mRun: [eRecoveryService]
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "c:\program files (x86)\google\gmail notifier\gnotify.exe"
mRun: [AppleSyncNotifier] c:\program files (x86)\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRunOnce: [New Acer AlaunchX] c:\acer\preload\command\alaunchx\LaunchAlaunchX.exe
StartupFolder: c:\users\robin\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - d:\program files (x86)\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files (x86)\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun-x64: [IAAnotif] "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
mRun-x64: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\users\robin\appdata\roaming\mozilla\firefox\profiles\p7ngva2u.default\
FF - prefs.js: browser.startup.homepage - hxxp://megatokyo.com/
FF - component: c:\users\robin\appdata\roaming\mozilla\firefox\profiles\p7ngva2u.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\components\FFExternalAlert.dll
FF - component: c:\users\robin\appdata\roaming\mozilla\firefox\profiles\p7ngva2u.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\components\RadioWMPCore.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\NPCIG.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npclntax_ZangoSA.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv64.sys [2010-2-18 14920]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\saskutil64.sys [2010-2-18 12360]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore64.exe [2010-6-30 128752]
R2 ETService;Empowering Technology Service;c:\program files\gateway\gateway recovery management\service\ETService.exe [2008-10-16 24576]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files (x86)\symantec\symantec endpoint protection\Rtvscan.exe [2008-5-10 2240944]
R3 CAXHWAZL;CAXHWAZL;c:\windows\system32\drivers\CAXHWAZL.sys [2008-9-4 293376]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-8-22 126976]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2mdx64.sys [2008-7-15 62296]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sdx64.sys [2008-6-12 51800]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk60x64.sys [2008-4-29 392192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1c9e01080d4ad50;Google Update Service (gupdate1c9e01080d4ad50);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-5-29 133104]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2009-2-23 25424]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]
S3 NETw5v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;c:\windows\system32\drivers\NETw5v64.sys [2008-9-4 4730368]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920]

=============== Created Last 30 ================

2010-09-10 08:56:08 0 ----a-w- c:\users\robin\defogger_reenable
2010-09-09 14:51:48 0 d-----w- c:\programdata\!SASCORE
2010-09-09 14:42:17 0 d-----w- c:\windows\pss
2010-09-09 13:57:33 524288 --sha-w- c:\users\robin\ntuser.dat{bc7cf7dc-bc17-11df-83c5-00e0b8fda720}.TMContainer00000000000000000002.regtrans-ms
2010-09-09 13:57:32 65536 --sha-w- c:\users\robin\ntuser.dat{bc7cf7dc-bc17-11df-83c5-00e0b8fda720}.TM.blf
2010-09-09 13:57:32 524288 --sha-w- c:\users\robin\ntuser.dat{bc7cf7dc-bc17-11df-83c5-00e0b8fda720}.TMContainer00000000000000000001.regtrans-ms
2010-09-09 13:09:58 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-31 11:59:59 0 d-----w- c:\program files (x86)\QuickTime(41)

==================== Find3M ====================

2010-07-26 15:51:48 11584512 ----a-w- c:\windows\syswow64\shell32.dll
2010-06-29 16:03:43 1032192 ----a-w- c:\windows\system32\wininet.dll
2010-06-29 15:47:12 834048 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-29 15:46:59 1176064 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-29 15:44:16 477184 ----a-w- c:\windows\syswow64\mshtmled.dll
2010-06-29 15:44:15 3603456 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-29 15:43:04 6080000 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-29 15:43:04 193024 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-29 15:43:00 380928 ----a-w- c:\windows\syswow64\ieapfltr.dll
2010-06-28 16:52:22 86528 ----a-w- c:\windows\system32\ieencode.dll
2010-06-28 16:13:32 78336 ----a-w- c:\windows\syswow64\ieencode.dll
2010-06-22 10:15:15 86016 ----a-w- c:\windows\inf\infstor.dat
2010-06-22 10:15:15 51200 ----a-w- c:\windows\inf\infpub.dat
2010-06-22 10:15:14 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-21 19:36:38 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-06-21 19:36:37 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-06-21 19:36:36 145184 ----a-w- c:\windows\syswow64\java.exe
2010-06-21 19:36:29 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-06-21 14:05:22 2752000 ----a-w- c:\windows\system32\win32k.sys
2010-06-18 17:48:21 50688 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 17:31:29 36864 ----a-w- c:\windows\syswow64\rtutils.dll
2009-11-17 18:21:24 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-03-23 06:27:47 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\cookies\index.dat
2010-03-23 06:27:47 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\history\history.ie5\index.dat
2010-03-23 06:27:47 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 17:58:35.80 ===============



Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:32 AM

Posted 16 September 2010 - 10:31 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 forestchild

forestchild
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 21 September 2010 - 07:22 AM

Restored computer from hidden recovery partition. Have run several updates without the problem occurring, however it was very intermittent and may very well show up again.

After installing required apps, I will post again the output from our instructions.

Thank you!

#4 forestchild

forestchild
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 22 September 2010 - 02:10 AM

OTL.exe:

OTL logfile created on: 9/22/2010 7:57:30 AM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = D:\downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 50.14 Gb Free Space | 50.14% Space Free | Partition Type: NTFS
Drive D: | 188.09 Gb Total Space | 19.80 Gb Free Space | 10.53% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBIN-PC
Current User Name: Robin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/22 07:56:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\downloads\OTL.exe
PRC - [2010/09/15 07:59:44 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/12 17:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2008/09/04 02:53:37 | 001,245,064 | ---- | M] () -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/07/29 16:53:18 | 004,917,760 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2008/07/21 09:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/21 09:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/03/28 17:43:42 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2008/02/22 20:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008/02/18 05:37:00 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/02/12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe


========== Modules (SafeList) ==========

MOD - [2010/09/22 07:56:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\downloads\OTL.exe
MOD - [2008/01/21 11:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/21 11:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 00:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/11/04 03:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/09/04 02:53:37 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/07/21 09:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/05/06 07:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/02/21 08:02:00 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/02/21 08:02:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/02/18 05:37:00 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/02/18 05:37:00 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/02/18 05:37:00 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/02/18 05:37:00 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/21 19:22:00 | 000,267,096 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/02/12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/20 04:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/10/27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/11/17 15:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/11/04 03:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 08:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 08:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 08:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/09/18 03:15:28 | 000,325,120 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/09/04 02:54:59 | 000,172,080 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2008/07/21 09:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 17:39:24 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/11 11:29:08 | 007,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 18:52:38 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/30 06:52:44 | 000,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/26 16:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/12 10:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 17:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/02/19 11:06:00 | 000,028,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2008/02/05 05:34:00 | 000,271,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV:64bit: - [2008/02/05 05:34:00 | 000,028,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV:64bit: - [2008/01/31 11:51:00 | 000,476,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SRTSPL64.SYS -- (SRTSPL)
DRV:64bit: - [2008/01/31 11:51:00 | 000,440,880 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2008/01/31 11:51:00 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2008/01/21 11:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/21 11:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2006/09/19 06:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/06/18 23:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 11:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2008/02/13 10:18:00 | 000,359,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20080215.001\IDSviA64.sys -- (IDSvia64)
DRV - [2008/02/12 19:00:00 | 001,418,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080213.036\EX64.SYS -- (NAVEX15)
DRV - [2008/02/12 19:00:00 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080213.036\ENG64.SYS -- (NAVENG)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...0&m=mc7801u
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...0&m=mc7801u
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...0&m=mc7801u
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...0&m=mc7801u


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2088641259-3898254991-544340045-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACG...0&m=mc7801u
IE - HKU\S-1-5-21-2088641259-3898254991-544340045-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2088641259-3898254991-544340045-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACG...0&m=mc7801u
IE - HKU\S-1-5-21-2088641259-3898254991-544340045-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2088641259-3898254991-544340045-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2088641259-3898254991-544340045-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/21 07:18:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/21 21:31:13 | 000,000,000 | ---D | M]

[2010/09/20 21:23:10 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions
[2010/09/22 07:19:18 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\ab6dmivo.default\extensions
[2010/09/20 21:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\ab6dmivo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/20 21:22:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/09/21 22:10:54 | 000,419,413 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 14474 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [ccApp] c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [osCheck] c:\Program Files (x86)\Norton 360\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TP CfgWiz] c:\Program Files (x86)\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SymCuw.exe (Symantec Corporation)
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\GTW3_Wide.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\GTW3_Wide.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)


