Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojans


  • This topic is locked This topic is locked
41 replies to this topic

#1 kymberly

kymberly

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 26 October 2010 - 09:00 PM

I need help in getting my computer back to nomal here. I don't believe it can be done because of all back door trojans I have had in the past. They have installed their nasty self in my hp games and I keep getting them back. I have mcafee which I think is a waste but I won't go there. I have Avira which I think is good! Sometimes I can update and sometimes I cant. I am sure the trojans have
Virus or unwanted program 'APPL/Agent.8192.WS [program]'
detected in file 'C:\Users\MY STARS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X4Z4M34F\saSetup64[1].exe.
Action performed: Deny access
pdate of computer KIMSTHANG-PC (127.0.0.1) by http://perspeak.avira-update.com/update failed.
An error occurred while downloading.
No new files loaded.
The file 'D:\hp\apps\APP30950\src\install\games\wheeloffortune-setup.exe'
contained a virus or unwanted program 'DR/Mail.Blen.YS' [dropper]
Action(s) taken:
The file was moved to the quarantine directory under the name '4eb2fd16.qua'.
The file 'C:\hp\bin\KillIt.exe'
contained a virus or unwanted program 'APPL/KillApp.A' [program]
Action(s) taken:
The file was moved to the quarantine directory under the name '5622d2b2.qua'.


Here is a copy of my WinPatrol

WinPatrol Report Log

Report created by WinPatrol [FREE Edition] version 19.0.2010.0:19.0.2010.0 at 1:08:42 AM, on 10/18/2010

Platform: Windows Vista Home Edition (Build 6000)
Browser: Windows® Internet Explorer - Internet Explorer version 7.00.6000.16386
Memory currently in use: 63%

MSIE: Internet Explorer (7.00.6000.16386)
IE Cookie Path: C:\Users\Kim's Thang\AppData\Roaming\Microsoft\Windows\Cookies\low\

HKLM Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKCU Start Page = http://www.att.net/
HKLM Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Presario&pf=desktop

WinLogon Shell=Explorer.exe
WinLogon UserInit=C:\Windows\system32\userinit.exe,


Startup Programs
Active Tasks
Scheduled Tasks
IE Helpers
File Types
Services <BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• Startup Programs •

TkBellExe

realsched.exe -osboot RealNetworks Scheduler
Version: 0.1.1.1119 Copyright © RealNetworks, Inc. 1995-2009
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


WinPatrol [FREE Edition]

winpatrol.exe -expressboot WinPatrol System Monitor
Version: 19.0.2010.0 Copyright © 1997- 2010 BillP Studios
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


avgnt

avgnt.exe /min Antivirus System Tray Tool
Version: 10.00.13.17 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min
First Detected by WinPatrol: 10/18/2010 0:58 AM
Click for Plus Info


Launcher

launcher.exe
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
Path: %WINDIR%\SMINST\launcher.exe
Click for Plus Info


Secunia PSI

psi.exe Secunia PSI
Version: 1.5.0.2 Copyright © Secunia 2007-2010. All rights reserved.
Location: Windows Startup Group
Path: C:\Program Files\Secunia\PSI\psi.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Winlogon Userinit

userinit.exe Userinit Logon Application
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit
Path: C:\Windows\System32\userinit.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Winlogon Shell

Explorer.exe Windows Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
Path: Explorer.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


WebCheck

webcheck.dll Web Site Monitor
Version: 7.00.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Path: C:\Windows\System32\webcheck.dll
First Detected by WinPatrol: 10/18/2010 0:49 AM
7.00.6000.16386
Click for Plus Info


Component Categories cache daemon

browseui.dll Shell Browser UI Library
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
Path: C:\Windows\System32\browseui.dll
First Detected by WinPatrol: 10/18/2010 0:49 AM
6.0.6000.16386
Click for Plus Info


Component Categories cache daemon


Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• Delayed Start •



• Active Tasks •

Desktop Window Manager

dwm.exe Desktop Window Manager
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\dwm.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Windows Explorer

explorer.exe Windows Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\explorer.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Task Scheduler Engine

taskeng.exe Task Scheduler Engine
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\taskeng.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


RealNetworks Scheduler

REALSCHED.EXE RealNetworks Scheduler
Version: 0.1.1.1119 Copyright © RealNetworks, Inc. 1995-2009
Path: C:\PROGRAM FILES\COMMON FILES\Real\UPDATE_OB\REALSCHED.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


launch2

launch2.exe
Path: C:\Users\KIM'S THANG\Desktop\launch2.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


AutoRun

7c5657.exe AutoRun
Version: 2.60.0.06221 Copyright © 2005 Doctor Web, Ltd.
Path: C:\Users\KIM'S THANG\AppData\Local\temp\BD8973CF-41ED0EFE-16E90037-15470157\7c5657.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


efebe_xp

efebe_xp.exe
Path: C:\Users\KIM'S THANG\AppData\Local\temp\BD8973CF-41ED0EFE-16E90037-15470157\efebe_xp.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Internet Explorer

ieuser.exe Internet Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\PROGRAM FILES\INTERNET EXPLORER\ieuser.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Adobe® Flash® Player Installer/Uninstaller 10.1 r85

FLASHUTIL10K_ACTIVEX.EXE Adobe® Flash® Player Installer/Uninstaller 10.1 r85
Version: 10,1,85,3 Copyright © 1996-2010 Adobe, Inc.
Path: C:\Windows\System32\Macromed\Flash\FLASHUTIL10K_ACTIVEX.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Windows Update

wuauclt.exe Windows Update
Version: 7.4.7600.226 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\wuauclt.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


Internet Explorer

iexplore.exe Internet Explorer
Version: 7.00.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\PROGRAM FILES\INTERNET EXPLORER\iexplore.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


WinPatrol [FREE Edition]

WINPATROL.EXE WinPatrol System Monitor
Version: 19.0.2010.0 Copyright © 1997- 2010 BillP Studios
Path: C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


WinPatrol [FREE Edition]

WINPATROLEX.EXE WinPatrol Explorer
Version: 19.0.2010.0 Copyright © 2004-2010 BillP Studios
Path: C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


AVIRA_ANTIVIR_PERSONAL_EN

AVIRA_ANTIVIR_PERSONAL_EN.EXE
Path: C:\Users\KIM'S THANG\Desktop\AVIRA_ANTIVIR_PERSONAL_EN.EXE
First Detected by WinPatrol: 10/18/2010 0:55 AM
Click for Plus Info


presetup

presetup.exe Version: 10.00.00.05 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\Users\Kim's Thang\AppData\Local\temp\RarSFX0\presetup.exe
First Detected by WinPatrol: 10/18/2010 0:55 AM
Click for Plus Info


setup

setup.exe Version: 10.00.00.29 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\Users\Kim's Thang\AppData\Local\temp\RarSFX0\setup.exe
First Detected by WinPatrol: 10/18/2010 0:55 AM
Click for Plus Info


Antivirus System Tray Tool

avgnt.exe Antivirus System Tray Tool
Version: 10.00.13.17 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avgnt.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info


Configuration Panel

avconfig.exe Configuration Panel
Version: 10.00.13.15 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avconfig.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info


Antivirus Control Center

avcenter.exe Antivirus Control Center
Version: 10.00.12.28 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avcenter.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info


On-Demand Scanner

avscan.exe On-Demand Scanner
Version: 10.00.03.00 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avscan.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• Scheduled Tasks •

Secunia PSI Logon Task.job

psi.exe Secunia PSI
Version: 1.5.0.2 Copyright © Secunia 2007-2010. All rights reserved.
Path: C:\Program Files\Secunia\PSI\psi.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Never
Location: "HKLM\"
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• IE Helpers •

AcroIEHelper Library

AcroIEHelper.dll Adobe PDF Helper for Internet Explorer
Version: 8.0.0.2006102200 Copyright 1984-2006 Adobe Systems Incorporated and its licensors. All rights reserved.
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
First Detected by WinPatrol: 10/18/2010 0:49 AM
8.0.0.2006102200
Click for Plus Info


Send to OneNote


C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll,103
Click for Plus Info


Research


C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• File Types •

Video Clip

wmplayer.exe /prefetch:8 /Open %L Windows Media Player
Version: 11.0.6000.6353 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
.AVI
Startup Type: WMP11.AssocFile.AVI
Click for Plus Info


Windows Batch File

%1 %*
Path: %1 %*
.BAT
Startup Type: batfile
Click for Plus Info


Cabinet File

Explorer.exe /idlist,%I,%L Windows Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\Explorer.exe /idlist,%I,%L
.CAB
Startup Type: CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
Click for Plus Info


Security Catalog

rundll32.exe cryptext.dll,CryptExtOpenCAT %1 Windows host process (Rundll32)
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCAT %1
.CAT
Startup Type: CATFile
Click for Plus Info


Compiled HTML Help file

hh.exe %1 Microsoft® HTML Help Executable
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\hh.exe %1
.CHM
Startup Type: chm.file
Click for Plus Info


MS-DOS Application

%1 %*
Path: %1 %*
.COM
Startup Type: ComFile
Click for Plus Info


Windows Command Script

%1 %*
Path: %1 %*
.CMD
Startup Type: cmdfile
Click for Plus Info


Microsoft Office Word 97 - 2003 Document

WINWORD.EXE /n /dde Microsoft Office Word
Version: 12.0.6425.1000 © 2006 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
.DOC
Startup Type: Word.Document.8
Click for Plus Info


Internet E-Mail Message

WinMail.exe /eml:%1 Windows Mail
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Mail\WinMail.exe /eml:%1
.EML
Startup Type: Microsoft Internet Mail Message
Click for Plus Info


Application

%1 %*
Path: %1 %*
.EXE
Startup Type: exefile
Click for Plus Info


Setup Information

NOTEPAD.EXE %1 Notepad
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\NOTEPAD.EXE %1
.INF
Startup Type: inffile
Click for Plus Info


JScript Script File

WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.JS
Startup Type: JSFile
Click for Plus Info


Text Document

NOTEPAD.EXE %1 Notepad
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\system32\NOTEPAD.EXE %1
.LOG
Startup Type: txtfile
Click for Plus Info


Windows Installer Package

msiexec.exe /i %1 %* Windows® installer
Version: 4.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\msiexec.exe /i %1 %*
.MSI
Startup Type: Msi.Package
Click for Plus Info


MIDI Sequence

wmplayer.exe /Open %L Windows Media Player
Version: 11.0.6000.6353 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
.MID
Startup Type: WMP11.AssocFile.MIDI
Click for Plus Info


rhapsody.ex

rhapsody.exe %1
Path: C:\PROGRA~1\Rhapsody\rhapsody.exe %1
.MP3
Startup Type:
Click for Plus Info


Shortcut to MS-DOS Program

%1 %*
Path: %1 %*
.PIF
Startup Type: piffile
Click for Plus Info


RealPlayer Presentation

RealPlay.exe %1 RealPlayer
Version: 12.0.0.879 Copyright © RealNetworks, Inc. 1995-2009
Path: c:\program files\real\realplayer\\RealPlay.exe %1
.RAM
Startup Type: RealPlayer.RAM.6
Click for Plus Info


Registration Entries

regedit.exe %1 Registry Editor
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: regedit.exe %1
.REG
Startup Type: regfile
Click for Plus Info


Rich Text Format

WINWORD.EXE /n /dde Microsoft Office Word
Version: 12.0.6425.1000 © 2006 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
.RTF
Startup Type: Word.RTF.8
Click for Plus Info


Screen Saver

%1 /S
Path: %1 /S
.SCR
Startup Type: scrfile
Click for Plus Info


Text Document

NOTEPAD.EXE %1 Notepad
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\system32\NOTEPAD.EXE %1
.TXT
Startup Type: txtfile
Click for Plus Info


Windows host process (Rundll32)

rundll32.exe ieframe.dll,OpenURL %l Windows host process (Rundll32)
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: rundll32.exe ieframe.dll,OpenURL %l
.URL
Startup Type: Windows host process (Rundll32)
Click for Plus Info


VBScript Script File

WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.VBS
Startup Type: VBSFile
Click for Plus Info


VBScript Encoded File

WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.VBE
Startup Type: VBEFile
Click for Plus Info


Windows Script File

WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.WSF
Startup Type: WSFFile
Click for Plus Info


Windows Script Host Settings File

WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.WSH
Startup Type: WSHFile
Click for Plus Info


Microsoft Office Excel 97-2003 Worksheet

EXCEL.EXE /e Microsoft Office Excel
Version: 12.0.6545.5000 © 2006 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE /e
.XLS
Startup Type: Excel.Sheet.8
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• Services •

sched.exe

Antivirus Scheduler
Version: 10.00.00.17 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\sched.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Service to schedule Avira AntiVir Personal - Free Antivirus jobs and updates.
Created: 10/18/2010 0:57 AM
Accessed: 10/18/2010 0:57 AM
Written: 02/24/2010 10:28 AM
File Size: 135,336 Bytes
Click for Plus Info


avguard.exe

Antivirus On-Access Service
Version: 10.00.01.44 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avguard.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Offers permanent protection against viruses and malware with the AntiVir search engine.
Created: 10/18/2010 0:57 AM
Accessed: 10/18/2010 0:57 AM
Written: 04/01/2010 1:33 PM
File Size: 267,432 Bytes
Click for Plus Info


APPMGMTS.DLL


Path: C:\WINDOWS\SYSTEM32\APPMGMTS.DLL
Created:
Accessed:
Written:
File Size: Bytes
Click for Plus Info


IDriverT.exe

IDriverT Module
Version: 10.50 Copyright © 2004 Macrovision Corporation
Path: C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\Driver\1050\Intel 32\IDriverT.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Provides support for the Running Object Table for InstallShield Drivers
Created: 10/22/2004 4:24 AM
Accessed: 10/14/2010 5:03 PM
Written: 10/22/2004 4:24 AM
File Size: 73,728 Bytes
Click for Plus Info


LSSrvc.exe

© Copyright 2003-2006 Hewlett-Packard Development Company, LP
Path: C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSrvc.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work.
Created: 01/17/2007 12:20 AM
Accessed: 10/14/2010 5:11 PM
Written: 01/17/2007 12:20 AM
File Size: 61,440 Bytes
Click for Plus Info


ROXMEDIADB9.EXE

RoxMediaDB9 Module
Copyright © 1994-2005 Sonic Solutions
Path: C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\9.0\SHAREDCOM\ROXMEDIADB9.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Roxio RoxMediaDB9 Service
Created: 03/26/2007 2:21 PM
Accessed: 10/14/2010 5:08 PM
Written: 03/26/2007 2:21 PM
File Size: 887,544 Bytes
Click for Plus Info


stllssvr.exe

SureThing Labelflash Disc Printer Service Module
Version: 1.2.560 Copyright © 1999-2004 MicroVision Development, Inc. All rights reserved.
Path: C:\PROGRAM FILES\COMMON FILES\SURETHING SHARED\stllssvr.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Created: 03/08/2007 7:54 PM
Accessed: 10/14/2010 5:10 PM
Written: 03/08/2007 7:54 PM
File Size: 74,656 Bytes
Click for Plus Info


XAudio.exe

Modem Audio Service
Version: 1.00.15.00 Copyright© Conexant Systems, Inc. 2006-2007
Path: C:\Windows\System32\drivers\XAudio.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
User-mode gate for Modem Speakerphone
Created: 10/18/2007 7:37 AM
Accessed: 10/18/2007 7:37 AM
Written: 10/18/2007 7:37 AM
File Size: 386,560 Bytes
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• Hidden Files •

boo

bootmgr
Path: C:\bootmgr
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


hiberfil

hiberfil.sys
Path: C:\hiberfil.sys
Click for Plus Info


pagefile

pagefile.sys
Path: C:\pagefile.sys
Click for Plus Info


7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D0

7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
Path: C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D0

7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
Path: C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


BCD-Template

BCD-Template.LOG
Path: C:\Windows\System32\config\BCD-Template.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


BCD-Template.

