Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

c:\Windows\Acer(Normal).scr is infected by win32:malware-gen HELP~!


  • This topic is locked This topic is locked
353 replies to this topic

#1 compblank

compblank

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 04 February 2011 - 10:33 PM

On Friday,Jan 28, 2011 my Avast program ran a boot scan and found this error:

c:\Users\Home\Appdat\LocalLow\Sun\Java\Deplowment\Cache\6.0\9\366e2a49-411cb7601>utilities\common.class is infected by Java:Jade-AB[Heur] which it deleted.

Idk what it means but lately my comp is lagging bad and is very slow when I shut it down. Immediately I did 4 things:

first I ran avast
second I ran malewarbytes
third updated java
and last but not least I updated adobe flash, shock, and while I was at it soundwave

On Friday,Jan 28, 2011 my Avast program ran a boot scan and found this error:

c:\Users\Home\Appdat\LocalLow\Sun\Java\Deplowment\Cache\6.0\9\366e2a49-411cb7601>utilities\common.class is infected by Java:Jade-AB[Heur] which it deleted.

Malewayrbytes didn't turn up anything at all and both my java and adobe were up to date. My next step was to check to see if I was missing any drivers so I ran driver genius and updated a few I needed. Here I am a week later and I'm starting to have issues again. Lagging, taking forever to shut down (and now I have to manually shut it down after it took 4 hours and didn't do it on it's own).

I repeated all 4 steps above and this time when avast ran the scan I got a new error .... I ran avast last night and went to bed (takes forever to run sometimes) when I woke up I had the generic black dos screen with this message:
C:/Users/Home/AppData/Roaming/Yahoo!/Messenger/Plugin/16762d37-0eb1-40d0-5863-5fa5ade02675.yplugin/vitality/vitality/vitality.min.js

WTH DOES THAT MEAN AND HOW CAN I FIX IT???????????????????

I deleted the yahoo toolbar like other sites told me but your forum site is the only one to request additional information and a possible solution.

NOW TODAY: Again Avast ran a boot scan and now found another file infected:

c:\Windows\Acer(Normal).scr is infected by win32:malware-gen

I can't remove it since it's part of my comp files! I found another topic here on your site with the same issue. The post is closed but here's the link to it:

http://www.bleepingcomputer.com/forums/topic342588.html


How can I #1 figure out what this is and #2 fix it all...
PLSPLSPLS help~!

I'll post the scans below (and tytytytyty for your help!)

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Home at 21:33:52.25 on Fri 02/04/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.2183 [GMT -5:00]

AV: avast! Internet Security *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Internet Security *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Windows\system32\agr64svc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Home\AppData\Roaming\IMVUClient\IMVUClient.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Home\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.startskins.com/startpage/5664213484/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FB Layouts & Extras: {ff4e1d1d-705b-4379-ab33-22d98c1abf55} - C:\Program Files (x86)\FBLayouts\fblayouts.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [SiteAdvisor] "C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe"
mRun: [PCMMediaSharing] "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe"
mRun: [BkupTray] "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [Acer Product Registration] "C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe" /startup
mRun: [Acer Assist Launcher] "C:\Program Files (x86)\Acer\Acer Assist\launcher.exe"
mRun: [eRecoveryService]
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Home\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMVU.lnk - C:\Users\Home\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: C:\Windows\system32\wpclsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
TB-X64: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
mRun-x64: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
mRun-x64: [eDataSecurity Loader] "C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe"
mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun-x64: [WPCUMI] C:\Windows\system32\WpcUmi.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\soo2oqwo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.imvu.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor
FF - Ext: FB Layouts & Extras: fblayouts@hotlayouts2u.com - %profile%\extensions\fblayouts@hotlayouts2u.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: XULRunner: {D4E45244-9E79-409D-AC11-1BE2A9F75792} - C:\Users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============

R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2011-1-28 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2011-1-28 250448]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2011-1-28 125520]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-1-28 490064]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-1-28 273488]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2009-3-13 269448]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-1-28 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-1-28 62032]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-28 40384]
R2 avast! Firewall;avast! Firewall;C:\Program Files\Alwil Software\Avast5\afwServ.exe [2011-1-28 119200]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-3-3 16384]
R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-3-13 24576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2011-1-30 101048]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-4-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-4-25 131072]
R3 GKUPRO2D;GKUPRO2D;C:\Windows\System32\drivers\GKUPRO2D.sys [2005-2-18 120704]
S2 0283621296869526mcinstcleanup;McAfee Application Installer Cleanup (0283621296869526);C:\Windows\TEMP\028362~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\028362~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2011-1-30 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2009-3-13 56352]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-1-18 89920]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