========== Files/Folders - Created Within 30 Days ==========

[2010/09/22 07:08:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Writings
[2010/09/22 07:08:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\School Creations
[2010/09/22 07:08:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\My Received Files
[2010/09/22 07:08:51 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\My Library
[2010/09/22 07:08:51 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Homework
[2010/09/22 07:07:42 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Electronic Arts
[2010/09/22 07:07:40 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\B's Log
[2010/09/21 21:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/09/21 21:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/09/21 21:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\KLCP64
[2010/09/21 21:55:58 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2010/09/21 21:55:58 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2010/09/21 21:55:58 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2010/09/21 21:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2010/09/21 21:52:57 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\vlc
[2010/09/21 21:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010/09/21 21:45:09 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\Sewing Bits
[2010/09/21 21:42:54 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\megane
[2010/09/21 21:42:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\LSD v3-Higa Sakia jpn
[2010/09/21 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\LSD v1-Higa Sakia jpn
[2010/09/21 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\hjsplit_24
[2010/09/21 21:42:43 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\Demian Syndrome Vol 3 (raw_jpn)
[2010/09/21 21:42:39 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\Demian Syndrome v04 jp
[2010/09/21 21:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010/09/21 21:32:02 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\uTorrent
[2010/09/21 21:30:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/09/21 21:28:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/09/21 21:27:57 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\ImgBurn
[2010/09/21 21:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2010/09/21 07:19:55 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Apple Computer
[2010/09/21 07:19:55 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Apple Computer
[2010/09/21 07:19:48 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010/09/21 07:19:48 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010/09/21 07:19:48 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010/09/21 07:19:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/09/21 07:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/21 07:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/21 07:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/21 07:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/09/21 07:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/09/21 07:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/09/21 07:17:37 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Apple
[2010/09/21 07:17:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/09/21 07:16:01 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/09/21 07:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/09/21 07:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/21 07:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/09/21 07:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/09/21 07:15:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/09/20 22:32:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/09/20 22:32:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/09/20 22:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/09/20 22:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010/09/20 22:28:54 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Microsoft Help
[2010/09/20 22:27:53 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/09/20 22:10:14 | 000,091,568 | ---- | C] (PowerISO Computing, Inc.) -- C:\Windows\SysNative\drivers\scdemu.sys
[2010/09/20 22:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2010/09/20 22:09:12 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\WinRAR
[2010/09/20 22:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/09/20 21:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/09/20 21:28:03 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Adobe
[2010/09/20 21:27:09 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Macromedia
[2010/09/20 21:23:01 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Mozilla
[2010/09/20 21:23:01 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Mozilla
[2010/09/20 21:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/09/20 21:18:26 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010/09/20 21:18:26 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010/09/20 21:17:42 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010/09/20 21:17:42 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010/09/20 13:45:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/09/20 13:45:32 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\SysWow64\igxpun.exe
[2010/09/20 13:45:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2010/09/20 13:45:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2010/09/20 13:40:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/09/20 09:43:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2010/09/20 09:43:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2010/09/20 09:43:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2010/09/20 09:43:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2010/09/20 09:43:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2010/09/20 09:43:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2010/09/20 09:41:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2010/09/20 09:23:36 | 000,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2010/09/20 09:23:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2010/09/20 09:18:43 | 003,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2010/09/20 09:18:43 | 002,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2010/09/20 09:18:43 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkexplorer.dll
[2010/09/20 09:18:42 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2010/09/20 09:18:42 | 003,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2010/09/20 09:18:42 | 003,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2010/09/20 09:18:42 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2010/09/20 09:18:42 | 001,582,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/09/20 09:18:42 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2010/09/20 09:18:42 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2010/09/20 09:18:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2010/09/20 09:18:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2010/09/20 09:18:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2010/09/20 09:18:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2010/09/20 09:18:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkitemfactory.dll
[2010/09/20 09:18:41 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2010/09/20 09:18:41 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2010/09/20 09:18:41 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2010/09/20 09:18:41 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2010/09/20 09:18:41 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2010/09/20 09:18:41 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2010/09/20 09:18:41 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2010/09/20 09:18:41 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2010/09/20 09:18:41 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2010/09/20 09:18:41 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2010/09/20 09:18:40 | 002,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2010/09/20 09:18:40 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2010/09/20 09:18:40 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2010/09/20 09:18:40 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2010/09/20 09:18:40 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2010/09/20 09:18:40 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2010/09/20 09:18:40 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2010/09/20 09:18:40 | 000,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2010/09/20 09:18:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
[2010/09/20 09:18:40 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2010/09/20 09:18:40 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2010/09/20 09:18:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2010/09/20 09:18:39 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2010/09/20 09:18:39 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2010/09/20 09:18:39 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2010/09/20 09:18:39 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2010/09/20 09:18:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncrypt.dll
[2010/09/20 09:18:39 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2010/09/20 09:18:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2010/09/20 09:18:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2010/09/20 09:18:39 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2010/09/20 09:18:38 | 002,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2010/09/20 09:18:38 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2010/09/20 09:18:38 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2010/09/20 09:18:38 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2010/09/20 09:18:38 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2010/09/20 09:18:38 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2010/09/20 09:18:38 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2010/09/20 09:18:38 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2010/09/20 09:18:38 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2010/09/20 09:18:38 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2010/09/20 09:18:38 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2010/09/20 09:18:38 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2010/09/20 09:18:38 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2010/09/20 09:18:38 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2010/09/20 09:18:38 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2010/09/20 09:18:38 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2010/09/20 09:18:38 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2010/09/20 09:18:38 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2010/09/20 09:18:38 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2010/09/20 09:18:38 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2010/09/20 09:18:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2010/09/20 09:18:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2010/09/20 09:18:38 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2010/09/20 09:18:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
[2010/09/20 09:18:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2010/09/20 09:18:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2010/09/20 09:18:37 | 002,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
[2010/09/20 09:18:37 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2010/09/20 09:18:37 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2010/09/20 09:18:37 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2010/09/20 09:18:37 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2010/09/20 09:18:37 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2010/09/20 09:18:37 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2010/09/20 09:18:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2010/09/20 09:18:37 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2010/09/20 09:18:37 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2010/09/20 09:18:37 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2010/09/20 09:18:37 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2010/09/20 09:18:37 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2010/09/20 09:18:37 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2010/09/20 09:18:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2010/09/20 09:18:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2010/09/20 09:18:37 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2010/09/20 09:18:37 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2010/09/20 09:18:36 | 001,915,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/09/20 09:18:36 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/09/20 09:18:36 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2010/09/20 09:18:36 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2010/09/20 09:18:36 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2010/09/20 09:18:35 | 001,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2010/09/20 09:18:34 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2010/09/20 09:18:34 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2010/09/20 09:18:34 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2010/09/20 09:18:34 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2010/09/20 09:18:34 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2010/09/20 09:18:34 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2010/09/20 09:18:34 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2010/09/20 09:18:34 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2010/09/20 09:18:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2010/09/20 09:18:34 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2010/09/20 09:18:34 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2010/09/20 09:18:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2010/09/20 09:18:34 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2010/09/20 09:18:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
[2010/09/20 09:18:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2010/09/20 09:18:33 | 000,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2010/09/20 09:18:33 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2010/09/20 09:18:31 | 003,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2010/09/20 09:18:31 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2010/09/20 09:18:31 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2010/09/20 09:18:31 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2010/09/20 09:18:31 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2010/09/20 09:18:31 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2010/09/20 09:18:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2010/09/20 09:18:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2010/09/20 09:18:30 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2010/09/20 09:18:30 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2010/09/20 09:18:30 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2010/09/20 09:18:30 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2010/09/20 09:18:30 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2010/09/20 09:18:30 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2010/09/20 09:18:30 | 000,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2010/09/20 09:18:29 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2010/09/20 09:18:29 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2010/09/20 09:18:29 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2010/09/20 09:18:29 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2010/09/20 09:18:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2010/09/20 09:18:29 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2010/09/20 09:18:29 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2010/09/20 09:18:29 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2010/09/20 09:18:29 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2010/09/20 09:18:29 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2010/09/20 09:18:29 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2010/09/20 09:18:29 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/09/20 09:18:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/09/20 09:18:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2010/09/20 09:18:29 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2010/09/20 09:18:29 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2010/09/20 09:18:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2010/09/20 09:18:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2010/09/20 09:18:28 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2010/09/20 09:18:28 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2010/09/20 09:18:28 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2010/09/20 09:18:28 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2010/09/20 09:18:28 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2010/09/20 09:18:28 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2010/09/20 09:18:28 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2010/09/20 09:18:28 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2010/09/20 09:18:28 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2010/09/20 09:18:28 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2010/09/20 09:18:28 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2010/09/20 09:18:28 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2010/09/20 09:18:28 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2010/09/20 09:18:28 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2010/09/20 09:18:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2010/09/20 09:18:28 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2010/09/20 09:18:28 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2010/09/20 09:18:28 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2010/09/20 09:18:28 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2010/09/20 09:18:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2010/09/20 09:18:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2010/09/20 09:18:27 | 002,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2010/09/20 09:18:27 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2010/09/20 09:18:27 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2010/09/20 09:18:27 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2010/09/20 09:18:27 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2010/09/20 09:18:27 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2010/09/20 09:18:27 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2010/09/20 09:18:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2010/09/20 09:18:27 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2010/09/20 09:18:27 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2010/09/20 09:18:27 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2010/09/20 09:18:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2010/09/20 09:18:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2010/09/20 09:18:26 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2010/09/20 09:18:26 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2010/09/20 09:18:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2010/09/20 09:18:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimtf.dll