BCD-Template.LOG1
Path: C:\Windows\System32\config\BCD-Template.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


BCD-Template.

BCD-Template.LOG2
Path: C:\Windows\System32\config\BCD-Template.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


COMPONENTS

COMPONENTS.LOG
Path: C:\Windows\System32\config\COMPONENTS.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


COMPONENTS.

COMPONENTS.LOG2
Path: C:\Windows\System32\config\COMPONENTS.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


DEFAULT

DEFAULT.LOG
Path: C:\Windows\System32\config\DEFAULT.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


DEFAULT.

DEFAULT.LOG2
Path: C:\Windows\System32\config\DEFAULT.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SAM

SAM.LOG
Path: C:\Windows\System32\config\SAM.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SAM.

SAM.LOG2
Path: C:\Windows\System32\config\SAM.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SECURITY

SECURITY.LOG
Path: C:\Windows\System32\config\SECURITY.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SECURITY.

SECURITY.LOG1
Path: C:\Windows\System32\config\SECURITY.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SECURITY.

SECURITY.LOG2
Path: C:\Windows\System32\config\SECURITY.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SOFTWARE

SOFTWARE.LOG
Path: C:\Windows\System32\config\SOFTWARE.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SOFTWARE.

SOFTWARE.LOG1
Path: C:\Windows\System32\config\SOFTWARE.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SOFTWARE.

SOFTWARE.LOG2
Path: C:\Windows\System32\config\SOFTWARE.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SYSTEM

SYSTEM.LOG
Path: C:\Windows\System32\config\SYSTEM.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SYSTEM.

SYSTEM.LOG1
Path: C:\Windows\System32\config\SYSTEM.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


SYSTEM.

SYSTEM.LOG2
Path: C:\Windows\System32\config\SYSTEM.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


desktop

desktop.ini
Path: C:\Windows\System32\desktop.ini
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info


103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8At

103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.1_#101015_N10DE03EF_Z14F12F20_G10DE03D0.MRK
Path: C:\Windows\System32\drivers\103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.1_#101015_N10DE03EF_Z14F12F20_G10DE03D0.MRK
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

• ActiveX •

VistaWUWebControl Class

wuwebv.dll Windows Update Vista Web Control
Version: 7.4.7600.226 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\wuwebv.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
7.4.7600.226
Click for Plus Info


Windows Media Player

wmp.dll Windows Media Player
Version: 11.0.6000.6353 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\wmp.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
11.0.6000.6353
Click for Plus Info


Microsoft Web Browser

ieframe.dll Internet Explorer
Version: 7.00.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\ieframe.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
7.00.6000.16386
Click for Plus Info


Shockwave Flash Object

Flash10k.ocx Adobe Flash Player 10.1 r85
Version: 10,1,85,3 Path: C:\Windows\System32\Macromed\Flash\Flash10k.ocx
First Detected by WinPatrol: 10/18/2010 0:58 AM
10,1,85,3
Click for Plus Info


XML HTTP Request

msxml3.dll MSXML 3.0 SP10
Version: 8.100.1048.0 Copyright © Microsoft Corporation. 1981-2007
Path: C:\Windows\System32\msxml3.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
8.100.1048.0
Click for Plus Info


XML HTTP

msxml3.dll MSXML 3.0 SP10
Version: 8.100.1048.0 Copyright © Microsoft Corporation. 1981-2007
Path: C:\Windows\System32\msxml3.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
8.100.1048.0
Click for Plus Info

<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

Also, I have noticed that when I download antivirus or spyware program my (NETOPIA) light does not flash, but just as soon as the program is over it flashes constantly. I believe that my network may have been hijacked! I am not for sure be when I close down the internet the lights on the modem are constantly flashing and never turns off.

I have ran Dr. Web and it has found numerous infections!

Also I mistakenly found a crash report don't know if it will help or not
5000
1287865275
OffDiag12
3442c419-5d35-460e-bde7-d3b73a63c5044d3408b6-ae3d-4068-87e5-7e47223ecdd1

1001
1287865244
1443077619
5
OffDiag12
None
972661412
3442c419-5d35-460e-bde7-d3b73a63c5044d3408b6-ae3d-4068-87e5-7e47223ecdd1










C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\4156755.od
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\CrashHangs.log
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\DiskErrors.log
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\od.cvr
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\OfficeDiagnostics.log
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\OfficeSessions.log
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\SetupDiagnostics.xml
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\smart.xml
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\systemaudit.log
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\SystemRestore.wql
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report134b7253\WindowsInstaller.log
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report065f8508

5000
1287865239
OffDiag12
3442c419-5d35-460e-bde7-d3b73a63c5044d3408b6-ae3d-4068-87e5-7e47223ecdd1

1001
1287864947
2060312392
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=2060312392
0
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
00006398



C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report150e8076\3798717.cvr
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report150e8076\3798811.od
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report150e8076\WERFF45.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report150e8076\3533219.od
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report150e8076\CVRE955.tmp.cvr
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report150e8076\WER159.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report1202fbbd

1000
1287864882
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
00006398
574
01cb72ee4c9dfba0

1001
1287864613
2060746742
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=2060746742
0
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e



C:\Users\MY STARS\AppData\Local\temp\3505670.cvr
C:\Users\MY STARS\AppData\Local\temp\3505748.od
C:\Users\MY STARS\AppData\Local\temp\WER8517.tmp.version.txt
C:\Users\MY STARS\AppData\Local\temp\3436561.od
C:\Users\MY STARS\AppData\Local\temp\CVR6FC3.tmp.cvr
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0b79e0ed

1000
1287864589
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e
c2c
01cb72ee13a78640

1000
1287864495
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e
f30
01cb72ec765c4d40

1001
1287538742
137703136
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
hdacpc.inf
e0bc5feeb7cf3ddd9cca65a28c9449f94fd99c44
IntcAzAudModel
{4d36e96c-e325-11ce-bfc1-08002be10318}





C:\Windows\Temp\DMI57D9.tmp.log.xml
C:\Windows\inf\oem35.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03eb5e77

1001
1287538479
243625087
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
machine.inf
b547e44eec5c5d9781811f8cc30d249f18a7f6c9
SWENUM
{4D36E97D-E325-11CE-BFC1-08002BE10318}





C:\Windows\Temp\DMI52D9.tmp.log.xml
C:\Windows\inf\machine.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03f758dc

1001
1287538370
259981504
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
machine.inf
b547e44eec5c5d9781811f8cc30d249f18a7f6c9
PCI_DRV_ROOT
{4D36E97D-E325-11CE-BFC1-08002BE10318}





C:\Windows\Temp\DMI9E96.tmp.log.xml
C:\Windows\inf\machine.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03f5b09c

1001
1287538221
558107448
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
machine.inf
53285b10261504c61daac4ebcc3f3c3abf3140b5
NO_DRV_MBRES
{4D36E97D-E325-11CE-BFC1-08002BE10318}





C:\Windows\Temp\DMI684A.tmp.log.xml
C:\Windows\inf\machine.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03f36a59

1001
1287538193
506195155
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
machine.inf
53285b10261504c61daac4ebcc3f3c3abf3140b5
NO_DRV_X
{4D36E97D-E325-11CE-BFC1-08002BE10318}





C:\Windows\Temp\DMIF72F.tmp.log.xml
C:\Windows\inf\machine.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03f2fd26

1001
1287537364
198134668
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
volume.inf
320e4c83ab586a3c09901fb8eb62405a73a1c92c
volume_install
{71A27CDD-812A-11D0-BEC7-08002BE2092F}





C:\Windows\Temp\DMI56AB.tmp.log.xml
C:\Windows\inf\volume.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03c658cc

1001
1287537271
137703136
5
PnPDriverInstallErrorServicing
None
0
x86
00000005
hdacpc.inf
e0bc5feeb7cf3ddd9cca65a28c9449f94fd99c44
IntcAzAudModel
{4d36e96c-e325-11ce-bfc1-08002be10318}





C:\Windows\Temp\DMIDE21.tmp.log.xml
C:\Windows\inf\oem35.inf
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report03c4ed8c

1001
1287533176
2060312392
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=2060312392
0
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
00006398



C:\Users\MY STARS\AppData\Local\temp\6107563.od
C:\Users\MY STARS\AppData\Local\temp\CVR311F.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WER40A9.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report073a6f38

1000
1287533164
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
00006398
f64
01cb6fea6b95a01b

1001
1287533093
2060264569
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=2060264569
0
WINWORD.EXE
12.0.6545.5000
4c653e57
kernel32.dll
6.0.6000.16820
49952034
e0000002
0001b09e



C:\Users\MY STARS\AppData\Local\temp\5183476.od
C:\Users\MY STARS\AppData\Local\temp\CVR17E4.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WERF393.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0e952981

1000
1287533078
WINWORD.EXE
12.0.6545.5000
4c653e57
kernel32.dll
6.0.6000.16820
49952034
e0000002
0001b09e
530
01cb6fe845f7530b

1001
1287532170
2147530389
1
APPCRASH
None
0
WINWORD.EXE
12.0.6545.5000
4c653e57
comctl32.dll
6.10.6000.16386
4549bd09
c0000005
00068883



C:\Users\MY STARS\AppData\Local\temp\4567506.od
C:\Users\MY STARS\AppData\Local\temp\CVRB1C2.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WERAE59.tmp.version.txt
C:\Users\MY STARS\AppData\Local\temp\WERBFA8.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\temp\WERC15E.tmp.hdmp
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report096f1758

1000
1287532143
WINWORD.EXE
12.0.6545.5000
4c653e57
comctl32.dll
6.10.6000.16386
4549bd09
c0000005
00068883
ef0
01cb6fe6d6db774b

1001
1287531583
2147536224
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=-2147431072&Cab=09723DA1C969467698F24C6BF97AE647.cab
968259265
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
00012c88



C:\Users\MY STARS\AppData\Local\temp\4448087.od
C:\Users\MY STARS\AppData\Local\temp\CVRDF57.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WER8ED7.tmp.version.txt
C:\Users\MY STARS\AppData\Local\temp\WERA20B.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\temp\WERA3E0.tmp.mdmp
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0e42203d

1000
1287531480
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
00012c88
e98
01cb6fe68fa6958b

1001
1287531192
2060746742
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=2060746742
0
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e



C:\Users\MY STARS\AppData\Local\temp\4127349.od
C:\Users\MY STARS\AppData\Local\temp\CVRFA75.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WER7668.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report092c2896

1000
1287531146
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e
658
01cb6fe5d06e581b

1001
1287531114
2147530389
1
APPCRASH
None
0
WINWORD.EXE
12.0.6545.5000
4c653e57
comctl32.dll
6.10.6000.16386
4549bd09
c0000005
00068883



C:\Users\MY STARS\AppData\Local\temp\3508056.od
C:\Users\MY STARS\AppData\Local\temp\CVR8758.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WER81DD.tmp.version.txt
C:\Users\MY STARS\AppData\Local\temp\WER8ED8.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\temp\WER9205.tmp.mdmp
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0e22f98b

1000
1287531083
WINWORD.EXE
12.0.6545.5000
4c653e57
comctl32.dll
6.10.6000.16386
4549bd09
c0000005
00068883
f40
01cb6fe45f57024b

1001
1287530405
1430155860
5
AppHangB1
None
0
WINWORD.EXE
12.0.6545.5000
4c653e57
0847
0






C:\Users\MY STARS\AppData\Local\temp\WERD5E5.tmp.version.txt
C:\Users\MY STARS\AppData\Local\temp\CVR9176.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\3379590.od
C:\Users\MY STARS\AppData\Local\temp\WEREC82.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report00a82819

1001
1287530369
2060746742
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=2060746742
0
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e



C:\Users\MY STARS\AppData\Local\temp\2619865.od
C:\Users\MY STARS\AppData\Local\temp\CVRF9C9.tmp.cvr
C:\Users\MY STARS\AppData\Local\temp\WER58BA.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0a138d22

1000
1287530350
WINWORD.EXE
12.0.6545.5000
4c653e57
PROPSYS.dll
6.0.6000.16386
4549bd96
c0000005
0000358e
b0c
01cb6fe247cab29b

1001
1287384670
505653636
5
PCA2
None
0
avira_antivir_personal_en[1].exe
0.0.0.0
avira_antivir_personal_en[1].exe
unknown
unknown
1
2




C:\Users\Kim's Thang\AppData\Local\temp\{0152f186-edbe-472c-9833-e55aac43057c}\appcompat.txt
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0d9da8dc

1001
1287383812
1927003096
1
APPCRASH
http://oca.microsoft.com/resredir.aspx?SID=95&iBucketTable=1&iBucket=1927003096
0
iexplore.exe
7.0.6000.16386
4549b133
StackHash_1703
0.0.0.0
00000000
c0000096
00240a11



C:\Users\Kim's Thang\AppData\Local\temp\WER76B5.tmp.version.txt
C:\Users\Kim's Thang\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0ccc90ba

1000
1287383802
iexplore.exe
7.0.6000.16386
4549b133
unknown
0.0.0.0
00000000
c0000096
00240a11
f84
01cb6e8cf3cd622c

1001
1287383581
12237623
5
ServiceHang
None
0
SENS
sens.dll
6.0.6000.16386
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report07662b15\WER27AB.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report07662b15\WER27BC.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report04290b65

1001
1287383580
12237623
5
ServiceHang
None
0
SENS
sens.dll
6.0.6000.16386
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0765ea1f\WERE974.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0765ea1f\WERE984.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report042909c0

1001
1287383580
12237623
5
ServiceHang
None
0
SENS
sens.dll
6.0.6000.16386
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report06c5e8a9\WERE53F.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report06c5e8a9\WERE550.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0429080b

1001
1287383580
12237623
5
ServiceHang
None
0
SENS
sens.dll
6.0.6000.16386
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report06be1aef\WER18CD.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report06be1aef\WER18CE.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report042906d3

1001
1287383579
66168112
5
ServiceHang
None
0
Dhcp
dhcpcsvc.dll
6.0.6000.16512
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report052e0a9a\WER2EC.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report052e0a9a\WER30D.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report042905ab

1001
1287383579
66168112
5
ServiceHang
None
0
Dhcp
dhcpcsvc.dll
6.0.6000.16512
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report04f75d5b\WER5A20.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report04f75d5b\WER5A31.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report042904a1

1001
1287383579
66168112
5
ServiceHang
None
0
Dhcp
dhcpcsvc.dll
6.0.6000.16512
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report04ab2fe5\WER2CF8.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report04ab2fe5\WER2D19.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0429034a

1001
1287383578
11835441
5
PnPDriverInstallError
None
0
x86
000005B4
volsnap.inf
e111cead736d87266c5fa25ea4e42ba4e750e378
volume_snapshot_install






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report035609df\DMIEE06.tmp.log.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report035609df\volsnap.inf
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report035609df\WERF057.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report035609df\WER56E.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report04290157