[2010/09/20 09:18:26 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2010/09/20 09:18:23 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2010/09/20 09:18:23 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2010/09/20 09:18:23 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2010/09/20 09:18:23 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2010/09/20 09:18:23 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2010/09/20 09:18:23 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2010/09/20 09:18:22 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010/09/20 09:18:22 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010/09/20 09:18:22 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010/09/20 09:18:22 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010/09/20 09:18:22 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2010/09/20 09:18:22 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010/09/20 09:18:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010/09/20 09:18:21 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2010/09/20 09:18:21 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2010/09/20 09:18:21 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010/09/20 09:18:21 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010/09/20 09:18:21 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2010/09/20 09:18:17 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2010/09/20 09:18:17 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2010/09/20 09:18:17 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010/09/20 09:18:17 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2010/09/20 09:18:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010/09/20 09:18:17 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2010/09/20 09:18:17 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2010/09/20 09:18:17 | 000,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2010/09/20 09:18:16 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2010/09/20 09:18:16 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2010/09/20 09:18:16 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2010/09/20 09:18:16 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasapi32.dll
[2010/09/20 09:18:16 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2010/09/20 09:18:16 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2010/09/20 09:18:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2010/09/20 09:18:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2010/09/20 09:18:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2010/09/20 09:18:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2010/09/20 09:18:15 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2010/09/20 09:18:15 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2010/09/20 09:18:15 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2010/09/20 09:18:15 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2010/09/20 09:18:15 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2010/09/20 09:18:15 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2010/09/20 09:18:15 | 000,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2010/09/20 09:18:15 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2010/09/20 09:18:14 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2010/09/20 09:18:14 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2010/09/20 09:18:14 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2010/09/20 09:18:14 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2010/09/20 09:18:14 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2010/09/20 09:18:14 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2010/09/20 09:18:14 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2010/09/20 09:18:14 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2010/09/20 09:18:14 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2010/09/20 09:18:14 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powrprof.dll
[2010/09/20 09:18:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2010/09/20 09:18:13 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2010/09/20 09:18:13 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2010/09/20 09:18:13 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2010/09/20 09:18:13 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2010/09/20 09:18:13 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2010/09/20 09:18:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2010/09/20 09:18:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2010/09/20 09:18:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2010/09/20 09:18:12 | 001,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2010/09/20 09:18:12 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2010/09/20 09:18:12 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rsaenh.dll
[2010/09/20 09:18:12 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2010/09/20 09:18:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2010/09/20 09:18:12 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2010/09/20 09:18:11 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2010/09/20 09:18:11 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2010/09/20 09:18:11 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010/09/20 09:18:11 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010/09/20 09:18:11 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010/09/20 09:18:11 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010/09/20 09:18:11 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2010/09/20 09:18:11 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010/09/20 09:18:11 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010/09/20 09:18:11 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010/09/20 09:18:11 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010/09/20 09:18:11 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2010/09/20 09:18:11 | 000,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2010/09/20 09:18:11 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2010/09/20 09:18:11 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2010/09/20 09:18:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2010/09/20 09:18:11 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2010/09/20 09:18:10 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2010/09/20 09:18:10 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2010/09/20 09:18:10 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2010/09/20 09:18:10 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2010/09/20 09:18:09 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2010/09/20 09:18:09 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2010/09/20 09:18:09 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2010/09/20 09:18:09 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2010/09/20 09:18:09 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
[2010/09/20 09:18:09 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2010/09/20 09:18:08 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2010/09/20 09:18:08 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2010/09/20 09:18:08 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
[2010/09/20 09:18:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2010/09/20 09:18:08 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
[2010/09/20 09:18:08 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2010/09/20 09:18:08 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2010/09/20 09:18:08 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
[2010/09/20 09:18:08 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
[2010/09/20 09:18:08 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2010/09/20 09:18:08 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2010/09/20 09:18:07 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
[2010/09/20 09:18:07 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
[2010/09/20 09:18:07 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2010/09/20 09:18:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2010/09/20 09:18:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2010/09/20 09:18:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2010/09/20 09:18:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
[2010/09/20 09:18:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
[2010/09/20 09:18:06 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2010/09/20 09:18:06 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2010/09/20 09:18:06 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2010/09/20 09:18:06 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnsapi.dll
[2010/09/20 09:18:06 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2010/09/20 09:18:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2010/09/20 09:18:06 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2010/09/20 09:18:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2010/09/20 09:18:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2010/09/20 09:18:06 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2010/09/20 09:18:06 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2010/09/20 09:18:06 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2010/09/20 09:18:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/09/20 09:18:05 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2010/09/20 09:18:05 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
[2010/09/20 09:18:05 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsound.dll
[2010/09/20 09:18:05 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
[2010/09/20 09:18:05 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2010/09/20 09:18:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2010/09/20 09:18:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2010/09/20 09:18:05 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
[2010/09/20 09:18:05 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
[2010/09/20 09:18:05 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
[2010/09/20 09:18:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
[2010/09/20 09:18:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2010/09/20 09:18:05 | 000,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
[2010/09/20 09:18:04 | 002,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2010/09/20 09:18:04 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2010/09/20 09:18:04 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2010/09/20 09:18:04 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2010/09/20 09:18:04 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2010/09/20 09:18:04 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2010/09/20 09:18:04 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2010/09/20 09:18:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2010/09/20 09:18:04 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
[2010/09/20 09:18:03 | 001,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2010/09/20 09:18:03 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2010/09/20 09:18:03 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2010/09/20 09:18:03 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2010/09/20 09:18:03 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2010/09/20 09:18:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2010/09/20 09:18:03 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2010/09/20 09:18:03 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2010/09/20 09:18:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2010/09/20 09:18:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2010/09/20 09:18:03 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc6.dll
[2010/09/20 09:18:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2010/09/20 09:18:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2010/09/20 09:18:03 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
[2010/09/20 09:18:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
[2010/09/20 09:18:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2010/09/20 09:18:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
[2010/09/20 09:18:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2010/09/20 09:18:02 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2010/09/20 09:18:02 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2010/09/20 09:18:02 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2010/09/20 09:18:02 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
[2010/09/20 09:18:02 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2010/09/20 09:18:02 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
[2010/09/20 09:18:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2010/09/20 09:18:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2010/09/20 09:18:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2010/09/20 09:18:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2010/09/20 09:18:02 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2010/09/20 09:18:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdProxy.dll
[2010/09/20 09:18:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
[2010/09/20 09:18:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
[2010/09/20 09:18:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2010/09/20 09:18:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2010/09/20 09:18:01 | 003,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/09/20 09:18:01 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010/09/20 09:18:01 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2010/09/20 09:18:01 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
[2010/09/20 09:18:01 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2010/09/20 09:18:01 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fundisc.dll
[2010/09/20 09:18:01 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2010/09/20 09:18:01 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2010/09/20 09:18:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2010/09/20 09:18:01 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2010/09/20 09:18:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
[2010/09/20 09:18:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2010/09/20 09:18:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2010/09/20 09:18:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
[2010/09/20 09:18:00 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2010/09/20 09:18:00 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2010/09/20 09:18:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2010/09/20 09:18:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
[2010/09/20 09:18:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWCN.dll
[2010/09/20 09:18:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
[2010/09/20 09:18:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
[2010/09/20 09:18:00 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
[2010/09/20 09:17:59 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2010/09/20 09:17:59 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2010/09/20 09:17:59 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2010/09/20 09:17:59 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2010/09/20 09:17:59 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2010/09/20 09:17:59 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2010/09/20 09:17:59 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2010/09/20 09:17:59 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2010/09/20 09:17:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
[2010/09/20 09:17:59 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2010/09/20 09:17:59 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2010/09/20 09:17:58 | 002,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2010/09/20 09:17:58 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2010/09/20 09:17:58 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2010/09/20 09:17:58 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2010/09/20 09:17:58 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2010/09/20 09:17:58 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2010/09/20 09:17:58 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2010/09/20 09:17:58 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2010/09/20 09:17:58 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorShell.dll
[2010/09/20 09:17:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2010/09/20 09:17:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2010/09/20 09:17:57 | 001,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2010/09/20 09:17:57 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2010/09/20 09:17:57 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2010/09/20 09:17:57 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2010/09/20 09:17:57 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2010/09/20 09:17:57 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2010/09/20 09:17:57 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2010/09/20 09:17:57 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2010/09/20 09:17:57 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2010/09/20 09:17:57 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2010/09/20 09:17:57 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2010/09/20 09:17:57 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2010/09/20 09:17:57 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcrypt.dll
[2010/09/20 09:17:57 | 000,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2010/09/20 09:17:57 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2010/09/20 09:17:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
[2010/09/20 09:17:56 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2010/09/20 09:17:56 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2010/09/20 09:17:56 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2010/09/20 09:17:56 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2010/09/20 09:17:56 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2010/09/20 09:17:56 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2010/09/20 09:17:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
[2010/09/20 09:17:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
[2010/09/20 09:17:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
[2010/09/20 09:17:55 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
[2010/09/20 09:17:55 | 001,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2010/09/20 09:17:55 | 001,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2010/09/20 09:17:55 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2010/09/20 09:17:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
[2010/09/20 09:17:54 | 002,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2010/09/20 09:17:54 | 002,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2010/09/20 09:17:54 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2010/09/20 09:17:54 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
[2010/09/20 09:17:54 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2010/09/20 09:17:54 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2010/09/20 09:17:54 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioEng.dll
[2010/09/20 09:17:54 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2010/09/20 09:17:54 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2010/09/20 09:17:54 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2010/09/20 09:17:54 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2010/09/20 09:17:54 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioSes.dll
[2010/09/20 09:17:54 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
[2010/09/20 09:17:53 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2010/09/20 09:17:53 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
[2010/09/20 09:17:53 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
[2010/09/20 09:17:53 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2010/09/20 09:17:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
[2010/09/20 09:17:52 | 001,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
[2010/09/20 09:17:52 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2010/09/20 09:17:52 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2010/09/20 09:17:52 | 001,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2010/09/20 09:17:52 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2010/09/20 09:17:52 | 001,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2010/09/20 09:17:52 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2010/09/20 09:17:52 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
[2010/09/20 09:17:52 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
[2010/09/20 09:17:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
[2010/09/20 09:17:52 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
[2010/09/20 09:17:52 | 000,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2010/09/20 09:17:52 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2010/09/20 09:17:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscapi.dll
[2010/09/20 09:17:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2010/09/20 09:17:51 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2010/09/20 09:17:51 | 001,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2010/09/20 09:17:51 | 001,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010/09/20 09:17:51 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2010/09/20 09:17:51 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010/09/20 09:17:51 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
[2010/09/20 09:17:51 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
[2010/09/20 09:17:51 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2010/09/20 09:17:51 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2010/09/20 09:17:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
[2010/09/20 09:17:51 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
[2010/09/20 09:17:51 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2010/09/20 09:17:51 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2010/09/20 09:17:51 | 000,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2010/09/20 09:17:51 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2010/09/20 09:17:51 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
[2010/09/20 09:17:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
[2010/09/20 09:17:51 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
[2010/09/20 09:17:51 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/09/20 09:17:51 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
[2010/09/20 09:17:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
[2010/09/20 09:17:50 | 006,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
[2010/09/20 09:17:50 | 001,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
[2010/09/20 09:17:50 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2010/09/20 09:17:50 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2010/09/20 09:17:50 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2010/09/20 09:17:50 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2010/09/20 09:17:50 | 000,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2010/09/20 09:17:50 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2010/09/20 09:17:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
[2010/09/20 09:17:49 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010/09/20 09:17:49 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2010/09/20 09:17:49 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2010/09/20 09:17:49 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2010/09/20 09:17:49 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2010/09/20 09:17:49 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2010/09/20 09:17:49 | 000,022,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2010/09/20 09:17:49 | 000,019,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2010/09/20 09:17:49 | 000,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2010/09/20 09:17:48 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2010/09/20 09:17:48 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2010/09/20 09:17:48 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2010/09/20 09:17:48 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2010/09/20 09:17:48 | 000,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2010/09/20 09:17:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
[2010/09/20 09:17:48 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2010/09/20 09:17:48 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2010/09/20 09:17:48 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2010/09/20 09:17:48 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
[2010/09/20 09:17:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
[2010/09/20 09:17:48 | 000,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2010/09/20 09:17:47 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2010/09/20 09:17:47 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2010/09/20 09:17:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2010/09/20 09:17:47 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2010/09/20 09:17:47 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2010/09/20 09:17:47 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2010/09/20 09:17:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
[2010/09/20 09:17:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2010/09/20 09:17:46 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
[2010/09/20 09:17:46 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
[2010/09/20 09:17:46 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
[2010/09/20 09:17:46 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2010/09/20 09:17:46 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2010/09/20 09:17:46 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
[2010/09/20 09:17:45 | 002,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2010/09/20 09:17:45 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2010/09/20 09:17:45 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2010/09/20 09:17:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2010/09/20 09:17:45 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2010/09/20 09:17:44 | 003,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2010/09/20 09:17:44 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2010/09/20 09:17:44 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2010/09/20 09:17:44 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2010/09/20 09:17:44 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2010/09/20 09:17:44 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
[2010/09/20 09:17:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
[2010/09/20 09:17:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/09/20 09:17:44 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2010/09/20 09:17:44 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/09/20 09:17:44 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2010/09/20 09:17:44 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2010/09/20 09:17:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2010/09/20 09:17:44 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
[2010/09/20 09:17:44 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
[2010/09/20 09:17:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
[2010/09/20 09:17:43 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2010/09/20 09:17:41 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2010/09/20 09:17:40 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2010/09/20 09:17:40 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2010/09/20 09:17:40 | 000,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2010/09/20 09:17:40 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2010/09/20 09:17:39 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2010/09/20 09:17:39 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2010/09/20 09:17:39 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2010/09/20 09:17:39 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2010/09/20 09:17:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
[2010/09/20 09:17:37 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
[2010/09/20 09:17:37 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
[2010/09/20 09:17:37 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2010/09/20 09:17:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2010/09/20 09:17:35 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasnap.dll
[2010/09/20 09:17:35 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iaspolcy.dll
[2010/09/20 09:17:34 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IasMigReader.exe
[2010/09/20 09:17:34 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\IasMigPlugin.dll
[2010/09/20 09:17:34 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassdo.dll
[2010/09/20 09:17:34 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassdo.dll
[2010/09/20 09:17:34 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassam.dll
[2010/09/20 09:17:34 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasnap.dll
[2010/09/20 09:17:34 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrad.dll
[2010/09/20 09:17:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrecst.dll
[2010/09/20 09:17:34 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassam.dll
[2010/09/20 09:17:34 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrad.dll
[2010/09/20 09:17:34 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrecst.dll
[2010/09/20 09:17:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasacct.dll
[2010/09/20 09:17:34 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasacct.dll
[2010/09/20 09:17:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iaspolcy.dll
[2010/09/20 09:17:33 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2010/09/20 09:17:33 | 000,581,632 | ---- | C] (Microsoft) -- C:\Windows\SysNative\IasMigPlugin.dll
[2010/09/20 09:17:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iashlpr.dll
[2010/09/20 09:17:33 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2010/09/20 09:17:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasads.dll
[2010/09/20 09:17:33 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpapi.dll
[2010/09/20 09:17:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iashlpr.dll
[2010/09/20 09:17:33 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasdatastore.dll
[2010/09/20 09:17:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasads.dll
[2010/09/20 09:17:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasdatastore.dll
[2010/09/20 09:17:32 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2010/09/20 09:17:32 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2010/09/20 09:17:32 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2010/09/20 09:17:32 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2010/09/20 09:17:32 | 000,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2010/09/20 09:17:32 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2010/09/20 09:17:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2010/09/20 09:17:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2010/09/20 09:17:31 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
[2010/09/20 09:17:30 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2010/09/20 09:17:30 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2010/09/20 09:17:30 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2010/09/20 09:17:30 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2010/09/20 09:17:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2010/09/20 09:17:29 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2010/09/20 09:17:29 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2010/09/20 09:17:29 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