1001
1287383578
66168112
5
ServiceHang
None
0
Dhcp
dhcpcsvc.dll
6.0.6000.16512
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report02176dcf\WER6BFB.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report02176dcf\WER6C0C.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0428ff93

1001
1287359252
11620690
5
RADAR_PRE_LEAK_32
None
0
iexplore.exe
7.0.6000.16386
6.0.6000.2.0.0








C:\Users\MY STARS\AppData\Local\temp\RDRA9F5.tmp\empty.txt


1001
1287341734
1093422016
5
WindowsUpdateFailure
None
0
7.4.7600.226
80070005
8D26A8D7-DE99-4B67-BE19-8BA75EC06C63
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b8e4b

1001
1287341734
711956084
5
WindowsUpdateFailure
None
0
7.4.7600.226
80070005
1A0AA998-93C5-4188-B758-C91C029BA3B0
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b8cf4

1001
1287341733
1034605293
5
WindowsUpdateFailure
None
0
7.4.7600.226
80070005
864873A4-ABB3-4469-B506-58EF2E543097
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b8ab3

1001
1287341733
787779889
5
WindowsUpdateFailure
None
0
7.4.7600.226
80070005
659EB9B7-F1D2-42CF-8BB2-34FE8C92E3F1
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b891d

1001
1287341731
552315575
5
WindowsWcpAIFailure3
None
0
6.0.6002
Task Scheduler
32
Install (servicing down)
80041315
x86_microsoft-windows-n..essprotection-agent_31bf3856ad364e35_none_b47bcb716e3cd77f
Servicing rollback
unknown
NormalBoot


C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\WER204C.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fb94421\WER37C3.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b8150

1001
1287341730
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\WERFDFD.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0fac2589\WER1536.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b7cbe

1001
1287341729
732576350
5
WindowsUpdateFailure
None
0
7.4.7600.226
80246005
D33D91D5-99CD-4EF3-AAC6-5CC523C1E685
Download
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b7b86

1001
1287341729
702518837
5
WindowsUpdateFailure
None
0
7.4.7600.226
80246005
6D9E51F5-CFA0-4DC3-86D8-5019D6F115B3
Download
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b7a7d

1001
1287341728
552315441
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xdf9d9167





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\WERCE66.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0f19ee35\WERE946.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b7465

1001
1287341727
739929213
5
WindowsUpdateFailure
None
0
7.4.7600.226
80070005
7A25C7EC-3798-4413-A493-57A259D18959
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b734c

1001
1287341726
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\WER7905.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0edc8b9b\WER89B9.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b6c2b

1001
1287341724
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\WERBB3.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e30272f\WER254C.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b6680

1001
1287341723
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\WERBEFA.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e17d6ed\WERD52A.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b60d5

1001
1287341720
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\WERCD6C.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e08e9c2\WERE6B7.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b58bb

1001
1287341719
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\WER6190.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0de47d59\WER7A8D.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b536d

1001
1287341717
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\WER9CCB.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0dd6af03\WERABE9.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b4c7b

1001
1287341716
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\WER3A8.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db320b9\WER1BBB.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b470e

1001
1287341715
11619830
5
ServiceHang
None
0
SharedAccess
ipnathlp.dll
6.0.6000.16386
20
2






C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0da6bdc2\WERAA33.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0da6bdc2\WERAA43.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b4328

1001
1287341713
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\WERC486.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d94dc3a\WERD9DB.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b3dcb

1001
1287341712
552315441
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xdf9d9167





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\WERAACF.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d8ac5be\WERC0A1.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b3820

1001
1287341710
552315479
5
WindowsWcpAIFailure3
None
0
6.0.6002
Task Scheduler
32
Install (servicing up)
80041315
x86_microsoft-windows-r..ement-client-v1-api_31bf3856ad364e35_none_f62953cc067c70f4
Servicing
unknown
NormalBoot


C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\WER8111.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d66a227\WERA064.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b317c

1001
1287341709
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\WER6C3.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d523b5a\WER2BF0.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b2cea

1001
1287341708
552315441
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xdf9d9167





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\WERAC45.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3ec245\WERC062.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b28e4

1001
1287341707
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\WER4549.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d335a8d\WER56A8.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b2452

1001
1287341705
552315441
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xdf9d9167





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\WER864E.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d2ea8db\WER9702.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b1c18

1001
1287341704
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\WEREEC1.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8f1026\WERD4A.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b16fa

1001
1287341702
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\WER6325.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c877e53\WER7C03.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b0fe8

1001
1287341700
516851823
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x57278eac





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\WER7464.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c4db0d7\WERAAD0.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b0a0f

1001
1287341698
552315515
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x4b1ffb05





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\WER867D.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c08a85f\WERA563.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045b032c

1001
1287341697
552315515
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x4b1ffb05





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\WEREE25.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b98006d\WERFEB9.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045afd72

1001
1287341696
552315491
5
CbsPackageServicingFailure
None
0
6.0.6002.18005
VistaSP1-KB936330~31bf3856ad364e35~x86~~6.0.0.18000
80041315
AI
Staged
Installed





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b4e39b5\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b4e39b5\cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b4e39b5\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b4e39b5\setupapi.dev.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b4e39b5\windowsupdate.log
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045af67f

1001
1287341692
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\WER25F7.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b054356\WER4116.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045aebe5

1001
1287341692
748627353
5
WindowsUpdateFailure
None
0
7.4.7600.226
80200053
D33D91D5-99CD-4EF3-AAC6-5CC523C1E685
Download
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045aea4f

1001
1287341690
552315515
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x4b1ffb05





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\WER4930.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08fc6538\WER6317.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045ae37c

1001
1287341689
516851815
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::Install
123
80041315
0xed67e97a





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\WER9E80.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08cbbde2\WERBB53.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045add35

1001
1287341687
552315515
5
WindowsWcpOtherFailure3
None
0
6.0.6002
base\wcp\cmiadapter\installers.cpp
Windows::WCP::CmiAdapter::CMIWrapperBasicInstaller::ResolveAndInvokeInstaller
356
80041315
0x4b1ffb05





C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\pending.xml
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\poqexec.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\CBS.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\Cbs.persist.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\SCM.EVM
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\FilterList.log
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\WERF6EB.tmp.hdmp
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08870b27\WER954.tmp.mdmp
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045ad845

1001
1287341687
702518837
5
WindowsUpdateFailure
None
0
7.4.7600.226
80246005
6D9E51F5-CFA0-4DC3-86D8-5019D6F115B3
Download
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045ad6bf

1001
1287341687
751757017
5
WindowsUpdateFailure
None
0
7.4.7600.226
80041315
66F16258-9D3B-4353-8765-E55E803151D0
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045ad52a

1001
1287341686
764150002
5
WindowsUpdateFailure
None
0
7.4.7600.226
80070005
A0A8E6CE-D9E2-4C88-86CA-4414490660B6
Install
101
Unmanaged





C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report045ad394

1001
1287268821
1195744051
5
AppHangB1
None
0
psi.exe
1.5.0.2
4bff9c98
0011
0






C:\Users\Kim's Thang\AppData\Local\temp\WERB98F.tmp.version.txt
C:\Users\Kim's Thang\AppData\Local\temp\WERD50B.tmp.appcompat.txt
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report02caec80

1001
1287213636
12088521
5
AppHangB1
None
0
iexplore.exe
7.0.6000.16386
4549b133
4463
4






C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report142ae511\WERAC27.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report142ae511\WERB829.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report142ae511\iexplore.exe.hu.kdmp
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report142ae511\iexplore.exe.xml
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report04da7810

1001
1287206373
11620690
5
RADAR_PRE_LEAK_32
None
0
iexplore.exe
7.0.6000.16386
6.0.6000.2.0.0








C:\Users\MY STARS\AppData\Local\temp\RDRA352.tmp\empty.txt


1001
1287203749
18375905
5
AppHangB1
None
0
iexplore.exe
7.0.6000.16386
4549b133
c77b
4






C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report0f752b06\WER5744.tmp.version.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report0f752b06\WERD940.tmp.appcompat.txt
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report0f752b06\iexplore.exe.hu.kdmp
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report0f752b06\iexplore.exe.xml
C:\Users\MY STARS\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report11cb9c6e




Edited by kymberly, 26 October 2010 - 09:02 PM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:31 PM

Posted 05 November 2010 - 08:10 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    hlp.dat
    winlogon.exe
    wininit.exe
    explorer.exe
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 11 November 2010 - 08:01 PM

I cant post information here Myrti please help.

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:31 PM

Posted 12 November 2010 - 03:32 AM

Hi,

how long is the log? Did you only try today or have you had that issue for several days? Are you getting redirected on google?

The detections in HP games might be so called False Positives. Wrong detections of healthy files. Can you please try to upload the log and attach it?

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:08 AM

No, I have been trying for at least 2 days. If you go to my snippets I was able to post something there.

#6 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:26 AM

OTL logfile created on: 11/13/2010 12:07:38 AM - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\MY STARS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.30 Gb Total Space | 235.29 Gb Free Space | 81.33% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 1.14 Gb Free Space | 13.01% Space Free | Partition Type: NTFS

Computer Name: KIMSTHANG-PC | User Name: Kim's Thang | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/07 15:32:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MY STARS\Desktop\OTL.exe
PRC - [2010/11/06 23:53:14 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/06 23:53:13 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/06 23:53:13 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/10/17 22:44:17 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe

PRC - [2010/10/17 21:21:12 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/01 09:54:56 | 000,329,096 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/06/10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe


========== Modules (SafeList) ==========

MOD - [2010/11/07 15:32:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MY STARS\Desktop\OTL.exe
MOD - [2010/08/31 09:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2009/01/23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/11/06 23:53:14 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/06 23:53:13 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

#7 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:27 AM

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\1083.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\KIM'ST~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/11/06 23:53:14 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/06 23:53:14 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/07/15 15:18:22 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2010/07/07 08:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/05/26 10:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/02/24 07:13:40 | 000,494,368 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/10/30 19:01:10 | 009,803,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/11 12:38:14 | 002,324,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:04:16 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/03/19 07:58:50 | 000,101,672 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 03:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 03:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corpor

#8 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:29 AM

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: HPAdvisor - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe File not found
MsConfig - StartUpReg: hpsysdrv - hkey= - key= - c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: KBD - hkey= - key= - C:\hp\KBD\KbdStub.exe ()
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: NvSvc - hkey= - key= - File not found
MsConfig - StartUpReg: OsdMaestro - hkey= - key= - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