[2010/09/20 09:17:29 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
[2010/09/20 09:17:29 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2010/09/20 09:17:29 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2010/09/20 09:17:28 | 001,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2010/09/20 09:17:28 | 001,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2010/09/20 09:17:28 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2010/09/20 09:17:28 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2010/09/20 09:17:28 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2010/09/20 09:17:28 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2010/09/20 09:17:28 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
[2010/09/20 09:17:28 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
[2010/09/20 09:17:28 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassvcs.dll
[2010/09/20 09:17:28 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassvcs.dll
[2010/09/20 09:17:27 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2010/09/20 09:17:27 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2010/09/20 09:17:27 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2010/09/20 09:17:27 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2010/09/20 09:17:27 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2010/09/20 09:17:27 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2010/09/20 09:17:27 | 000,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2010/09/20 09:17:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2010/09/20 09:17:26 | 001,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2010/09/20 09:17:26 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2010/09/20 09:17:26 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2010/09/20 09:17:26 | 000,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
[2010/09/20 09:17:26 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
[2010/09/20 09:17:26 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
[2010/09/20 09:17:26 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
[2010/09/20 09:17:26 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2010/09/20 09:17:26 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
[2010/09/20 09:17:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
[2010/09/20 09:17:26 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
[2010/09/20 09:17:26 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2010/09/20 09:17:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
[2010/09/20 09:17:25 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2010/09/20 09:17:25 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2010/09/20 09:17:25 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2010/09/20 09:17:25 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2010/09/20 09:17:25 | 000,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2010/09/20 09:17:24 | 001,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2010/09/20 09:17:24 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
[2010/09/20 09:17:24 | 001,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2010/09/20 09:17:24 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2010/09/20 09:17:24 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2010/09/20 09:17:24 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
[2010/09/20 09:17:24 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2010/09/20 09:17:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2010/09/20 09:17:24 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
[2010/09/20 09:17:24 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
[2010/09/20 09:17:23 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2010/09/20 09:17:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2010/09/20 09:17:22 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2010/09/20 09:17:17 | 002,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2010/09/20 09:17:17 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2010/09/20 09:17:16 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2010/09/20 09:17:16 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2010/09/20 09:17:16 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2010/09/20 09:17:16 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2010/09/20 09:17:16 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2010/09/20 09:17:16 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2010/09/20 09:17:15 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2010/09/20 09:17:15 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2010/09/20 09:17:15 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2010/09/20 09:17:15 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2010/09/20 09:17:15 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2010/09/20 09:17:15 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2010/09/20 09:17:15 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
[2010/09/20 09:17:15 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2010/09/20 09:17:15 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2010/09/20 09:17:14 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2010/09/20 09:17:14 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2010/09/20 09:17:14 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tscupgrd.exe
[2010/09/20 09:17:14 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscupgrd.exe
[2010/09/20 09:17:13 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010/09/20 09:17:13 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010/09/20 09:17:13 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2010/09/20 09:17:13 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2010/09/20 09:17:13 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2010/09/20 09:17:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
[2010/09/20 09:17:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2010/09/20 09:17:12 | 001,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
[2010/09/20 09:17:12 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
[2010/09/20 09:17:12 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010/09/20 09:17:12 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2010/09/20 09:17:12 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2010/09/20 09:17:12 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2010/09/20 09:17:12 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
[2010/09/20 09:17:12 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
[2010/09/20 09:17:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2010/09/20 09:17:12 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2010/09/20 09:17:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2010/09/20 09:17:12 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
[2010/09/20 09:17:12 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2010/09/20 09:17:12 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2010/09/20 09:17:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
[2010/09/20 09:17:12 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2010/09/20 09:17:12 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2010/09/20 09:17:12 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2010/09/20 09:17:12 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2010/09/20 09:17:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2010/09/20 09:17:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2010/09/20 09:17:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2010/09/20 09:17:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2010/09/20 09:17:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
[2010/09/20 09:17:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
[2010/09/20 09:17:11 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2010/09/20 09:17:11 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2010/09/20 09:17:11 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/09/20 09:17:11 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2010/09/20 09:17:11 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/09/20 09:17:11 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2010/09/20 09:17:11 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2010/09/20 09:17:11 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2010/09/20 09:17:11 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2010/09/20 09:17:11 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2010/09/20 09:17:10 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2010/09/20 09:17:09 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2010/09/20 09:17:08 | 002,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2010/09/20 09:17:08 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2010/09/20 09:17:08 | 001,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2010/09/20 09:17:08 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2010/09/20 09:17:08 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/09/20 09:17:08 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2010/09/20 09:17:08 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/09/20 09:17:08 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2010/09/20 09:17:08 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2010/09/20 09:17:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
[2010/09/20 09:17:08 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2010/09/20 09:17:08 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2010/09/20 09:17:08 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
[2010/09/20 09:17:08 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2010/09/20 09:17:08 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010/09/20 09:17:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2010/09/20 09:17:07 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2010/09/20 09:17:07 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2010/09/20 09:17:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2010/09/20 09:17:07 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2010/09/20 09:17:06 | 001,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2010/09/20 09:17:06 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2010/09/20 09:17:06 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2010/09/20 09:17:06 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2010/09/20 09:17:06 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2010/09/20 09:17:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2010/09/20 09:17:06 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2010/09/20 09:17:06 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2010/09/20 09:17:06 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2010/09/20 09:17:06 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2010/09/20 09:17:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2010/09/20 09:17:05 | 001,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2010/09/20 09:17:05 | 000,841,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2010/09/20 09:17:05 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2010/09/20 09:17:03 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
[2010/09/20 09:17:03 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2010/09/20 09:17:03 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
[2010/09/20 09:17:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
[2010/09/20 09:17:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
[2010/09/20 09:17:02 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
[2010/09/20 09:17:02 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2010/09/20 09:17:02 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2010/09/20 09:17:02 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2010/09/20 09:17:02 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2010/09/20 09:17:02 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2010/09/20 09:17:02 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2010/09/20 09:17:02 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2010/09/20 09:17:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2010/09/20 09:17:02 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2010/09/20 09:17:02 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2010/09/20 09:17:02 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2010/09/20 09:17:02 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2010/09/20 09:17:02 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2010/09/20 09:17:02 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
[2010/09/20 09:17:02 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2010/09/20 09:17:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
[2010/09/20 09:17:01 | 000,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2010/09/20 09:17:01 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2010/09/20 09:17:01 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2010/09/20 09:17:01 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2010/09/20 09:17:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
[2010/09/20 09:17:01 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
[2010/09/20 09:17:00 | 000,992,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2010/09/20 09:17:00 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010/09/20 09:16:59 | 003,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2010/09/20 09:16:59 | 001,064,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2010/09/20 09:16:59 | 000,981,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2010/09/20 09:16:59 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010/09/20 09:16:59 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2010/09/20 09:16:59 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2010/09/20 09:16:59 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2010/09/20 09:16:58 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2010/09/20 09:16:58 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2010/09/20 09:16:58 | 001,078,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2010/09/20 09:16:58 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2010/09/20 09:16:58 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2010/09/20 09:16:58 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2010/09/20 09:16:58 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2010/09/20 09:16:58 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2010/09/20 09:16:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2010/09/20 09:16:58 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2010/09/20 09:16:54 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2010/09/20 09:16:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
[2010/09/20 09:16:54 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2010/09/20 09:16:54 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
[2010/09/20 09:16:54 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2010/09/20 09:16:54 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
[2010/09/20 09:16:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2010/09/20 09:16:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2010/09/20 09:16:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2010/09/20 09:16:53 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
[2010/09/20 09:16:53 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2010/09/20 09:16:53 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2010/09/20 09:16:53 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2010/09/20 09:16:53 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2010/09/20 09:16:53 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
[2010/09/20 09:16:53 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2010/09/20 09:16:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
[2010/09/20 09:16:53 | 000,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
[2010/09/20 09:16:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
[2010/09/20 09:16:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
[2010/09/20 09:16:52 | 001,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2010/09/20 09:16:52 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2010/09/20 09:16:52 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2010/09/20 09:16:51 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2010/09/20 09:16:51 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
[2010/09/20 09:16:51 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
[2010/09/20 09:16:51 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2010/09/20 09:16:51 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2010/09/20 09:16:51 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2010/09/20 09:16:51 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2010/09/20 09:16:51 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2010/09/20 09:16:51 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLC.dll
[2010/09/20 09:16:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2010/09/20 09:16:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2010/09/20 09:16:51 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2010/09/20 09:16:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2010/09/20 09:16:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
[2010/09/20 09:16:51 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
[2010/09/20 09:16:50 | 001,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2010/09/20 09:16:50 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2010/09/20 09:16:38 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2010/09/20 09:16:38 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2010/09/20 09:16:38 | 000,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2010/09/20 09:16:38 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2010/09/20 09:16:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2010/09/20 09:16:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
[2010/09/20 09:16:38 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2010/09/20 09:16:37 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2010/09/20 09:16:37 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2010/09/20 09:16:37 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2010/09/20 09:16:37 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2010/09/20 09:16:37 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2010/09/20 09:16:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2010/09/20 09:16:37 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2010/09/20 09:16:37 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2010/09/20 09:16:37 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2010/09/20 09:16:37 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2010/09/20 09:16:37 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2010/09/20 09:16:37 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2010/09/20 09:16:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
[2010/09/20 09:16:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
[2010/09/20 09:13:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2010/09/20 08:22:00 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/09/20 08:21:59 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/09/20 08:21:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/09/20 08:21:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/09/20 08:21:59 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/09/20 08:21:58 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/09/20 08:21:58 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/09/20 08:21:58 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/09/20 08:21:58 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/09/20 08:21:58 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/09/20 08:21:58 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/09/20 08:21:58 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/09/20 08:21:58 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/09/20 08:21:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/09/20 08:21:58 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/09/20 08:21:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/09/20 08:21:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/09/20 08:21:57 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/09/20 08:21:57 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/09/20 08:21:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/09/20 08:21:56 | 002,335,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/09/20 08:21:56 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/09/20 08:21:56 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/09/20 08:18:38 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2010/09/20 08:18:37 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2010/09/20 08:18:37 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2010/09/20 08:18:37 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2010/09/20 08:18:37 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2010/09/20 08:18:37 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2010/09/20 08:18:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2010/09/20 08:18:37 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2010/09/20 08:18:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2010/09/20 08:18:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2010/09/20 08:18:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2010/09/20 08:18:36 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2010/09/20 08:18:36 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2010/09/20 08:18:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2010/09/20 08:18:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2010/09/20 08:18:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2010/09/20 08:18:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2010/09/20 08:18:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/09/20 08:18:36 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2010/09/20 08:18:35 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2010/09/20 08:18:35 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2010/09/20 08:18:35 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2010/09/20 08:18:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2010/09/20 08:18:34 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2010/09/20 08:18:34 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2010/09/20 08:18:34 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2010/09/20 08:18:34 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2010/09/20 08:18:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/09/20 08:18:34 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2010/09/20 08:18:33 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2010/09/20 08:18:33 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2010/09/20 08:18:33 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2010/09/20 08:18:33 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinFXDocObj.exe
[2010/09/20 08:18:33 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2010/09/20 08:18:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2010/09/20 08:18:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2010/09/20 08:18:33 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PDMSetup.exe
[2010/09/20 08:18:33 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2010/09/20 08:18:33 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2010/09/20 08:18:33 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetDepNx.exe
[2010/09/20 08:18:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2010/09/20 08:18:33 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/09/20 08:18:33 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/09/20 08:18:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2010/09/20 08:18:32 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinFXDocObj.exe
[2010/09/20 08:18:32 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2010/09/20 08:18:32 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2010/09/20 08:18:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2010/09/20 08:18:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2010/09/20 08:18:31 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2010/09/20 08:18:31 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2010/09/20 08:18:31 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/09/20 08:18:31 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/09/20 08:18:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2010/09/20 08:18:31 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2010/09/20 08:18:31 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PDMSetup.exe
[2010/09/20 08:18:31 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2010/09/20 08:18:31 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2010/09/20 08:18:31 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetDepNx.exe
[2010/09/19 23:44:02 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/09/19 23:44:02 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/09/19 23:44:02 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/09/19 23:44:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/09/19 23:44:02 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/09/19 23:44:02 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/09/19 23:44:02 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/09/19 23:44:02 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/09/19 23:08:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshhttp.dll
[2010/09/19 23:08:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2010/09/19 23:08:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2010/09/19 23:08:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2010/09/19 22:50:13 | 013,428,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/09/19 22:50:11 | 010,626,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/09/19 22:50:09 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe
[2010/09/19 22:50:09 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2010/09/19 22:50:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2010/09/19 22:50:07 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/09/19 22:50:07 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/09/19 22:50:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2010/09/19 22:50:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2010/09/19 22:50:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2010/09/19 22:50:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2010/09/19 22:50:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2010/09/19 22:49:25 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2010/09/19 22:49:25 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2010/09/19 22:49:18 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010/09/19 22:49:18 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010/09/19 22:49:17 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avifil32.dll
[2010/09/19 22:49:17 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciavi32.dll
[2010/09/19 22:49:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avicap32.dll
[2010/09/19 22:49:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2010/09/19 22:49:16 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010/09/19 22:49:16 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010/09/19 22:49:04 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2010/09/19 22:49:04 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2010/09/19 22:49:03 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2010/09/19 22:49:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2010/09/19 22:49:02 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2010/09/19 22:49:02 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010/09/19 22:49:00 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/09/19 22:48:46 | 001,305,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2010/09/19 22:48:43 | 000,772,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2010/09/19 22:48:43 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2010/09/19 22:48:42 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/09/19 22:48:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/09/19 22:48:39 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2010/09/19 22:48:39 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2010/09/19 22:48:35 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/09/19 22:48:35 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/09/19 22:48:35 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010/09/19 22:48:35 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010/09/19 22:48:35 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/09/19 22:48:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/09/19 22:48:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2010/09/19 22:48:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2010/09/19 22:48:29 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2010/09/19 22:48:28 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2010/09/19 22:47:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010/09/19 22:47:50 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/09/19 22:47:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/09/19 22:47:49 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2010/09/19 22:47:48 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2010/09/19 22:44:33 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/09/19 22:42:52 | 002,900,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2010/09/19 22:42:52 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2010/09/19 22:42:51 | 003,547,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/09/19 22:42:51 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/09/19 22:42:50 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/09/19 22:42:50 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2010/09/19 22:42:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2010/09/19 22:42:50 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2010/09/19 22:42:50 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2010/09/19 22:42:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2010/09/19 22:42:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2010/09/19 22:42:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2010/09/19 22:42:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2010/09/19 22:42:39 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2010/09/19 22:42:39 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NETSTAT.EXE
[2010/09/19 22:42:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2010/09/19 22:42:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ARP.EXE
[2010/09/19 22:42:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRINFO.EXE
[2010/09/19 22:42:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ROUTE.EXE
[2010/09/19 22:42:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2010/09/19 22:42:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2010/09/19 22:42:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2010/09/19 22:42:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2010/09/19 22:42:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2010/09/19 22:42:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\finger.exe
[2010/09/19 22:42:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TCPSVCS.EXE
[2010/09/19 22:42:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HOSTNAME.EXE
[2010/09/19 22:42:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2010/09/19 22:42:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2010/09/19 22:42:38 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2010/09/19 22:41:51 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2010/09/19 22:41:51 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2010/09/19 22:41:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2010/09/19 22:41:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.tlb
[2010/09/19 22:41:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2010/09/19 22:41:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amcompat.tlb
[2010/09/19 22:41:33 | 002,424,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2010/09/19 22:41:32 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2010/09/19 22:41:31 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2010/09/19 22:41:31 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2010/09/19 22:41:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2010/09/19 22:41:31 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2010/09/19 22:41:23 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010/09/19 22:41:22 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2010/09/19 22:41:19 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2010/09/19 22:41:19 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2010/09/19 22:41:19 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2010/09/19 22:41:19 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2010/09/19 22:41:19 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\L2SecHC.dll
[2010/09/19 22:41:19 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2010/09/19 22:41:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2010/09/19 22:41:19 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2010/09/19 22:41:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2010/09/19 22:41:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2010/09/19 22:40:30 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl.dll
[2010/09/19 22:40:27 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
[2010/09/19 22:40:27 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
[2010/09/19 22:40:27 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