#9 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:30 AM

========== Files/Folders - Created Within 30 Days ==========

[2010/10/30 14:03:41 | 000,000,000 | ---D | C] -- C:\ea8bb3d703cda74d897809
[2010/10/30 14:03:12 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/10/29 22:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/27 16:14:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/10/26 17:46:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/10/26 17:46:20 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/10/26 17:43:32 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\McAfee
[2010/10/25 20:41:22 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/10/25 20:41:21 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/10/25 18:57:04 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\MigWiz
[2010/10/25 15:30:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/10/25 15:15:24 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SAVRKBootTasks.sys
[2010/10/25 13:31:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/25 12:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/10/24 14:02:32 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/10/24 14:02:02 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/10/24 14:01:58 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/24 14:01:57 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/24 14:01:50 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/24 14:01:29 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/10/24 14:01:28 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/10/24 14:01:06 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/10/23 18:35:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/10/23 18:19:01 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/23 18:17:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/23 18:13:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/10/23 18:10:23 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/10/23 18:09:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2010/10/23 18:07:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/10/23 18:05:36 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/23 18:00:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2010/10/23 17:59:22 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2010/10/23 17:59:22 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2010/10/23 17:59:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2010/10/23 17:59:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2010/10/23 17:59:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2010/10/23 17:59:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2010/10/23 17:59:18 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2010/10/23 17:59:18 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2010/10/23 17:59:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2010/10/23 17:59:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2010/10/23 17:59:09 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2010/10/23 17:59:09 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2010/10/23 17:59:09 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2010/10/23 17:59:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2010/10/23 17:59:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2010/10/23 17:54:58 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/10/23 17:53:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/10/23 17:53:54 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/10/23 17:52:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/10/23 17:52:02 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/10/23 17:51:59 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/10/23 17:51:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/10/23 17:51:59 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/10/23 17:51:58 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/10/23 17:51:58 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/10/23 17:51:58 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/10/23 17:51:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/10/23 17:51:57 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/10/23 17:51:57 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/10/23 17:51:57 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/10/23 17:51:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/10/23 17:51:57 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/10/23 17:51:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/10/23 17:51:57 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/10/23 17:51:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/10/23 17:51:56 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/10/23 17:51:56 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/10/23 17:51:56 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/10/23 17:51:56 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/10/23 17:51:56 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/10/23 17:51:56 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/10/23 17:50:52 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/10/23 17:49:14 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/10/23 17:49:14 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/10/23 17:49:10 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/10/23 17:49:09 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/10/23 17:49:09 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/10/23 17:46:21 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/23 17:45:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/10/23 17:40:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/10/23 17:40:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/10/23 17:36:34 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/23 17:36:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/23 17:36:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/10/23 17:36:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/23 17:36:32 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/23 17:36:32 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/23 17:36:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/23 17:36:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/23 17:36:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/23 17:36:30 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/23 17:36:30 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/23 17:36:30 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/23 17:36:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/23 17:36:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/23 17:36:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/23 17:36:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/23 17:36:28 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/23 17:34:45 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/10/23 17:34:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/10/23 17:34:45 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/10/23 17:34:44 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/10/23 17:34:44 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/10/23 17:34:44 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/10/23 17:34:44 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/10/23 17:34:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/10/23 17:34:43 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/10/23 17:34:43 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/10/23 17:34:43 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/10/23 17:34:42 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/10/23 17:34:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/10/23 17:34:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/10/23 17:34:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/10/23 17:34:40 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/10/23 17:34:39 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/10/23 17:34:38 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/10/23 17:34:38 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/10/23 17:34:37 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/10/23 17:34:37 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/10/23 17:34:37 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/10/23 17:34:37 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/10/23 17:33:27 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/10/23 17:33:27 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/10/23 17:33:27 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/10/23 17:32:38 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/10/23 17:32:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/10/23 17:32:37 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/10/23 15:49:05 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010/10/23 14:48:15 | 000,054,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010/10/23 14:48:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/10/23 14:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/10/23 14:46:17 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/10/23 14:05:57 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/10/23 14:05:57 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys
[2010/10/23 14:05:57 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/10/23 14:05:18 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2010/10/23 14:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/10/23 14:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/10/23 14:03:38 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/10/23 13:54:30 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys
[2010/10/23 13:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/10/23 13:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/10/19 21:35:56 | 000,000,000 | ---D | C] -- C:\dc6247bf281231d109c2b8ef22
[2010/10/19 18:27:00 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/10/19 18:26:48 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/10/19 18:26:47 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2010/10/19 18:26:47 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/10/19 18:26:43 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/10/19 18:26:31 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/10/19 18:26:29 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2010/10/19 18:26:29 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/10/19 18:26:27 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/10/19 18:26:26 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2010/10/19 18:26:24 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2010/10/19 18:26:24 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/10/19 18:26:23 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/10/19 18:26:23 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2010/10/19 18:26:23 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2010/10/19 18:26:20 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2010/10/19 18:26:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/10/19 18:26:19 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2010/10/19 18:26:17 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/10/19 18:26:17 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2010/10/19 18:26:17 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/10/19 18:26:16 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/10/19 18:26:14 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/10/19 18:26:13 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/10/19 18:26:13 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/10/19 18:26:12 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/10/19 18:26:12 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2010/10/19 18:26:10 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/10/19 18:26:10 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/10/19 18:26:09 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/10/19 18:26:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2010/10/19 18:26:08 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2010/10/19 18:26:07 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/10/19 18:26:07 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/10/19 18:26:07 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/10/19 18:26:06 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/10/19 18:26:06 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/10/19 18:26:06 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2010/10/19 18:26:05 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/10/19 18:26:05 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/10/19 18:26:04 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/10/19 18:26:03 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/10/19 18:26:03 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/10/19 18:26:02 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2010/10/19 18:25:57 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/10/19 18:25:56 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/10/19 18:25:56 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/10/19 18:25:56 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/10/19 18:25:56 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/10/19 18:25:56 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2010/10/19 18:25:55 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2010/10/19 18:25:54 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/10/19 18:25:54 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2010/10/19 18:25:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2010/10/19 18:25:54 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2010/10/19 18:25:53 | 001,208,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/10/19 18:25:53 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/10/19 18:25:52 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/10/19 18:25:51 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2010/10/19 18:25:51 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/10/19 18:25:50 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/10/19 18:25:50 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2010/10/19 18:25:48 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/10/19 18:25:48 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
[2010/10/19 18:25:47 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/10/19 18:25:46 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/10/19 18:25:46 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/10/19 18:25:45 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/10/19 18:25:45 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/10/19 18:25:45 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/10/19 18:25:45 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/10/19 18:25:45 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2010/10/19 18:25:45 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/10/19 18:25:45 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/10/19 18:25:44 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/10/19 18:25:44 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/10/19 18:25:44 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2010/10/19 18:25:43 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/10/19 18:25:43 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/10/19 18:25:43 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/10/19 18:25:42 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/10/19 18:25:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2010/10/19 18:25:41 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/10/19 18:25:41 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2010/10/19 18:25:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/10/19 18:25:41 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2010/10/19 18:25:41 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/10/19 18:25:40 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/10/19 18:25:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/10/19 18:25:36 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2010/10/19 18:25:36 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/10/19 18:25:35 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2010/10/19 18:25:35 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/10/19 18:25:34 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/10/19 18:25:34 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/10/19 18:25:33 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/10/19 18:25:33 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2010/10/19 18:25:33 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2010/10/19 18:25:32 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/10/19 18:25:32 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2010/10/19 18:25:32 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/10/19 18:25:31 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2010/10/19 18:25:31 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/10/19 18:25:31 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2010/10/19 18:25:31 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/10/19 18:25:29 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/10/19 18:25:29 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/10/19 18:25:29 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/10/19 18:25:29 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2010/10/19 18:25:29 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2010/10/19 18:25:28 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2010/10/19 18:25:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/10/19 18:25:27 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/10/19 18:25:27 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/10/19 18:25:27 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/10/19 18:25:27 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2010/10/19 18:25:27 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/10/19 18:25:26 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2010/10/19 18:25:26 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/10/19 18:25:26 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/10/19 18:25:25 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/10/19 18:25:25 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2010/10/19 18:25:19 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/10/19 18:25:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2010/10/19 18:25:18 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/10/19 18:25:18 | 000,242,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/10/19 18:25:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/10/19 18:25:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/10/19 18:25:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/10/19 18:25:17 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2010/10/19 18:25:17 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/10/19 18:25:17 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/10/19 18:25:17 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/10/19 18:25:17 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/10/19 18:25:17 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/10/19 18:25:16 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/10/19 18:25:16 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2010/10/19 18:25:15 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/10/19 18:25:15 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/10/19 18:25:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2010/10/19 18:25:15 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2010/10/19 18:25:14 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2010/10/19 18:25:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/10/19 18:25:13 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/10/19 18:25:13 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2010/10/19 18:25:12 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2010/10/19 18:25:12 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/10/19 18:25:12 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/10/19 18:25:11 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010/10/19 18:25:10 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2010/10/19 18:25:10 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/10/19 18:25:09 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/10/19 18:25:08 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2010/10/19 18:25:08 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/10/19 18:25:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/10/19 18:25:07 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/10/19 18:25:06 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/10/19 18:25:06 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2010/10/19 18:25:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/10/19 18:25:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/10/19 18:25:04 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/10/19 18:25:04 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/10/19 18:25:04 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/10/19 18:25:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2010/10/19 18:25:04 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/10/19 18:25:03 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2010/10/19 18:25:03 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/10/19 18:25:03 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/10/19 18:25:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2010/10/19 18:25:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2010/10/19 18:25:02 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2010/10/19 18:25:02 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/10/19 18:25:02 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/10/19 18:25:02 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2010/10/19 18:25:02 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/10/19 18:25:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010/10/19 18:25:01 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/10/19 18:25:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/10/19 18:25:01 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2010/10/19 18:25:00 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2010/10/19 18:25:00 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/10/19 18:25:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/10/19 18:25:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2010/10/19 18:24:59 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2010/10/19 18:24:59 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll
[2010/10/19 18:24:58 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/10/19 18:24:58 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/10/19 18:24:58 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2010/10/19 18:24:58 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/10/19 18:24:58 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2010/10/19 18:24:58 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2010/10/19 18:24:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2010/10/19 18:24:57 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2010/10/19 18:24:57 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/10/19 18:24:57 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2010/10/19 18:24:56 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2010/10/19 18:24:56 | 001,186,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2010/10/19 18:24:56 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/10/19 18:24:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2010/10/19 18:24:56 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/10/19 18:24:56 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/10/19 18:24:56 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2010/10/19 18:24:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2010/10/19 18:24:56 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2010/10/19 18:24:55 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/10/19 18:24:55 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2010/10/19 18:24:55 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2010/10/19 18:24:55 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/10/19 18:24:55 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/10/19 18:24:54 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2010/10/19 18:24:53 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/10/19 18:24:53 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/10/19 18:24:53 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2010/10/19 18:24:53 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/10/19 18:24:52 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2010/10/19 18:24:52 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2010/10/19 18:24:52 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2010/10/19 18:24:52 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/10/19 18:24:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/10/19 18:24:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2010/10/19 18:24:51 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2010/10/19 18:24:51 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/10/19 18:24:51 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/10/19 18:24:51 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/10/19 18:24:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/10/19 18:24:50 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/10/19 18:24:49 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2010/10/19 18:24:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/10/19 18:24:48 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/10/19 18:24:48 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/10/19 18:24:48 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2010/10/19 18:24:48 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/10/19 18:24:48 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/10/19 18:24:48 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2010/10/19 18:24:47 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2010/10/19 18:24:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/10/19 18:24:47 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/10/19 18:24:46 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2010/10/19 18:24:46 | 000,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
[2010/10/19 18:24:46 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/10/19 18:24:45 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2010/10/19 18:24:45 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2010/10/19 18:24:45 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/10/19 18:24:45 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/10/19 18:24:44 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2010/10/19 18:24:44 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2010/10/19 18:24:44 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2010/10/19 18:24:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2010/10/19 18:24:43 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/10/19 18:24:43 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/10/19 18:24:43 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2010/10/19 18:24:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2010/10/19 18:24:42 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/10/19 18:24:41 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll
[2010/10/19 18:24:41 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2010/10/19 18:24:40 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/10/19 18:24:40 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/10/19 18:24:40 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2010/10/19 18:24:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2010/10/19 18:24:38 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/10/19 18:24:38 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/10/19 18:24:38 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/10/19 18:24:38 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys

#10 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:32 AM

[2010/10/19 18:24:38 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2010/10/19 18:24:37 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2010/10/19 18:24:37 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2010/10/19 18:24:36 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/10/19 18:24:36 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/10/19 18:24:28 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/10/19 18:24:26 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2010/10/19 18:24:26 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010/10/19 18:24:26 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/10/19 18:24:25 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2010/10/19 18:24:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2010/10/19 18:24:24 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll
[2010/10/19 18:24:24 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/10/19 18:24:24 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2010/10/19 18:24:23 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/10/19 18:24:20 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2010/10/19 18:24:17 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2010/10/19 18:24:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/10/19 18:24:15 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2010/10/19 18:24:14 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/10/19 18:24:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/10/19 18:24:13 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2010/10/19 18:24:13 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/10/19 18:24:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2010/10/19 18:24:13 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2010/10/19 18:24:13 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2010/10/19 18:24:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
[2010/10/19 18:24:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/10/19 18:24:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/10/19 18:24:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/10/19 18:24:12 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/10/19 18:24:11 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/10/19 18:24:11 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2010/10/19 18:24:11 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2010/10/19 18:24:10 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
[2010/10/19 18:24:10 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2010/10/19 18:24:10 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2010/10/19 18:24:10 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/10/19 18:24:09 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/10/19 18:24:09 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/10/19 18:24:09 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/10/19 18:24:08 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2010/10/19 18:24:08 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/10/19 18:24:08 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/10/19 18:24:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2010/10/19 18:24:07 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2010/10/19 18:24:07 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/10/19 18:24:07 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2010/10/19 18:24:07 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
[2010/10/19 18:24:06 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/10/19 18:24:06 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2010/10/19 18:24:06 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2010/10/19 18:24:06 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2010/10/19 18:24:06 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2010/10/19 18:24:06 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2010/10/19 18:24:06 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/10/19 18:24:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/10/19 18:24:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2010/10/19 18:24:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2010/10/19 18:24:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/10/19 18:24:04 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2010/10/19 18:24:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2010/10/19 18:24:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/10/19 18:24:03 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2010/10/19 18:24:03 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2010/10/19 18:24:02 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/10/19 18:24:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2010/10/19 18:24:01 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/10/19 18:24:01 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/10/19 18:24:01 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2010/10/19 18:24:01 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2010/10/19 18:24:01 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/10/19 18:23:59 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/10/19 18:23:59 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/10/19 18:23:59 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
[2010/10/19 18:23:59 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2010/10/19 18:23:59 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/10/19 18:23:59 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/10/19 18:23:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/10/19 18:23:58 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/10/19 18:23:57 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/10/19 18:23:57 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2010/10/19 18:23:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2010/10/19 18:23:57 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/10/19 18:23:57 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll
[2010/10/19 18:23:57 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2010/10/19 18:23:56 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2010/10/19 18:23:56 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2010/10/19 18:23:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/10/19 18:23:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2010/10/19 18:23:56 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2010/10/19 18:23:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2010/10/19 18:23:56 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/10/19 18:23:55 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/10/19 18:23:54 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/10/19 18:23:54 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2010/10/19 18:23:54 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/10/19 18:23:53 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/10/19 18:23:53 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2010/10/19 18:23:53 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/10/19 18:23:52 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/10/19 18:23:52 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
[2010/10/19 18:23:52 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2010/10/19 18:23:52 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/10/19 18:23:52 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll
[2010/10/19 18:23:51 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/10/19 18:23:51 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2010/10/19 18:23:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2010/10/19 18:23:50 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/10/19 18:23:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/10/19 18:23:50 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2010/10/19 18:23:49 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/10/19 18:23:49 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2010/10/19 18:23:48 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/10/19 18:23:48 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010/10/19 18:23:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2010/10/19 18:23:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2010/10/19 18:23:48 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2010/10/19 18:23:48 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2010/10/19 18:23:47 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2010/10/19 18:23:47 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/10/19 18:23:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
[2010/10/19 18:23:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2010/10/19 18:23:45 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/10/19 18:23:45 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/10/19 18:23:45 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2010/10/19 18:23:45 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/10/19 18:23:45 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/10/19 18:23:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2010/10/19 18:23:44 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/10/19 18:23:44 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2010/10/19 18:23:44 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/10/19 18:23:44 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
[2010/10/19 18:23:44 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/10/19 18:23:44 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2010/10/19 18:23:44 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/10/19 18:23:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasqec.dll
[2010/10/19 18:23:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll
[2010/10/19 18:23:43 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/10/19 18:23:43 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/10/19 18:23:43 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/10/19 18:23:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2010/10/19 18:23:42 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/10/19 18:23:42 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/10/19 18:23:42 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/10/19 18:23:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/10/19 18:23:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/10/19 18:23:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/10/19 18:23:41 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/10/19 18:23:41 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/10/19 18:23:41 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/10/19 18:23:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/10/19 18:23:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2010/10/19 18:23:40 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/10/19 18:23:40 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/10/19 18:23:40 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2010/10/19 18:23:39 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2010/10/19 18:23:39 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2010/10/19 18:23:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2010/10/19 18:23:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2010/10/19 18:23:36 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/10/19 18:23:36 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/10/19 18:23:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/10/19 18:23:35 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2010/10/19 18:23:35 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/10/19 18:23:35 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2010/10/19 18:23:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2010/10/19 18:23:34 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2010/10/19 18:23:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/10/19 18:23:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2010/10/19 18:23:32 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2010/10/19 18:23:32 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2010/10/19 18:23:31 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/10/19 18:23:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2010/10/19 18:23:30 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/10/19 18:23:29 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2010/10/19 18:23:29 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/10/19 18:23:29 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/10/19 18:23:29 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/10/19 18:23:28 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/10/19 18:23:28 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/10/19 18:23:28 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/10/19 18:23:28 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2010/10/19 18:23:28 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2010/10/19 18:23:28 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2010/10/19 18:23:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2010/10/19 18:23:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/10/19 18:23:28 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2010/10/19 18:23:27 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/10/19 18:23:27 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/10/19 18:23:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2010/10/19 18:23:27 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2010/10/19 18:23:27 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/10/19 18:23:27 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/10/19 18:23:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2010/10/19 18:23:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2010/10/19 18:23:26 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/10/19 18:23:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
[2010/10/19 18:23:25 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/10/19 18:23:25 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2010/10/19 18:23:25 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/10/19 18:23:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2010/10/19 18:23:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2010/10/19 18:23:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/10/19 18:23:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2010/10/19 18:23:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/10/19 18:23:24 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2010/10/19 18:23:24 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2010/10/19 18:23:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/10/19 18:23:24 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2010/10/19 18:23:23 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2010/10/19 18:23:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2010/10/19 18:23:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2010/10/19 18:23:23 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2010/10/19 18:23:22 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/10/19 18:23:22 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2010/10/19 18:23:22 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/10/19 18:23:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2010/10/19 18:23:22 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2010/10/19 18:23:21 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2010/10/19 18:23:21 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2010/10/19 18:23:21 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2010/10/19 18:23:21 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2010/10/19 18:23:21 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/10/19 18:23:20 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2010/10/19 18:23:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2010/10/19 18:23:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2010/10/19 18:23:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
[2010/10/19 18:23:19 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/10/19 18:23:19 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2010/10/19 18:23:19 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/10/19 18:23:19 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/10/19 18:23:19 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2010/10/19 18:23:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2010/10/19 18:23:18 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/10/19 18:23:18 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/10/19 18:23:18 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2010/10/19 18:23:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/10/19 18:23:17 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/10/19 18:23:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/10/19 18:23:17 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2010/10/19 18:23:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2010/10/19 18:23:17 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/10/19 18:23:17 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2010/10/19 18:23:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/10/19 18:23:16 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2010/10/19 18:23:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2010/10/19 18:23:16 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/10/19 18:23:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2010/10/19 18:23:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2010/10/19 18:23:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2010/10/19 18:23:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2010/10/19 18:23:15 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/10/19 18:23:15 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2010/10/19 18:23:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/10/19 18:23:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2010/10/19 18:23:13 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2010/10/19 18:23:13 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2010/10/19 18:23:12 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2010/10/19 18:23:06 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2010/10/19 18:23:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2010/10/19 18:23:05 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/10/19 18:23:05 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2010/10/19 18:23:01 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010/10/19 18:23:00 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2010/10/19 18:23:00 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2010/10/19 18:23:00 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2010/10/19 18:22:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010/10/19 18:22:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/10/19 18:22:58 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/10/19 18:22:58 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2010/10/19 18:22:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/10/19 18:22:58 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2010/10/19 18:22:58 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/10/19 18:22:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2010/10/19 18:22:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2010/10/19 18:22:57 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2010/10/19 18:22:57 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2010/10/19 18:22:57 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2010/10/19 18:22:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2010/10/19 18:22:56 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/10/19 18:22:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2010/10/19 18:22:56 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2010/10/19 18:22:56 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2010/10/19 18:22:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/10/19 18:22:55 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2010/10/19 18:22:55 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2010/10/19 18:22:55 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2010/10/19 18:22:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2010/10/19 18:22:54 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2010/10/19 18:22:54 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2010/10/19 18:22:54 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2010/10/19 18:22:54 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2010/10/19 18:22:54 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2010/10/19 18:22:54 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2010/10/19 18:22:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2010/10/19 18:22:54 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2010/10/19 18:22:54 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2010/10/19 18:22:53 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2010/10/19 18:22:53 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2010/10/19 18:22:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2010/10/19 18:22:53 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2010/10/19 18:22:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/10/19 18:22:53 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2010/10/19 18:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2010/10/19 18:22:52 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2010/10/19 18:22:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2010/10/19 18:22:52 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/10/19 18:22:51 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2010/10/19 18:22:51 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2010/10/19 18:22:51 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/10/19 18:22:51 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2010/10/19 18:22:50 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2010/10/19 18:22:50 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2010/10/19 18:22:50 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2010/10/19 18:22:50 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2010/10/19 18:22:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
[2010/10/19 18:22:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/10/19 18:22:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/10/19 18:22:50 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/10/19 18:22:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2010/10/19 18:22:49 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/10/19 18:22:49 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2010/10/19 18:22:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2010/10/19 18:22:49 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2010/10/19 18:22:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2010/10/19 18:22:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2010/10/19 18:22:48 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2010/10/19 18:22:48 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2010/10/19 18:22:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/10/19 18:22:48 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/10/19 18:22:48 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2010/10/19 18:22:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2010/10/19 18:22:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2010/10/19 18:22:47 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2010/10/19 18:22:47 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2010/10/19 18:22:47 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/10/19 18:22:47 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2010/10/19 18:22:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2010/10/19 18:22:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2010/10/19 18:22:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/10/19 18:22:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2010/10/19 18:22:46 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2010/10/19 18:22:46 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2010/10/19 18:22:46 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2010/10/19 18:22:46 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2010/10/19 18:22:46 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2010/10/19 18:22:46 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2010/10/19 18:22:46 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2010/10/19 18:22:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2010/10/19 18:22:45 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2010/10/19 18:22:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2010/10/19 18:22:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2010/10/19 18:22:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/10/19 18:22:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2010/10/19 18:22:45 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2010/10/19 18:22:44 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2010/10/19 18:22:44 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2010/10/19 18:22:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2010/10/19 18:22:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/10/19 18:22:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2010/10/19 18:22:43 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/10/19 18:22:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2010/10/19 18:22:43 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2010/10/19 18:22:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2010/10/19 18:22:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/10/19 18:22:42 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2010/10/19 18:22:42 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2010/10/19 18:22:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2010/10/19 18:22:42 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/10/19 18:22:42 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2010/10/19 18:22:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/10/19 18:22:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2010/10/19 18:22:42 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2010/10/19 18:22:41 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2010/10/19 18:22:41 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2010/10/19 18:22:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/10/19 18:22:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/10/19 18:22:41 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/10/19 18:22:40 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2010/10/19 18:22:40 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2010/10/19 18:22:40 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2010/10/19 18:22:40 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2010/10/19 18:22:40 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2010/10/19 18:22:40 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2010/10/19 18:22:39 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2010/10/19 18:22:39 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/10/19 18:22:39 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2010/10/19 18:22:39 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/10/19 18:22:39 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2010/10/19 18:22:39 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2010/10/19 18:22:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll
[2010/10/19 18:22:39 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2010/10/19 18:22:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/10/19 18:22:39 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2010/10/19 18:22:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2010/10/19 18:22:38 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2010/10/19 18:22:38 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2010/10/19 18:22:38 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2010/10/19 18:22:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2010/10/19 18:22:38 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2010/10/19 18:22:37 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2010/10/19 18:22:37 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll

2010/10/19 18:22:37 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/10/19 18:22:37 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2010/10/19 18:22:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2010/10/19 18:22:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/10/19 18:22:37 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/10/19 18:22:37 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2010/10/19 18:22:37 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2010/10/19 18:22:37 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2010/10/19 18:22:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2010/10/19 18:22:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2010/10/19 18:22:36 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2010/10/19 18:22:36 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2010/10/19 18:22:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2010/10/19 18:22:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2010/10/19 18:22:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2010/10/19 18:22:36 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/10/19 18:22:35 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2010/10/19 18:22:35 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2010/10/19 18:22:35 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/10/19 18:22:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2010/10/19 18:22:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2010/10/19 18:22:35 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2010/10/19 18:22:35 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2010/10/19 18:22:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2010/10/19 18:22:34 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/10/19 18:22:34 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2010/10/19 18:22:34 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2010/10/19 18:22:34 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys
[2010/10/19 18:22:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2010/10/19 18:22:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/10/19 18:22:33 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/10/19 18:22:33 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2010/10/19 18:22:33 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2010/10/19 18:22:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/10/19 18:22:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/10/19 18:22:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2010/10/19 18:22:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2010/10/19 18:22:32 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2010/10/19 18:22:32 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2010/10/19 18:22:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2010/10/19 18:22:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2010/10/19 18:22:32 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2010/10/19 18:22:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2010/10/19 18:22:31 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2010/10/19 18:22:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2010/10/19 18:22:31 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/10/19 18:22:31 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2010/10/19 18:22:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/10/19 18:22:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2010/10/19 18:22:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2010/10/19 18:22:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2010/10/19 18:22:30 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2010/10/19 18:22:30 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2010/10/19 18:22:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2010/10/19 18:22:30 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2010/10/19 18:22:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2010/10/19 18:22:30 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/10/19 18:22:30 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2010/10/19 18:22:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/10/19 18:22:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2010/10/19 18:22:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2010/10/19 18:22:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2010/10/19 18:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2010/10/19 18:22:30 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2010/10/19 18:22:29 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2010/10/19 18:22:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2010/10/19 18:22:29 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2010/10/19 18:22:29 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2010/10/19 18:22:28 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2010/10/19 18:22:28 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2010/10/19 18:22:28 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2010/10/19 18:22:28 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2010/10/19 18:22:28 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2010/10/19 18:22:28 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2010/10/19 18:22:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2010/10/19 18:22:28 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/10/19 18:22:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll
[2010/10/19 18:22:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2010/10/19 18:22:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2010/10/19 18:22:27 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2010/10/19 18:22:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2010/10/19 18:22:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2010/10/19 18:22:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2010/10/19 18:22:27 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2010/10/19 18:22:27 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2010/10/19 18:22:27 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2010/10/19 18:22:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/10/19 18:22:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2010/10/19 18:22:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/10/19 18:22:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2010/10/19 18:22:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2010/10/19 18:22:26 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2010/10/19 18:22:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2010/10/19 18:22:26 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2010/10/19 18:22:26 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2010/10/19 18:22:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll
[2010/10/19 18:22:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
[2010/10/19 18:22:25 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/10/19 18:22:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2010/10/19 18:22:25 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2010/10/19 18:22:25 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2010/10/19 18:22:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2010/10/19 18:22:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2010/10/19 18:22:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2010/10/19 18:22:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll
[2010/10/19 18:22:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2010/10/19 18:22:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2010/10/19 18:22:24 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2010/10/19 18:22:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2010/10/19 18:22:24 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2010/10/19 18:22:23 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2010/10/19 18:22:23 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2010/10/19 18:22:23 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2010/10/19 18:22:23 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2010/10/19 18:22:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll
[2010/10/19 18:22:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/10/19 18:22:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/10/19 18:22:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2010/10/19 18:22:22 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/10/19 18:22:22 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2010/10/19 18:22:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2010/10/19 18:22:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2010/10/19 18:22:21 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/10/19 18:22:21 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/10/19 18:22:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2010/10/19 18:22:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2010/10/19 18:22:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/10/19 18:22:20 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2010/10/19 18:22:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2010/10/19 18:22:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2010/10/19 18:22:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
[2010/10/19 18:22:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2010/10/19 18:22:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2010/10/19 18:22:19 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2010/10/19 18:22:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2010/10/19 18:22:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2010/10/19 18:22:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2010/10/19 18:22:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2010/10/19 18:22:18 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2010/10/19 18:22:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2010/10/19 18:22:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2010/10/19 18:22:18 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/10/19 18:22:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/10/19 18:22:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2010/10/19 18:22:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/10/19 18:22:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2010/10/19 18:22:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2010/10/19 18:22:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2010/10/19 18:22:16 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2010/10/19 18:22:15 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/10/19 18:22:15 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/10/19 18:22:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010/10/19 18:22:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2010/10/19 18:22:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2010/10/19 18:22:12 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2010/10/19 18:22:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/10/19 18:22:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2010/10/19 18:22:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2010/10/19 18:22:11 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2010/10/19 18:22:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2010/10/19 18:22:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2010/10/19 18:22:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/10/19 18:22:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/10/19 18:22:09 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2010/10/19 18:22:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/10/19 18:22:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2010/10/19 18:22:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2010/10/19 18:22:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2010/10/19 18:22:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2010/10/19 18:22:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2010/10/19 18:22:05 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/10/19 18:22:05 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/10/19 18:22:05 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2010/10/19 18:22:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2010/10/19 18:22:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
[2010/10/19 18:22:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/10/19 18:22:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2010/10/19 18:21:59 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2010/10/19 18:21:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2010/10/19 18:21:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2010/10/19 18:21:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2010/10/19 18:21:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umpass.sys
[2010/10/19 18:21:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/10/19 18:21:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2010/10/19 18:21:53 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2010/10/19 18:21:53 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/10/19 18:21:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2010/10/19 18:21:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2010/10/19 18:21:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2010/10/19 18:21:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2010/10/19 18:21:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2010/10/19 18:21:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2010/10/19 18:21:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/10/19 18:21:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2010/10/19 18:21:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2010/10/19 18:21:42 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2010/10/19 18:20:54 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2010/10/19 18:20:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2010/10/19 18:20:48 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2010/10/19 18:20:47 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/10/19 18:20:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/10/19 18:20:39 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/10/19 18:20:07 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/10/19 18:20:05 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2010/10/19 18:20:05 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/10/19 18:20:05 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll
[2010/10/19 16:21:57 | 000,000,000 | ---D | C] -- C:\0529a8511ae8bb186b61fe7f8075
[2010/10/18 01:54:49 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/18 01:32:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/10/18 01:32:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/10/18 01:28:27 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/10/18 01:28:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/10/18 01:28:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/10/18 01:25:16 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/10/18 01:25:15 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/10/18 01:25:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/10/18 01:19:47 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/10/18 01:19:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/10/18 01:19:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/10/18 01:19:46 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/10/18 01:19:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/10/18 01:19:46 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/10/18 01:19:46 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/10/18 01:15:12 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/10/18 01:15:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/10/18 01:15:11 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/10/18 01:15:11 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/10/18 01:15:10 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/10/18 01:14:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/10/18 01:14:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/10/18 01:09:48 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/10/18 01:09:47 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/10/18 01:09:47 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/10/18 01:09:47 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/10/18 01:09:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/10/18 01:09:46 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/10/18 00:57:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/10/18 00:57:11 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/10/18 00:57:11 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/10/18 00:57:11 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/10/18 00:57:11 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/10/18 00:49:21 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\WinPatrol
[2010/10/18 00:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/10/17 22:53:53 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/10/17 22:53:47 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/10/17 22:53:47 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/10/17 22:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/10/17 22:53:11 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Real
[2010/10/17 22:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/10/17 22:38:48 | 000,755,552 | ---- | C] (Secunia) -- C:\Users\Kim's Thang\Desktop\PSISetup.exe
[2010/10/17 21:52:42 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/10/17 21:52:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/10/17 21:48:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/10/17 21:48:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/10/17 21:47:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/10/17 21:43:41 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/10/17 21:32:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/10/17 21:32:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010/10/17 21:25:59 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/10/17 21:21:12 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/10/17 21:17:59 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/10/17 21:13:18 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/10/17 21:13:18 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/10/17 21:13:18 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/10/17 21:13:17 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/10/17 21:13:17 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/10/17 21:13:17 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/10/17 21:13:17 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/10/17 21:13:16 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/10/17 21:13:15 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/10/17 21:13:15 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/10/17 21:13:14 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/10/17 21:13:14 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/10/17 21:13:13 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/10/17 21:13:13 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/10/17 21:13:13 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/10/17 21:13:12 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/10/17 21:13:12 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/10/17 21:13:11 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/10/17 21:13:11 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/10/17 21:13:10 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/10/17 21:13:10 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/10/17 21:13:10 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/10/17 21:13:09 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/10/17 21:13:09 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/10/17 21:13:09 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/10/17 21:13:08 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/10/17 21:13:08 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/10/17 21:13:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/10/17 21:13:07 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/10/17 21:13:07 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/10/17 21:13:06 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/10/17 21:13:06 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/10/17 21:13:06 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/10/17 21:13:05 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/10/17 21:13:05 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/10/17 21:13:04 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/10/17 21:13:04 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/10/17 21:13:03 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/10/17 21:13:03 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/10/17 21:13:02 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/10/17 21:13:02 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/10/17 21:13:02 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/10/17 21:13:01 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/10/17 21:13:01 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/10/17 21:13:01 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/10/17 21:13:01 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/10/17 21:13:00 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/10/17 21:13:00 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/10/17 21:13:00 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/10/17 21:13:00 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/10/17 21:12:59 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/10/17 21:12:59 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/10/17 21:12:59 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/10/17 21:12:58 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/10/17 21:12:58 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/10/17 21:12:58 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/10/17 21:12:58 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/10/17 21:12:58 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/10/17 21:12:57 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/10/17 21:12:57 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/10/17 21:12:57 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/10/17 21:12:57 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/10/17 21:12:56 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/10/17 21:12:56 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/10/17 21:12:56 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/10/17 21:12:56 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/10/17 21:12:55 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/10/17 21:12:55 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/10/17 21:12:55 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/10/17 21:12:54 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/10/17 21:12:54 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/10/17 21:12:53 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/10/17 21:12:53 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/10/17 21:12:53 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/10/17 21:12:53 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/10/17 21:12:52 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/10/17 21:12:52 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/10/17 21:12:52 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/10/17 21:12:52 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/10/17 21:12:51 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/10/17 21:12:51 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/10/17 21:07:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/10/17 21:07:46 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/10/17 21:07:46 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/10/17 21:07:45 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/10/17 21:07:45 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/10/17 21:07:45 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/10/17 21:07:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/10/17 21:07:44 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/10/17 21:07:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2010/10/17 21:04:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/10/17 21:04:44 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/10/17 21:04:43 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/10/17 21:04:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/10/17 21:04:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010/10/17 21:04:42 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/10/17 21:04:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/10/17 21:03:16 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/10/17 21:03:16 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/10/17 20:55:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/10/17 20:55:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/10/17 20:51:45 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/10/17 20:51:44 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/10/17 20:51:43 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/10/17 20:36:40 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/10/17 20:36:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/10/17 20:32:33 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/10/17 20:32:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/10/17 20:30:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/10/17 20:30:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/10/17 20:28:43 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/10/17 20:28:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/10/17 20:28:42 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/10/17 20:28:42 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/10/17 20:28:42 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/10/17 20:28:41 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