[2010/09/19 22:40:27 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2010/09/19 22:40:25 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2010/09/19 22:36:20 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010/09/19 22:36:20 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010/09/19 22:36:14 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010/09/19 22:36:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010/09/19 22:30:02 | 002,621,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2010/09/19 22:30:02 | 000,057,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2010/09/19 22:30:02 | 000,043,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2010/09/19 22:29:53 | 000,700,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2010/09/19 22:29:53 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2010/09/19 22:29:53 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2010/09/19 22:29:53 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2010/09/19 22:29:53 | 000,038,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2010/09/19 22:29:53 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2010/09/19 22:29:47 | 000,185,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2010/09/19 22:29:47 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2010/09/19 22:29:47 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2010/09/19 22:29:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2010/09/19 22:28:05 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Adobe
[2010/09/19 22:05:56 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Google
[2010/09/19 22:05:11 | 000,017,952 | ---- | C] (Acer, Inc.) -- C:\Windows\SysNative\drivers\int15_64.sys
[2010/09/19 22:04:46 | 000,017,952 | ---- | C] (Acer, Inc.) -- C:\Windows\SysWow64\drivers\int15_64.sys
[2010/09/19 22:04:46 | 000,015,392 | ---- | C] (Acer, Inc.) -- C:\Windows\SysWow64\drivers\int15.sys
[2010/09/19 22:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\GATEWAY
[2010/09/19 22:01:21 | 002,210,304 | ---- | C] (Chicony Electronics Co.,Ltd.) -- C:\Windows\SysWow64\CAS screensaver.scr
[2010/09/19 22:01:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Skin
[2010/09/19 22:01:14 | 000,020,520 | ---- | C] (Chicony Electronics Co., Ltd.) -- C:\Windows\SysNative\drivers\UVCFTR_S.SYS
[2010/09/19 22:01:13 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway
[2010/09/19 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\InstallShield
[2010/09/19 22:00:31 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Symantec
[2010/09/19 22:00:16 | 000,000,000 | R--D | C] -- C:\Users\Robin\Searches
[2010/09/19 22:00:08 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Identities
[2010/09/19 22:00:06 | 000,000,000 | R--D | C] -- C:\Users\Robin\Contacts
[2010/09/19 22:00:04 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\VirtualStore
[2010/09/19 21:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Application Data
[2010/09/19 21:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\eBay
[2010/09/19 21:58:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/09/19 21:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/09/19 21:57:59 | 000,000,000 | --SD | C] -- C:\Users\Robin\AppData\Roaming\Microsoft
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Videos
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Saved Games
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Pictures
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Music
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Links
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Favorites
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Downloads
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Documents
[2010/09/19 21:57:59 | 000,000,000 | R--D | C] -- C:\Users\Robin\Desktop
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\AppData\Local\Temporary Internet Files
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Templates
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Start Menu
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\SendTo
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Recent
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\PrintHood
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\NetHood
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Documents\My Videos
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Documents\My Pictures
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Documents\My Music
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\My Documents
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Local Settings
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\AppData\Local\History
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Cookies
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\Application Data
[2010/09/19 21:57:59 | 000,000,000 | -HSD | C] -- C:\Users\Robin\AppData\Local\Application Data
[2010/09/19 21:57:59 | 000,000,000 | -H-D | C] -- C:\Users\Robin\AppData
[2010/09/19 21:57:59 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Temp
[2010/09/19 21:57:59 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Microsoft
[2010/09/19 21:57:59 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Media Center Programs
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/22 07:56:49 | 005,242,880 | -HS- | M] () -- C:\Users\Robin\NTUSER.DAT
[2010/09/22 07:53:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/21 22:10:54 | 000,419,413 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/09/21 22:10:48 | 000,419,413 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100921-221054.backup
[2010/09/21 22:09:57 | 000,419,413 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100921-221048.backup
[2010/09/21 21:52:42 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/09/21 21:45:39 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/21 21:45:39 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/21 21:37:14 | 000,025,088 | ---- | M] () -- C:\Users\Robin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/21 21:32:46 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/09/21 21:31:13 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/09/21 21:27:27 | 000,001,706 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2010/09/21 07:19:51 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/21 07:16:17 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/21 07:16:17 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/21 07:16:17 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/09/21 07:11:28 | 000,102,440 | ---- | M] () -- C:\Users\Robin\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/21 07:10:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/09/21 07:10:25 | 000,387,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/09/21 07:10:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/21 07:10:08 | 4153,323,520 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/20 22:38:07 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/09/20 22:38:06 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/09/20 22:38:06 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/09/20 22:38:00 | 001,844,645 | -H-- | M] () -- C:\Users\Robin\AppData\Local\IconCache.db
[2010/09/20 22:29:38 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010/09/20 22:27:54 | 000,000,808 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100921-220957.backup
[2010/09/20 22:10:15 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2010/09/20 21:23:05 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/09/20 21:22:59 | 000,001,804 | ---- | M] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/20 21:22:59 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 13:53:12 | 000,047,092 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/09/19 22:09:33 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/09/19 22:08:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\Gateway_MC7801U_Rev.1_LXW150X00184142A312500.MRK
[2010/09/19 21:58:19 | 000,016,074 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2010/09/19 21:57:59 | 000,000,020 | -HS- | M] () -- C:\Users\Robin\ntuser.ini
[2010/09/18 20:18:20 | 000,000,020 | ---- | M] () -- C:\Users\Robin\Documents\urcgdict.rcg
[2010/09/18 20:18:20 | 000,000,020 | ---- | M] () -- C:\Users\Robin\Documents\upstdict.pst
[2010/09/15 03:00:00 | 000,136,704 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2010/09/14 17:00:00 | 000,108,032 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/09/14 17:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini
[2010/09/10 18:50:09 | 000,133,679 | ---- | M] () -- C:\Users\Robin\Desktop\gmerscreenshot.jpg
[2010/09/10 18:09:56 | 000,284,915 | ---- | M] () -- C:\Users\Robin\Desktop\gmer(2).zip
[2010/09/10 17:56:44 | 000,525,824 | ---- | M] () -- C:\Users\Robin\Desktop\dds.scr
[2010/09/10 17:54:39 | 000,050,477 | ---- | M] () -- C:\Users\Robin\Desktop\Defogger.exe
[2010/09/09 09:44:06 | 003,107,569 | ---- | M] () -- C:\Users\Robin\Documents\lucky72.wma
[2010/09/06 09:47:32 | 003,359,009 | ---- | M] () -- C:\Users\Robin\Documents\Strength2.wma
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/22 07:08:56 | 000,135,189 | ---- | C] () -- C:\Users\Robin\Documents\Woodchuck.wma
[2010/09/22 07:08:56 | 000,126,209 | ---- | C] () -- C:\Users\Robin\Documents\Weather.wma
[2010/09/22 07:08:55 | 019,495,102 | ---- | C] () -- C:\Users\Robin\Documents\vlc-1.1.0-win32.exe
[2010/09/22 07:08:55 | 003,704,739 | ---- | C] () -- C:\Users\Robin\Documents\Strength.wma
[2010/09/22 07:08:55 | 003,359,009 | ---- | C] () -- C:\Users\Robin\Documents\Strength2.wma
[2010/09/22 07:08:55 | 000,884,224 | ---- | C] () -- C:\Users\Robin\Documents\Synopsis.doc
[2010/09/22 07:08:55 | 000,166,619 | ---- | C] () -- C:\Users\Robin\Documents\Seashells.wma
[2010/09/22 07:08:55 | 000,059,904 | ---- | C] () -- C:\Users\Robin\Documents\Protomen Father of Death.doc
[2010/09/22 07:08:55 | 000,024,576 | ---- | C] () -- C:\Users\Robin\Documents\Valentines Day in America.doc
[2010/09/22 07:08:55 | 000,024,576 | ---- | C] () -- C:\Users\Robin\Documents\The History.doc
[2010/09/22 07:08:55 | 000,024,064 | ---- | C] () -- C:\Users\Robin\Documents\Valentine.doc
[2010/09/22 07:08:55 | 000,000,020 | ---- | C] () -- C:\Users\Robin\Documents\urcgdict.rcg
[2010/09/22 07:08:55 | 000,000,020 | ---- | C] () -- C:\Users\Robin\Documents\upstdict.pst
[2010/09/22 07:08:54 | 003,587,999 | ---- | C] () -- C:\Users\Robin\Documents\Perseverance.wma
[2010/09/22 07:08:54 | 003,345,539 | ---- | C] () -- C:\Users\Robin\Documents\lucky 7.wma
[2010/09/22 07:08:54 | 003,107,569 | ---- | C] () -- C:\Users\Robin\Documents\lucky72.wma
[2010/09/22 07:08:54 | 000,104,448 | ---- | C] () -- C:\Users\Robin\Documents\hetalia pics.doc
[2010/09/22 07:08:54 | 000,090,289 | ---- | C] () -- C:\Users\Robin\Documents\Leather.wma
[2010/09/22 07:08:54 | 000,034,816 | ---- | C] () -- C:\Users\Robin\Documents\Cinnamon buns.doc
[2010/09/22 07:08:54 | 000,000,771 | ---- | C] () -- C:\Users\Robin\Documents\My Sharing Folders.lnk
[2010/09/22 07:08:53 | 043,498,469 | ---- | C] () -- C:\Users\Robin\Documents\B's Log.rar
[2010/09/22 07:08:53 | 000,033,280 | ---- | C] () -- C:\Users\Robin\Documents\Answers from American Students.doc
[2010/09/22 07:08:52 | 005,323,300 | ---- | C] () -- C:\Users\Robin\Documents\12 The Creation of Man.mp3
[2010/09/22 07:08:52 | 000,526,426 | ---- | C] () -- C:\Users\Robin\Documents\‹S’{Šá‹ľ.jpg
[2010/09/21 21:56:52 | 000,191,488 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2010/09/21 21:56:52 | 000,136,704 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2010/09/21 21:55:59 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/21 21:55:59 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/21 21:55:57 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/09/21 21:55:57 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/09/21 21:55:57 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/09/21 21:55:57 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010/09/21 21:53:36 | 000,525,824 | ---- | C] () -- C:\Users\Robin\Desktop\dds.scr
[2010/09/21 21:53:36 | 000,293,376 | ---- | C] () -- C:\Users\Robin\Desktop\gmer.exe
[2010/09/21 21:53:36 | 000,284,915 | ---- | C] () -- C:\Users\Robin\Desktop\gmer(2).zip
[2010/09/21 21:53:36 | 000,133,679 | ---- | C] () -- C:\Users\Robin\Desktop\gmerscreenshot.jpg
[2010/09/21 21:53:36 | 000,115,200 | ---- | C] () -- C:\Users\Robin\Desktop\manual alphabet.doc
[2010/09/21 21:53:36 | 000,050,477 | ---- | C] () -- C:\Users\Robin\Desktop\Defogger.exe
[2010/09/21 21:53:33 | 074,335,024 | ---- | C] () -- C:\Users\Robin\Desktop\Castle_Falkenstein_-_Core_Rules.pdf
[2010/09/21 21:53:33 | 000,000,642 | ---- | C] () -- C:\Users\Robin\Desktop\µTorrent.lnk
[2010/09/21 21:52:42 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/09/21 21:42:39 | 000,000,407 | ---- | C] () -- C:\Users\Robin\Desktop\Ya know it - Shortcut.lnk
[2010/09/21 21:36:03 | 000,025,088 | ---- | C] () -- C:\Users\Robin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/21 21:32:46 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/09/21 21:31:13 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/09/21 21:27:27 | 000,001,706 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2010/09/21 07:19:51 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/20 22:10:15 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2010/09/20 21:23:05 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/09/20 21:22:59 | 000,001,804 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/20 21:22:59 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 09:18:34 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2010/09/20 09:18:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/09/20 09:18:16 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2010/09/20 09:18:16 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2010/09/20 09:18:06 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2010/09/20 09:17:59 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2010/09/20 09:17:58 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2010/09/20 09:17:58 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/09/20 09:17:49 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex
[2010/09/20 09:17:49 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex
[2010/09/20 09:17:48 | 003,662,128 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2010/09/20 09:17:48 | 003,662,128 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2010/09/20 09:17:16 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/09/20 09:17:16 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2010/09/20 09:17:16 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010/09/20 09:17:16 | 000,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin
[2010/09/20 09:17:14 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2010/09/20 09:17:02 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2010/09/20 09:16:54 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2010/09/20 09:16:54 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2010/09/20 09:16:53 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2010/09/20 09:16:53 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2010/09/20 08:21:58 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2010/09/20 08:21:58 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2010/09/19 22:41:20 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2010/09/19 22:08:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Gateway_MC7801U_Rev.1_LXW150X00184142A312500.MRK
[2010/09/19 22:05:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/09/19 22:05:11 | 000,585,216 | ---- | C] () -- C:\Windows\SysNative\INT15_64.dll
[2010/09/19 21:58:22 | 4153,323,520 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/19 21:58:19 | 000,016,074 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2010/09/19 21:57:59 | 005,242,880 | -HS- | C] () -- C:\Users\Robin\NTUSER.DAT
[2010/09/19 21:57:59 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/09/19 21:57:59 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/09/19 21:57:59 | 000,262,144 | -H-- | C] () -- C:\Users\Robin\ntuser.dat.LOG1
[2010/09/19 21:57:59 | 000,065,536 | -HS- | C] () -- C:\Users\Robin\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/09/19 21:57:59 | 000,000,258 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/09/19 21:57:59 | 000,000,240 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/09/19 21:57:59 | 000,000,020 | -HS- | C] () -- C:\Users\Robin\ntuser.ini
[2010/09/19 21:57:59 | 000,000,000 | -H-- | C] () -- C:\Users\Robin\ntuser.dat.LOG2
[2008/01/21 11:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/21 11:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/21 11:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/21 11:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 20:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 18:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 18:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 18:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTOR.SYS >
[2008/07/21 09:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/07/21 09:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 11:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2008/01/21 11:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 00:11:18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/21 11:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008/01/21 11:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2008/01/21 11:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 11:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/21 11:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 00:11:24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