#11 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 01:34 AM

2010/10/17 20:28:41 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/10/17 20:28:41 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/10/17 20:28:41 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/10/17 20:12:41 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/10/17 20:12:41 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/10/17 20:12:41 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/10/17 20:12:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/10/17 20:12:35 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/10/17 20:12:34 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/10/17 19:42:05 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/10/17 19:42:05 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/10/17 19:11:57 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/17 19:08:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/10/17 19:08:25 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/10/17 19:07:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/10/17 19:05:45 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/10/17 19:03:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/10/17 19:03:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/10/17 18:58:51 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/10/17 18:58:51 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/10/17 18:58:06 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/10/17 18:52:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/10/17 18:52:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/10/17 18:52:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/10/17 18:52:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/10/17 18:50:57 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/10/17 18:49:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/10/17 18:49:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/10/17 18:49:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/10/17 18:49:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/10/17 18:35:13 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\DoctorWeb
[2010/10/17 17:22:30 | 000,000,000 | ---D | C] -- C:\TEMP
[2010/10/17 13:24:19 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Avira
[2010/10/17 12:54:08 | 000,000,000 | ---D | C] -- C:\f3e6293dd9be8d293fcfe39d
[2010/10/16 17:00:22 | 000,000,000 | ---D | C] -- C:\f0348f682ea7d363f6
[2010/10/16 16:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Adobe
[2010/10/16 16:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2010/10/16 16:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe(216)
[2010/10/16 16:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe(215)
[2010/10/16 16:32:52 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\Documents\Updater5
[2010/10/16 16:32:51 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\Adobe
[2010/10/16 16:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/10/16 16:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/10/16 15:03:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/10/16 14:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/10/16 14:55:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/10/16 14:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/10/16 14:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/10/16 14:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/10/16 14:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/10/16 01:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/10/16 01:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/10/16 00:57:06 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\Microsoft Help
[2010/10/15 23:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/10/15 22:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/10/15 22:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/15 22:37:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/10/15 20:17:13 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Malwarebytes
[2010/10/15 20:17:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/15 20:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/15 20:17:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/15 20:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/15 20:04:39 | 000,134,464 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\LnkProtect.dll
[2010/10/15 20:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/10/15 20:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/10/15 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\temp
[2010/10/15 19:56:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/15 19:51:51 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/10/15 19:32:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/15 19:32:45 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/10/15 19:32:45 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/10/15 19:32:45 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/10/15 19:32:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/15 19:32:42 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/10/15 19:32:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/15 19:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2010/10/15 18:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/10/15 18:35:20 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/10/15 18:35:20 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/10/15 18:34:36 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/10/15 18:34:35 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/10/15 18:34:35 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/10/15 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Template
[2010/10/15 18:33:46 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/10/15 18:33:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/10/15 09:31:53 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\Hewlett-Packard
[2010/10/15 09:31:04 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Snapfish
[2010/10/15 09:30:49 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Searches
[2010/10/15 09:30:37 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Identities
[2010/10/15 09:30:32 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Contacts
[2010/10/15 09:30:31 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\VirtualStore
[2010/10/15 09:29:15 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Macromedia
[2010/10/15 09:28:38 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Hewlett-Packard
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\AppData\Local\Temporary Internet Files
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Templates
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Start Menu
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\SendTo
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Recent
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\PrintHood
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\NetHood
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Documents\My Videos
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Documents\My Pictures
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Documents\My Music
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\My Documents
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Local Settings
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\AppData\Local\History
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Cookies
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\Application Data
[2010/10/15 09:26:29 | 000,000,000 | -HSD | C] -- C:\Users\Kim's Thang\AppData\Local\Application Data
[2010/10/15 09:26:28 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Local\Microsoft
[2010/10/15 09:26:28 | 000,000,000 | ---D | C] -- C:\Users\Kim's Thang\AppData\Roaming\Media Center Programs
[2010/10/15 09:26:27 | 000,000,000 | --SD | C] -- C:\Users\Kim's Thang\AppData\Roaming\Microsoft
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Videos
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Pictures
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Music
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Links
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Favorites
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Downloads
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Documents
[2010/10/15 09:26:27 | 000,000,000 | R--D | C] -- C:\Users\Kim's Thang\Desktop
[2010/10/15 09:26:27 | 000,000,000 | -H-D | C] -- C:\Users\Kim's Thang\AppData
[2010/10/14 17:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/10/14 17:32:35 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2010/10/14 17:27:08 | 000,000,000 | ---D | C] -- C:\hp
[2010/10/14 17:27:04 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capicom.dll
[2010/10/14 17:27:00 | 000,172,032 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\UCI32m15.dll
[2010/10/14 17:27:00 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll
[2010/10/14 17:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/10/14 17:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/10/14 17:26:40 | 000,352,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\idecoiins.dll
[2010/10/14 17:26:40 | 000,352,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\idecoi.dll
[2010/10/14 17:26:40 | 000,101,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor32.sys
[2010/10/14 17:26:30 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/10/14 17:26:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010/10/14 17:26:15 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/10/14 17:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/10/14 17:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/10/14 17:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\earthlink totalaccess
[2010/10/14 17:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor
[2010/10/14 17:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\PC-Doctor 5 for Windows
[2010/10/14 17:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2010/10/14 17:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/10/14 17:18:31 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010/10/14 17:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/10/14 17:17:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/10/14 17:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/10/14 17:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/10/14 17:16:25 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/10/14 17:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/10/14 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/10/14 17:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/10/14 17:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\muvee Technologies
[2010/10/14 17:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010/10/14 17:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\muvee Technologies
[2010/10/14 17:12:26 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/10/14 17:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/10/14 17:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/10/14 17:10:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started
[2010/10/14 17:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/10/14 17:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010/10/14 17:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010/10/14 17:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/10/14 17:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/10/14 17:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2010/10/14 17:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/10/14 17:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/10/14 17:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/10/14 17:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/10/14 16:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2010/10/14 16:56:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/10/14 16:51:42 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/10/14 16:51:40 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010/10/14 16:51:40 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010/10/14 16:51:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/10/14 16:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/10/14 16:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/10/14 16:51:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010/10/14 16:51:14 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2010/10/14 16:51:14 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010/10/14 16:51:13 | 004,390,912 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010/10/14 16:49:24 | 000,584,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010/10/14 16:49:23 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010/10/14 16:49:23 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccs.dll
[2010/10/14 16:49:23 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccsrs.dll
[2010/10/14 16:49:21 | 000,143,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcolor.exe
[2010/10/14 16:43:20 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010/10/14 16:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/10/14 16:41:44 | 000,048,760 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\RUNCLOSE.OCX
[2010/10/14 16:41:07 | 000,253,952 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\cPC_DMIRD.dll
[2010/10/14 16:38:56 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2010/10/14 16:38:35 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/10/14 16:32:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/10/14 16:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/10/14 16:29:56 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010/10/14 16:28:20 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/10/14 16:28:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2010/11/12 22:38:52 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/12 22:38:52 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/12 18:40:46 | 000,009,738 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010/11/12 18:38:57 | 000,048,796 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/11/12 18:38:56 | 000,048,796 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/11/12 18:38:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/12 18:38:18 | 2011,684,864 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/06 23:54:59 | 000,608,408 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/06 23:54:59 | 000,105,540 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/06 23:53:14 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/11/06 23:53:14 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/11/04 11:24:29 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/10/26 17:48:34 | 000,184,347 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\MVTHealthCheck.html
[2010/10/25 19:13:55 | 000,003,099 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\DrWeb.csv
[2010/10/25 19:00:13 | 000,003,584 | ---- | M] () -- C:\Users\Kim's Thang\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/25 18:49:38 | 000,010,415 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\financial management homework kimberly johnson chapter 7.xlsx
[2010/10/25 15:34:34 | 138,818,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/10/25 15:24:40 | 000,344,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/25 13:20:42 | 000,000,949 | ---- | M] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/25 13:10:08 | 001,376,832 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\sar_15_sfx.exe
[2010/10/25 12:34:15 | 002,490,880 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\Sophos Windows Shortcut Exploit Protection Tool.msi
[2010/10/25 12:25:56 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9A1D027D-73C8-4683-A1EC-FB2165745C18}.job
[2010/10/23 15:14:53 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010/10/23 15:14:24 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010/10/23 14:51:34 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010/10/23 14:51:34 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010/10/23 14:11:28 | 000,000,817 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010/10/23 14:11:05 | 000,000,836 | ---- | M] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee EasyNetwork.lnk
[2010/10/23 14:11:05 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\McAfee EasyNetwork.lnk
[2010/10/23 13:38:33 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/10/19 11:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/18 01:32:27 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/10/18 01:32:27 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/10/18 01:28:27 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/10/18 01:28:27 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/10/18 01:28:27 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/10/18 01:27:21 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2010/10/18 01:25:16 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/10/18 01:25:15 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/10/18 01:25:15 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/10/18 01:19:47 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/10/18 01:19:47 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/10/18 01:19:47 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/10/18 01:19:46 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/10/18 01:19:46 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/10/18 01:19:46 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/10/18 01:19:46 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/10/18 01:15:12 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010/10/18 01:15:12 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/10/18 01:15:11 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/10/18 01:15:11 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/10/18 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/10/18 01:15:10 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/10/18 01:15:10 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010/10/18 01:14:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/10/18 01:14:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/10/18 01:09:48 | 002,868,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/10/18 01:09:47 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/10/18 01:09:47 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/10/18 01:09:47 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/10/18 01:09:47 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/10/18 01:09:46 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/10/18 00:57:49 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/18 00:52:28 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\http.sys.mui
[2010/10/18 00:52:27 | 044,089,904 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\avira_antivir_personal_en.exe
[2010/10/17 23:54:15 | 000,000,609 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\TDSSKiller - Shortcut.lnk
[2010/10/17 22:54:07 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/10/17 22:53:53 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/10/17 22:53:47 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/10/17 22:53:47 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/10/17 22:53:22 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/10/17 22:39:54 | 050,899,824 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\launch2.exe
[2010/10/17 22:39:33 | 000,000,890 | ---- | M] () -- C:\Users\Kim's Thang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI.lnk
[2010/10/17 22:38:52 | 000,755,552 | ---- | M] (Secunia) -- C:\Users\Kim's Thang\Desktop\PSISetup.exe
[2010/10/17 22:32:05 | 000,000,680 | ---- | M] () -- C:\Users\Kim's Thang\AppData\Local\d3d9caps.dat
[2010/10/17 21:52:42 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/10/17 21:52:42 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/10/17 21:48:58 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/10/17 21:48:57 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/10/17 21:47:12 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/10/17 21:43:41 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/10/17 21:32:31 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/10/17 21:32:31 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010/10/17 21:26:00 | 000,636,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/10/17 21:21:12 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/10/17 21:17:59 | 001,256,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/10/17 21:13:18 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/10/17 21:13:18 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/10/17 21:13:18 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/10/17 21:13:17 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/10/17 21:13:17 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/10/17 21:13:17 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/10/17 21:13:17 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/10/17 21:13:17 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/10/17 21:13:16 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/10/17 21:13:15 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/10/17 21:13:14 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/10/17 21:13:14 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/10/17 21:13:13 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/10/17 21:13:13 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/10/17 21:13:13 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/10/17 21:13:12 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/10/17 21:13:12 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/10/17 21:13:11 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/10/17 21:13:11 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/10/17 21:13:11 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/10/17 21:13:10 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/10/17 21:13:10 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/10/17 21:13:09 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/10/17 21:13:09 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/10/17 21:13:09 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/10/17 21:13:09 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/10/17 21:13:08 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/10/17 21:13:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/10/17 21:13:07 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/10/17 21:13:07 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/10/17 21:13:07 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/10/17 21:13:06 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/10/17 21:13:06 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/10/17 21:13:05 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/10/17 21:13:05 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/10/17 21:13:04 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/10/17 21:13:04 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/10/17 21:13:04 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/10/17 21:13:03 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/10/17 21:13:02 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/10/17 21:13:02 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/10/17 21:13:02 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/10/17 21:13:01 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/10/17 21:13:01 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/10/17 21:13:01 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/10/17 21:13:01 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/10/17 21:13:01 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/10/17 21:13:00 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/10/17 21:13:00 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/10/17 21:13:00 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/10/17 21:13:00 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/10/17 21:12:59 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/10/17 21:12:59 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/10/17 21:12:59 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/10/17 21:12:58 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/10/17 21:12:58 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/10/17 21:12:58 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/10/17 21:12:58 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/10/17 21:12:57 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/10/17 21:12:57 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/10/17 21:12:57 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/10/17 21:12:57 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/10/17 21:12:57 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/10/17 21:12:56 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/10/17 21:12:56 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/10/17 21:12:56 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/10/17 21:12:55 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/10/17 21:12:55 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll

2010/10/17 21:12:55 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/10/17 21:12:54 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/10/17 21:12:54 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/10/17 21:12:53 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/10/17 21:12:53 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/10/17 21:12:53 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/10/17 21:12:53 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/10/17 21:12:53 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/10/17 21:12:52 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/10/17 21:12:52 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/10/17 21:12:52 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/10/17 21:12:51 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/10/17 21:12:51 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/10/17 21:07:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/10/17 21:07:46 | 000,988,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/10/17 21:07:46 | 000,927,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/10/17 21:07:45 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/10/17 21:07:45 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/10/17 21:07:45 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/10/17 21:07:45 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/10/17 21:07:44 | 000,615,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/10/17 21:07:44 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2010/10/17 21:04:45 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/10/17 21:04:44 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/10/17 21:04:43 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/10/17 21:04:43 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/10/17 21:04:43 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010/10/17 21:04:42 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/10/17 21:04:42 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/10/17 21:03:16 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/10/17 21:03:16 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/10/17 20:55:02 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/10/17 20:55:02 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/10/17 20:51:45 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/10/17 20:51:44 | 000,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/10/17 20:51:43 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/10/17 20:36:40 | 000,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/10/17 20:36:40 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/10/17 20:32:33 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/10/17 20:32:33 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/10/17 20:30:25 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/10/17 20:30:25 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/10/17 20:28:43 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/10/17 20:28:42 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/10/17 20:28:42 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/10/17 20:28:42 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/10/17 20:28:42 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/10/17 20:28:41 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/10/17 20:28:41 | 000,511,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/10/17 20:28:41 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/10/17 20:28:41 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/10/17 20:12:41 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/10/17 20:12:41 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/10/17 20:12:41 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/10/17 20:12:41 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/10/17 20:12:35 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/10/17 20:12:34 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/10/17 20:01:14 | 028,770,304 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/10/17 20:01:13 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/10/17 20:01:13 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/10/17 19:42:05 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/10/17 19:42:05 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/10/17 19:11:57 | 001,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/17 19:08:26 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/10/17 19:08:25 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/10/17 19:07:00 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/10/17 19:05:45 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/10/17 19:03:08 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/10/17 19:03:08 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/10/17 18:58:51 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/10/17 18:58:51 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/10/17 18:58:06 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/10/17 18:52:38 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/10/17 18:52:38 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/10/17 18:52:38 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/10/17 18:52:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/10/17 18:50:57 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/10/17 18:49:32 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/10/17 18:49:31 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/10/17 18:49:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/10/15 20:17:11 | 000,000,848 | ---- | M] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/15 20:17:11 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/15 20:09:09 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/10/15 20:04:39 | 000,134,464 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\LnkProtect.dll
[2010/10/15 18:35:20 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/10/15 18:35:20 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/10/15 18:34:36 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/10/15 18:34:35 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/10/15 18:34:35 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/10/15 18:34:26 | 000,000,942 | ---- | M] () -- C:\Users\Kim's Thang\Desktop\Microsoft Works.LNK
[2010/10/15 18:34:06 | 000,000,000 | ---- | M] () -- C:\Users\Kim's Thang\AppData\Roaming\wklnhst.dat
[2010/10/15 18:33:46 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/10/15 18:33:45 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/10/15 09:56:35 | 000,001,840 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.1_#101015_N10DE03EF_Z14F12F20_G10DE03D0.MRK
[2010/10/15 09:29:22 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2010/10/14 17:26:17 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/10/14 17:19:06 | 000,002,136 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office – 60 Day Trial..lnk
[2010/10/14 17:13:17 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2010/10/14 17:03:11 | 000,103,521 | ---- | M] () -- C:\Windows\hpqins13.dat
[2010/10/14 16:51:42 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/10/14 16:51:40 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010/10/14 16:34:54 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/10/14 16:32:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf

========== Files Created - No Company Name ==========

[2010/11/04 11:24:29 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/10/26 17:48:34 | 000,184,347 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\MVTHealthCheck.html
[2010/10/25 20:41:13 | 000,003,374 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/10/25 20:41:13 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010/10/25 19:13:55 | 000,003,099 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\DrWeb.csv
[2010/10/25 19:00:09 | 000,003,584 | ---- | C] () -- C:\Users\Kim's Thang\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/25 18:49:37 | 000,010,415 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\financial management homework kimberly johnson chapter 7.xlsx
[2010/10/25 15:34:35 | 2011,684,864 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/25 15:29:18 | 138,818,287 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/10/25 13:10:05 | 001,376,832 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\sar_15_sfx.exe
[2010/10/25 12:34:14 | 002,490,880 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\Sophos Windows Shortcut Exploit Protection Tool.msi
[2010/10/25 12:25:56 | 000,000,434 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{9A1D027D-73C8-4683-A1EC-FB2165745C18}.job
[2010/10/23 17:59:12 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/10/23 17:59:12 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/10/23 17:59:12 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/10/23 17:52:03 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/10/23 17:52:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/10/23 17:51:57 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/10/23 17:36:30 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/10/23 14:34:31 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/10/23 14:12:07 | 000,009,738 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2010/10/23 14:11:28 | 000,000,817 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010/10/23 14:11:05 | 000,000,836 | ---- | C] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee EasyNetwork.lnk
[2010/10/23 14:11:05 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\McAfee EasyNetwork.lnk
[2010/10/23 14:04:26 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2010/10/23 14:04:14 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2010/10/23 13:38:33 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/10/19 18:26:28 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010/10/19 18:25:54 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/10/19 18:24:56 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/10/19 18:24:25 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/10/19 18:24:09 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/10/19 18:23:43 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/10/19 18:21:46 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2010/10/19 18:21:45 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2010/10/19 18:21:43 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2010/10/19 18:21:42 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010/10/18 01:27:21 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010/10/18 01:15:11 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/10/18 01:15:10 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010/10/18 00:57:49 | 000,001,853 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/18 00:52:13 | 044,089,904 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\avira_antivir_personal_en.exe
[2010/10/17 23:54:15 | 000,000,609 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\TDSSKiller - Shortcut.lnk
[2010/10/17 22:54:07 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/10/17 22:39:45 | 050,899,824 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\launch2.exe
[2010/10/17 22:39:33 | 000,000,890 | ---- | C] () -- C:\Users\Kim's Thang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI.lnk
[2010/10/17 19:48:24 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/10/17 19:48:24 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/10/17 14:24:17 | 000,000,680 | ---- | C] () -- C:\Users\Kim's Thang\AppData\Local\d3d9caps.dat
[2010/10/16 01:39:00 | 000,048,796 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/10/16 01:39:00 | 000,048,796 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/10/16 00:16:36 | 028,770,304 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/10/15 20:17:11 | 000,000,848 | ---- | C] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/15 20:17:11 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/15 20:03:07 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/10/15 19:32:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/15 19:32:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/15 19:32:45 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/15 19:32:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/15 18:34:26 | 000,000,942 | ---- | C] () -- C:\Users\Kim's Thang\Desktop\Microsoft Works.LNK
[2010/10/15 18:34:15 | 000,000,949 | ---- | C] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/15 18:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Kim's Thang\AppData\Roaming\wklnhst.dat
[2010/10/15 09:56:25 | 000,001,840 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.1_#101015_N10DE03EF_Z14F12F20_G10DE03D0.MRK
[2010/10/15 09:29:22 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2010/10/15 09:26:28 | 000,000,258 | ---- | C] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/10/15 09:26:28 | 000,000,240 | ---- | C] () -- C:\Users\Kim's Thang\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/14 17:36:20 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Windows Media Center.lnk
[2010/10/14 17:26:17 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/10/14 17:26:16 | 000,333,203 | RHS- | C] () -- C:\bootmgr
[2010/10/14 17:23:39 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\Internet Explorer.lnk
[2010/10/14 17:20:37 | 000,000,172 | ---- | C] () -- C:\Users\Public\Desktop\Help and Support.lnk
[2010/10/14 17:19:06 | 000,002,136 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office – 60 Day Trial..lnk
[2010/10/14 17:02:00 | 000,001,312 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/10/14 17:01:59 | 000,103,521 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010/10/14 16:42:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2010/10/14 16:39:08 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll
[2010/10/14 16:39:08 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2007/03/06 02:47:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/01/12 08:07:48 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007/01/12 08:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2010/10/17 21:21:12 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010/10/17 21:21:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2010/10/17 21:21:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010/10/17 21:21:11 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2010/10/18 01:16:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2010/10/18 01:16:28 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2010/10/17 21:21:12 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 03:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\ERDNT\cache\explorer.exe
[2006/11/02 03:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 01:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: WININIT.EXE >
[2008/01/19 01:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/19 01:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006/11/02 03:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\ERDNT\cache\wininit.exe
[2006/11/02 03:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

< MD5 for: WINLOGON.EXE >
[2006/11/02 03:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\ERDNT\cache\winlogon.exe
[2006/11/02 03:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 01:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/19 01:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 05:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 05:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2008/01/19 01:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/01/19 01:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 04:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 04:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 04:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >
[2010/11/06 23:53:14 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/11/06 23:53:14 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/10/15 20:09:09 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/10/17 19:03:08 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2010/10/17 21:17:59 | 000,439,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010/10/17 21:56:39 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys
[2010/10/18 01:11:15 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2010/10/18 01:11:15 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010/10/18 01:11:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2010/10/17 20:32:33 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/09/06 08:13:03 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2010/09/06 08:12:40 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2010/09/06 08:12:38 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2010/10/17 21:00:19 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS
[2010/10/17 21:00:19 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys

< >

< End of report >




#12 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 02:12 AM


WinPatrol Report Log
Report created by WinPatrol [FREE Edition] version 19.0.2010.0:19.0.2010.0 at 1:08:42 AM, on 10/18/2010

Platform: Windows Vista Home Edition (Build 6000)
Browser: Windows® Internet Explorer - Internet Explorer version 7.00.6000.16386
Memory currently in use: 63%

MSIE: Internet Explorer (7.00.6000.16386)
IE Cookie Path: C:\Users\Kim's Thang\AppData\Roaming\Microsoft\Windows\Cookies\low\

HKLM Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKCU Start Page = http://www.att.net/
HKLM Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Presario&pf=desktop

WinLogon Shell=Explorer.exe
WinLogon UserInit=C:\Windows\system32\userinit.exe,


Startup Programs
Active Tasks
Scheduled Tasks
IE Helpers
File Types
Services


• Startup Programs • TkBellExe realsched.exe -osboot RealNetworks Scheduler
Version: 0.1.1.1119 Copyright © RealNetworks, Inc. 1995-2009
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
First Detected by WinPatrol: 10/18/2010 0:49 AM
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=REALSCHED.EXE&vendor=RealNetworks,%20Inc.&version=0.1.1.1119&userid=&build=19.0.2010.0:19.0.2010.0&Type=1&Loc=us">Click for Plus Info<LI>WinPatrol [FREE Edition] winpatrol.exe -expressboot WinPatrol System Monitor
Version: 19.0.2010.0 Copyright © 1997- 2010 BillP Studios
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>avgnt avgnt.exe /min Antivirus System Tray Tool
Version: 10.00.13.17 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min
First Detected by WinPatrol: 10/18/2010 0:58 AM
Click for Plus Info<LI>Launcher launcher.exe
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
Path: %WINDIR%\SMINST\launcher.exe
Click for Plus Info<LI>Secunia PSI psi.exe Secunia PSI
Version: 1.5.0.2 Copyright © Secunia 2007-2010. All rights reserved.
Location: Windows Startup Group
Path: C:\Program Files\Secunia\PSI\psi.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Winlogon Userinit userinit.exe Userinit Logon Application
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit
Path: C:\Windows\System32\userinit.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Winlogon Shell Explorer.exe Windows Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
Path: Explorer.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>WebCheck webcheck.dll Web Site Monitor
Version: 7.00.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Path: C:\Windows\System32\webcheck.dll
First Detected by WinPatrol: 10/18/2010 0:49 AM
7.00.6000.16386
Click for Plus Info<LI>Component Categories cache daemon browseui.dll Shell Browser UI Library
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
Path: C:\Windows\System32\browseui.dll
First Detected by WinPatrol: 10/18/2010 0:49 AM
6.0.6000.16386
Click for Plus Info<LI>Component Categories cache daemon
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
Click for Plus Info
• Delayed Start • • Active Tasks • Desktop Window Manager dwm.exe Desktop Window Manager
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\dwm.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=DWM.EXE&vendor=Microsoft%20Corporation&version=6.0.6000.16386&userid=&build=19.0.2010.0:19.0.2010.0&Type=600&Loc=us">Click for Plus Info<LI>Windows Explorer explorer.exe Windows Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\explorer.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Task Scheduler Engine taskeng.exe Task Scheduler Engine
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\taskeng.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>RealNetworks Scheduler REALSCHED.EXE RealNetworks Scheduler
Version: 0.1.1.1119 Copyright © RealNetworks, Inc. 1995-2009
Path: C:\PROGRAM FILES\COMMON FILES\Real\UPDATE_OB\REALSCHED.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>launch2 launch2.exe
Path: C:\Users\KIM'S THANG\Desktop\launch2.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>AutoRun 7c5657.exe AutoRun
Version: 2.60.0.06221 Copyright © 2005 Doctor Web, Ltd.
Path: C:\Users\KIM'S THANG\AppData\Local\temp\BD8973CF-41ED0EFE-16E90037-15470157\7c5657.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>efebe_xp efebe_xp.exe
Path: C:\Users\KIM'S THANG\AppData\Local\temp\BD8973CF-41ED0EFE-16E90037-15470157\efebe_xp.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Internet Explorer ieuser.exe Internet Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\PROGRAM FILES\INTERNET EXPLORER\ieuser.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Adobe® Flash® Player Installer/Uninstaller 10.1 r85 FLASHUTIL10K_ACTIVEX.EXE Adobe® Flash® Player Installer/Uninstaller 10.1 r85
Version: 10,1,85,3 Copyright © 1996-2010 Adobe, Inc.
Path: C:\Windows\System32\Macromed\Flash\FLASHUTIL10K_ACTIVEX.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Windows Update wuauclt.exe Windows Update
Version: 7.4.7600.226 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\wuauclt.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>Internet Explorer iexplore.exe Internet Explorer
Version: 7.00.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\PROGRAM FILES\INTERNET EXPLORER\iexplore.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>WinPatrol [FREE Edition] WINPATROL.EXE WinPatrol System Monitor
Version: 19.0.2010.0 Copyright © 1997- 2010 BillP Studios
Path: C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>WinPatrol [FREE Edition] WINPATROLEX.EXE WinPatrol Explorer
Version: 19.0.2010.0 Copyright © 2004-2010 BillP Studios
Path: C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>AVIRA_ANTIVIR_PERSONAL_EN AVIRA_ANTIVIR_PERSONAL_EN.EXE
Path: C:\Users\KIM'S THANG\Desktop\AVIRA_ANTIVIR_PERSONAL_EN.EXE
First Detected by WinPatrol: 10/18/2010 0:55 AM
Click for Plus Info<LI>presetup presetup.exe Version: 10.00.00.05 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\Users\Kim's Thang\AppData\Local\temp\RarSFX0\presetup.exe
First Detected by WinPatrol: 10/18/2010 0:55 AM
Click for Plus Info<LI>setup setup.exe Version: 10.00.00.29 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\Users\Kim's Thang\AppData\Local\temp\RarSFX0\setup.exe
First Detected by WinPatrol: 10/18/2010 0:55 AM
Click for Plus Info<LI>Antivirus System Tray Tool avgnt.exe Antivirus System Tray Tool
Version: 10.00.13.17 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avgnt.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info<LI>Configuration Panel avconfig.exe Configuration Panel
Version: 10.00.13.15 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avconfig.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info<LI>Antivirus Control Center avcenter.exe Antivirus Control Center
Version: 10.00.12.28 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avcenter.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info<LI>On-Demand Scanner avscan.exe On-Demand Scanner
Version: 10.00.03.00 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avscan.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Click for Plus Info