========== Files - Unicode (All) ==========
[2010/09/21 21:53:32 | 000,000,000 | ---D | M](C:\Users\Robin\Desktop\?) -- C:\Users\Robin\Desktop\本
[2010/09/21 21:50:26 | 000,000,000 | ---D | C](C:\Users\Robin\Desktop\?) -- C:\Users\Robin\Desktop\本
[2010/09/21 21:50:05 | 000,000,000 | ---D | M](C:\Users\Robin\Desktop\???) -- C:\Users\Robin\Desktop\マンガ
[2010/09/21 21:45:09 | 000,000,000 | ---D | C](C:\Users\Robin\Desktop\???) -- C:\Users\Robin\Desktop\マンガ
< End of report >


Extra.txt

OTL Extras logfile created on: 9/22/2010 7:57:30 AM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = D:\downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 50.14 Gb Free Space | 50.14% Space Free | Partition Type: NTFS
Drive D: | 188.09 Gb Total Space | 19.80 Gb Free Space | 10.53% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBIN-PC
Current User Name: Robin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2088641259-3898254991-544340045-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 5B C7 AE C3 5D 58 CB 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05ED9163-0AE2-41AB-8D1B-9938E8C9AC4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{884124E7-F441-4346-8C59-4B267D19AF7A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8F3C3B57-A8D7-4902-B595-65093EC24B19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13812642-54C6-4000-BA90-17A5F3115DD9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{317A555C-2C42-4B4A-ABFD-E3C878C8629B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{34E78024-1C90-4A5C-88F5-86937F52C0D9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{55FE43EA-C07B-496A-BEB4-E2BB0D2D2355}" = dir=in | app=c:\program files (x86)\msn messenger\livecall.exe |
"{566E081B-8CD3-4ABE-9C2B-ED9EA95C327E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{81921956-95EC-47B9-8D75-83F2DF5236D2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8CD3AF5C-C28F-4871-8F9D-7F3629B9D1E8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9D21048A-86F1-4570-9163-EB8668940898}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D27591C6-B87F-46EB-A20B-3AAC9AFFBB1B}" = dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe |
"{E3A51904-E576-4580-8104-9EBB3C3D3C12}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F3C61854-EE1D-4B45-B19C-0A73E0A2FE10}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2B8AD1EE-28D4-42FF-AE4B-856E5862D583}" = ccCommon64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{399D00B8-46E3-4547-A0F5-75F58079F2CD}" = SymNet x64
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
"{A6F1A083-4B12-47E8-9954-E4820C9A65C2}" = O2Micro Flash Memory Card Reader Driver (x64)
"{BD927EB7-78D3-4DC4-9325-7CBD89D8F0E5}" = GearDrvs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D75B1A1F-BBEC-4DF2-ACE4-9B166438A621}" = Symantec Real Time Storage Protection Component (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"HDMI" = Intel® Graphics Media Accelerator Driver
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.9.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"PowerISO" = PowerISO
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"WildTangent gateway Master Uninstall" = Gateway Games
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/19/2010 9:12:05 AM | Computer Name = Robin-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 9/19/2010 9:30:39 AM | Computer Name = Robin-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =


< End of report >


#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:32 AM

Posted 23 September 2010 - 04:39 PM

Hi,

if you have restored the PC to factory settings and the problem persists this is most likely not a malware but a hardware issue. Did the freezing return?

The reason gmer wouldn't run is because the utility is not compatible with 64bit OS. That's normal and expected behaviour.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:08:32 AM

Posted 30 September 2010 - 08:18 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users