• Scheduled Tasks • Secunia PSI Logon Task.job psi.exe Secunia PSI
Version: 1.5.0.2 Copyright © Secunia 2007-2010. All rights reserved.
Path: C:\Program Files\Secunia\PSI\psi.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Never
Location: "HKLM\"
Click for Plus Info• IE Helpers • <LI>AcroIEHelper Library AcroIEHelper.dll Adobe PDF Helper for Internet Explorer
Version: 8.0.0.2006102200 Copyright 1984-2006 Adobe Systems Incorporated and its licensors. All rights reserved.
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
First Detected by WinPatrol: 10/18/2010 0:49 AM
8.0.0.2006102200
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=ACROIEHELPER.DLL&vendor=Adobe%20Systems%20Incorporated&version=8.0.0.2006102200&userid=&build=19.0.2010.0:19.0.2010.0&Type=900&Loc=us">Click for Plus Info<LI>Send to OneNote
C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll,103
Click for Plus Info<LI>Research
C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
Click for Plus Info• File Types • <LI>Video Clip wmplayer.exe /prefetch:8 /Open %L Windows Media Player
Version: 11.0.6000.6353 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
.AVI
Startup Type: WMP11.AssocFile.AVI
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=WMPLAYER.EXE&vendor=Microsoft%20Corporation&version=11.0.6000.6353&userid=&build=19.0.2010.0:19.0.2010.0&Type=400&Loc=us">Click for Plus Info<LI>Windows Batch File %1 %*
Path: %1 %*
.BAT
Startup Type: batfile
Click for Plus Info<LI>Cabinet File Explorer.exe /idlist,%I,%L Windows Explorer
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\Explorer.exe /idlist,%I,%L
.CAB
Startup Type: CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
Click for Plus Info<LI>Security Catalog rundll32.exe cryptext.dll,CryptExtOpenCAT %1 Windows host process (Rundll32)
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCAT %1
.CAT
Startup Type: CATFile
Click for Plus Info<LI>Compiled HTML Help file hh.exe %1 Microsoft® HTML Help Executable
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\hh.exe %1
.CHM
Startup Type: chm.file
Click for Plus Info<LI>MS-DOS Application %1 %*
Path: %1 %*
.COM
Startup Type: ComFile
Click for Plus Info<LI>Windows Command Script %1 %*
Path: %1 %*
.CMD
Startup Type: cmdfile
Click for Plus Info<LI>Microsoft Office Word 97 - 2003 Document WINWORD.EXE /n /dde Microsoft Office Word
Version: 12.0.6425.1000 © 2006 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
.DOC
Startup Type: Word.Document.8
Click for Plus Info<LI>Internet E-Mail Message WinMail.exe /eml:%1 Windows Mail
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Mail\WinMail.exe /eml:%1
.EML
Startup Type: Microsoft Internet Mail Message
Click for Plus Info<LI>Application %1 %*
Path: %1 %*
.EXE
Startup Type: exefile
Click for Plus Info<LI>Setup Information NOTEPAD.EXE %1 Notepad
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\NOTEPAD.EXE %1
.INF
Startup Type: inffile
Click for Plus Info<LI>JScript Script File WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.JS
Startup Type: JSFile
Click for Plus Info<LI>Text Document NOTEPAD.EXE %1 Notepad
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\system32\NOTEPAD.EXE %1
.LOG
Startup Type: txtfile
Click for Plus Info<LI>Windows Installer Package msiexec.exe /i %1 %* Windows® installer
Version: 4.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\msiexec.exe /i %1 %*
.MSI
Startup Type: Msi.Package
Click for Plus Info<LI>MIDI Sequence wmplayer.exe /Open %L Windows Media Player
Version: 11.0.6000.6353 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
.MID
Startup Type: WMP11.AssocFile.MIDI
Click for Plus Info<LI>rhapsody.ex rhapsody.exe %1
Path: C:\PROGRA~1\Rhapsody\rhapsody.exe %1
.MP3
Startup Type:
Click for Plus Info<LI>Shortcut to MS-DOS Program %1 %*
Path: %1 %*
.PIF
Startup Type: piffile
Click for Plus Info<LI>RealPlayer Presentation RealPlay.exe %1 RealPlayer
Version: 12.0.0.879 Copyright © RealNetworks, Inc. 1995-2009
Path: c:\program files\real\realplayer\\RealPlay.exe %1
.RAM
Startup Type: RealPlayer.RAM.6
Click for Plus Info<LI>Registration Entries regedit.exe %1 Registry Editor
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: regedit.exe %1
.REG
Startup Type: regfile
Click for Plus Info<LI>Rich Text Format WINWORD.EXE /n /dde Microsoft Office Word
Version: 12.0.6425.1000 © 2006 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
.RTF
Startup Type: Word.RTF.8
Click for Plus Info<LI>Screen Saver %1 /S
Path: %1 /S
.SCR
Startup Type: scrfile
Click for Plus Info<LI>Text Document NOTEPAD.EXE %1 Notepad
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\system32\NOTEPAD.EXE %1
.TXT
Startup Type: txtfile
Click for Plus Info<LI>Windows host process (Rundll32) rundll32.exe ieframe.dll,OpenURL %l Windows host process (Rundll32)
Version: 6.0.6000.16386 © Microsoft Corporation. All rights reserved.
Path: rundll32.exe ieframe.dll,OpenURL %l
.URL
Startup Type: Windows host process (Rundll32)
Click for Plus Info<LI>VBScript Script File WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.VBS
Startup Type: VBSFile
Click for Plus Info<LI>VBScript Encoded File WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.VBE
Startup Type: VBEFile
Click for Plus Info<LI>Windows Script File WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.WSF
Startup Type: WSFFile
Click for Plus Info<LI>Windows Script Host Settings File WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.7.0.6000 Copyright © Microsoft Corp. 1996-2006, All Rights Reserved
Path: C:\Windows\System32\WScript.exe %1 %*
.WSH
Startup Type: WSHFile
Click for Plus Info
Microsoft Office Excel 97-2003 Worksheet EXCEL.EXE /e Microsoft Office Excel
Version: 12.0.6545.5000 © 2006 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE /e
.XLS
Startup Type: Excel.Sheet.8
Click for Plus Info• Services • <LI>sched.exe Antivirus Scheduler
Version: 10.00.00.17 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\sched.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Service to schedule Avira AntiVir Personal - Free Antivirus jobs and updates.
Created: 10/18/2010 0:57 AM
Accessed: 10/18/2010 0:57 AM
Written: 02/24/2010 10:28 AM
File Size: 135,336 Bytes
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=SCHED.EXE&vendor=Avira%20GmbH&version=10.00.00.17&userid=&build=19.0.2010.0:19.0.2010.0&Type=700&Loc=us">Click for Plus Info<LI>avguard.exe Antivirus On-Access Service
Version: 10.00.01.44 Copyright © 2000 - 2010 Avira GmbH. All rights reserved.
Path: C:\PROGRAM FILES\Avira\ANTIVIR DESKTOP\avguard.exe
First Detected by WinPatrol: 10/18/2010 1:03 AM
Offers permanent protection against viruses and malware with the AntiVir search engine.
Created: 10/18/2010 0:57 AM
Accessed: 10/18/2010 0:57 AM
Written: 04/01/2010 1:33 PM
File Size: 267,432 Bytes
Click for Plus Info<LI>APPMGMTS.DLL
Path: C:\WINDOWS\SYSTEM32\APPMGMTS.DLL
Created:
Accessed:
Written:
File Size: Bytes
Click for Plus Info<LI>IDriverT.exe IDriverT Module
Version: 10.50 Copyright © 2004 Macrovision Corporation
Path: C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\Driver\1050\Intel 32\IDriverT.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Provides support for the Running Object Table for InstallShield Drivers
Created: 10/22/2004 4:24 AM
Accessed: 10/14/2010 5:03 PM
Written: 10/22/2004 4:24 AM
File Size: 73,728 Bytes
Click for Plus Info<LI>LSSrvc.exe © Copyright 2003-2006 Hewlett-Packard Development Company, LP
Path: C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSrvc.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work.
Created: 01/17/2007 12:20 AM
Accessed: 10/14/2010 5:11 PM
Written: 01/17/2007 12:20 AM
File Size: 61,440 Bytes
Click for Plus Info<LI>ROXMEDIADB9.EXE RoxMediaDB9 Module
Copyright © 1994-2005 Sonic Solutions
Path: C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\9.0\SHAREDCOM\ROXMEDIADB9.EXE
First Detected by WinPatrol: 10/18/2010 0:49 AM
Roxio RoxMediaDB9 Service
Created: 03/26/2007 2:21 PM
Accessed: 10/14/2010 5:08 PM
Written: 03/26/2007 2:21 PM
File Size: 887,544 Bytes
Click for Plus Info<LI>stllssvr.exe SureThing Labelflash Disc Printer Service Module
Version: 1.2.560 Copyright © 1999-2004 MicroVision Development, Inc. All rights reserved.
Path: C:\PROGRAM FILES\COMMON FILES\SURETHING SHARED\stllssvr.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
Created: 03/08/2007 7:54 PM
Accessed: 10/14/2010 5:10 PM
Written: 03/08/2007 7:54 PM
File Size: 74,656 Bytes
Click for Plus Info<LI>XAudio.exe Modem Audio Service
Version: 1.00.15.00 Copyright© Conexant Systems, Inc. 2006-2007
Path: C:\Windows\System32\drivers\XAudio.exe
First Detected by WinPatrol: 10/18/2010 0:49 AM
User-mode gate for Modem Speakerphone
Created: 10/18/2007 7:37 AM
Accessed: 10/18/2007 7:37 AM
Written: 10/18/2007 7:37 AM
File Size: 386,560 Bytes
Click for Plus Info• Hidden Files • <LI>boo bootmgr
Path: C:\bootmgr
First Detected by WinPatrol: 10/18/2010 0:49 AM
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=BOOTMGR&vendor=&version=&userid=&build=19.0.2010.0:19.0.2010.0&Type=370&Loc=us">Click for Plus Info<LI>hiberfil hiberfil.sys
Path: C:\hiberfil.sys
Click for Plus Info<LI>pagefile pagefile.sys
Path: C:\pagefile.sys
Click for Plus Info<LI>7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D0 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
Path: C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D0 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
Path: C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>BCD-Template BCD-Template.LOG
Path: C:\Windows\System32\config\BCD-Template.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>BCD-Template. BCD-Template.LOG1
Path: C:\Windows\System32\config\BCD-Template.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>BCD-Template. BCD-Template.LOG2
Path: C:\Windows\System32\config\BCD-Template.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>COMPONENTS COMPONENTS.LOG
Path: C:\Windows\System32\config\COMPONENTS.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>COMPONENTS. COMPONENTS.LOG2
Path: C:\Windows\System32\config\COMPONENTS.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>DEFAULT DEFAULT.LOG
Path: C:\Windows\System32\config\DEFAULT.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>DEFAULT. DEFAULT.LOG2
Path: C:\Windows\System32\config\DEFAULT.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SAM SAM.LOG
Path: C:\Windows\System32\config\SAM.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SAM. SAM.LOG2
Path: C:\Windows\System32\config\SAM.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SECURITY SECURITY.LOG
Path: C:\Windows\System32\config\SECURITY.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SECURITY. SECURITY.LOG1
Path: C:\Windows\System32\config\SECURITY.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SECURITY. SECURITY.LOG2
Path: C:\Windows\System32\config\SECURITY.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SOFTWARE SOFTWARE.LOG
Path: C:\Windows\System32\config\SOFTWARE.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SOFTWARE. SOFTWARE.LOG1
Path: C:\Windows\System32\config\SOFTWARE.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SOFTWARE. SOFTWARE.LOG2
Path: C:\Windows\System32\config\SOFTWARE.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SYSTEM SYSTEM.LOG
Path: C:\Windows\System32\config\SYSTEM.LOG
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SYSTEM. SYSTEM.LOG1
Path: C:\Windows\System32\config\SYSTEM.LOG1
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>SYSTEM. SYSTEM.LOG2
Path: C:\Windows\System32\config\SYSTEM.LOG2
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>desktop desktop.ini
Path: C:\Windows\System32\desktop.ini
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info<LI>103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8At 103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.1_#101015_N10DE03EF_Z14F12F20_G10DE03D0.MRK
Path: C:\Windows\System32\drivers\103C_HP_CPC_GC660AA-ABA SR5123WM_YC_0Pres_QCNX719_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.07_T070404_WUH0_L409_M1918_J320_7AMD_8Athlon 64 X2 Dual Core_92.1_#101015_N10DE03EF_Z14F12F20_G10DE03D0.MRK
First Detected by WinPatrol: 10/18/2010 0:49 AM
Click for Plus Info• ActiveX • <LI>VistaWUWebControl Class wuwebv.dll Windows Update Vista Web Control
Version: 7.4.7600.226 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\wuwebv.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
7.4.7600.226
<A href="http://www.winpatrol.com/cgi-bin/plusinfo.pl?program=WUWEBV.DLL&vendor=Microsoft%20Corporation&version=7.4.7600.226&userid=&build=19.0.2010.0:19.0.2010.0&Type=1200&Loc=us">Click for Plus Info<LI>Windows Media Player wmp.dll Windows Media Player
Version: 11.0.6000.6353 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\wmp.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
11.0.6000.6353
Click for Plus Info<LI>Microsoft Web Browser ieframe.dll Internet Explorer
Version: 7.00.6000.16386 © Microsoft Corporation. All rights reserved.
Path: C:\Windows\System32\ieframe.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
7.00.6000.16386
Click for Plus Info<LI>Shockwave Flash Object Flash10k.ocx Adobe Flash Player 10.1 r85
Version: 10,1,85,3 Path: C:\Windows\System32\Macromed\Flash\Flash10k.ocx
First Detected by WinPatrol: 10/18/2010 0:58 AM
10,1,85,3
Click for Plus Info<LI>XML HTTP Request msxml3.dll MSXML 3.0 SP10
Version: 8.100.1048.0 Copyright © Microsoft Corporation. 1981-2007
Path: C:\Windows\System32\msxml3.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
8.100.1048.0
Click for Plus Info<LI>XML HTTP msxml3.dll MSXML 3.0 SP10
Version: 8.100.1048.0 Copyright © Microsoft Corporation. 1981-2007
Path: C:\Windows\System32\msxml3.dll
First Detected by WinPatrol: 10/18/2010 0:58 AM
8.100.1048.0
Click for Plus Info[list=1][/list]

#13 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 13 November 2010 - 02:15 AM

mytri, when I try to come to this website i get redirect to my bellsouth link it needs to be reboot or select technical details, but it only happens when I try to access this particular website. Also, it takes my internet 5-8 minutes to come up which is driving me nuts. Also, sndvol.exe I don't know if that is related to the volume or not but something is messing with my sound, because it cuts it off when it gets ready. But just thought I would let you know what problems I am having before this computer comes to a screaching halt here.

#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:31 PM

Posted 14 November 2010 - 05:57 PM

Hi,

sndvol is your soundvolume controler. Please try to attach the otl log to your next reply, so I can get a complete log.
Please do not post any logs I did not ask for. If you do this, I will stop helping.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 14 November 2010 - 10:39 PM

OTL logfile created on: 11/14/2010 9:15:55 PM - Run 4
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\MY STARS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.30 Gb Total Space | 237.15 Gb Free Space | 81.97% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 1.14 Gb Free Space | 13.01% Space Free | Partition Type: NTFS

Computer Name: KIMSTHANG-PC | User Name: Kim's Thang | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/07 15:32:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MY STARS\Desktop\OTL.exe
PRC - [2010/10/17 22:44:17 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/10/17 21:21:12 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/06/10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/11/07 15:32:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\MY STARS\Desktop\OTL.exe
MOD - [2010/08/31 09:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/11/06 23:53:14 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/06 23:53:13 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Stopped] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\1083.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\KIM'ST~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/11/06 23:53:14 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/06 23:53:14 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/07/15 15:18:22 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2010/07/07 08:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/05/26 10:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/02/24 07:13:40 | 000,494,368 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/10/30 19:01:10 | 009,803,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/11 12:38:14 | 002,324,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:04:16 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/03/19 07:58:50 | 000,101,672 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 03:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 03:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users