=============== File Associations ===============

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

=============== Created Last 30 ================

2011-02-04 17:08:43 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{AE7E57BB-9119-45A5-924D-2B7336612BAC}\mpengine.dll
2011-02-02 00:34:22 -------- d-----w- C:\PROGRA~3\Arcade Lab
2011-02-01 22:48:42 -------- d-----w- C:\PROGRA~3\Sandlot Games
2011-02-01 22:46:35 -------- d-----w- C:\Users\Home\AppData\Local\Acer Arcade Live
2011-01-30 22:45:02 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2011-01-30 22:44:59 -------- d-----w- C:\Program Files (x86)\McAfee
2011-01-30 22:22:48 -------- d-----w- C:\Windows\en
2011-01-30 22:10:22 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-01-30 21:57:12 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2011-01-30 21:53:48 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-01-30 21:53:43 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\28c336571cbc0c805\InstallManager_WLE_WLE.exe
2011-01-30 21:48:44 -------- d-----w- C:\Users\Home\AppData\Local\Windows Live
2011-01-30 21:48:44 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-01-30 21:48:10 754688 ----a-w- C:\Windows\SysWow64\webservices.dll
2011-01-30 21:48:10 1103872 ----a-w- C:\Windows\System32\webservices.dll
2011-01-30 21:44:13 -------- d-----w- C:\Users\Home\AppData\Local\Microsoft Help
2011-01-30 18:50:02 -------- d-----w- C:\EGIS_Drive
2011-01-30 04:41:43 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-01-29 03:49:47 490064 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-01-29 03:49:47 125520 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2011-01-29 03:48:08 250448 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2011-01-29 03:48:05 62032 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-01-29 03:47:14 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
2011-01-29 03:47:13 38848 ----a-w- C:\Windows\avastSS.scr
2011-01-29 03:47:04 -------- d-----w- C:\PROGRA~3\Alwil Software
2011-01-24 23:23:02 -------- d-----w- C:\PROGRA~3\Credant
2011-01-23 02:58:25 -------- d-----w- C:\PROGRA~3\Oberon Games
2011-01-23 02:12:01 -------- d-----w- C:\PROGRA~3\SpinTop Games
2011-01-23 02:11:49 -------- d-sh--w- C:\Users\Home\AppData\Roaming\.#
2011-01-21 16:46:46 -------- d-----w- C:\Users\Home\AppData\Local\Yahoo
2011-01-21 06:24:32 -------- d-----w- C:\Program Files (x86)\Yahoo!
2011-01-20 19:10:19 -------- d-----w- C:\Windows\SysWow64\spool
2011-01-20 19:10:18 -------- d-----w- C:\Program Files (x86)\Windows Portable Devices
2011-01-20 19:10:17 -------- d-----w- C:\Program Files\Windows Portable Devices
2011-01-20 19:04:38 167424 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2011-01-20 19:01:29 4096 ----a-w- C:\Windows\SysWow64\oleaccrc.dll
2011-01-20 19:01:28 4096 ----a-w- C:\Windows\System32\oleaccrc.dll
2011-01-20 19:01:26 736256 ----a-w- C:\Windows\System32\UIAutomationCore.dll
2011-01-20 19:01:26 555520 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll
2011-01-20 19:01:26 315904 ----a-w- C:\Windows\System32\oleacc.dll
2011-01-20 19:01:26 234496 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-01-20 18:49:53 92672 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2011-01-20 18:49:53 103424 ----a-w- C:\Windows\System32\UIAnimation.dll
2011-01-20 18:49:50 3815424 ----a-w- C:\Windows\System32\UIRibbon.dll
2011-01-20 18:49:50 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2011-01-20 18:49:50 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2011-01-20 18:49:49 3023360 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2011-01-20 18:46:08 316928 ----a-w- C:\Windows\System32\msshsq.dll
2011-01-20 18:46:08 231424 ----a-w- C:\Windows\SysWow64\msshsq.dll
2011-01-20 18:21:09 -------- d-----w- C:\Windows\SysWow64\vi-VN
2011-01-20 18:21:09 -------- d-----w- C:\Windows\SysWow64\eu-ES
2011-01-20 18:21:09 -------- d-----w- C:\Windows\SysWow64\ca-ES
2011-01-20 18:21:09 -------- d-----w- C:\Windows\System32\eu-ES
2011-01-20 18:21:09 -------- d-----w- C:\Windows\System32\ca-ES
2011-01-20 18:21:08 -------- d-----w- C:\Windows\System32\vi-VN
2011-01-20 17:35:46 -------- d-----w- C:\Windows\System32\EventProviders
2011-01-19 18:54:17 -------- d-----w- C:\Users\Home\.thumbnails
2011-01-19 18:36:25 -------- d-----w- C:\Users\Home\.gimp-2.6
2011-01-19 18:34:53 -------- d-----w- C:\Program Files (x86)\GIMP-2.0
2011-01-19 18:25:20 0 ----a-w- C:\Users\Home\AppData\Local\Ksameso.bin
2011-01-19 18:25:19 -------- d-----w- C:\Users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}
2011-01-19 18:23:20 -------- d-----w- C:\Users\Home\AppData\Local\Adobe
2011-01-19 01:42:39 -------- d-----w- C:\Users\Home\AppData\Roaming\Vivox
2011-01-18 23:21:27 -------- d-----w- C:\Program Files (x86)\FBLayouts
2011-01-18 22:00:59 859648 ----a-w- C:\Windows\System32\Magnify.exe
2011-01-18 21:59:59 80720 ----a-w- C:\Windows\SysWow64\mscories.dll
2011-01-18 21:58:59 89088 ----a-w- C:\Windows\SysWow64\pintlgnt.ime
2011-01-18 21:57:59 60416 ----a-w- C:\Windows\System32\vss_ps.dll
2011-01-18 21:56:51 218624 ----a-w- C:\Windows\SysWow64\wdscore.dll
2011-01-18 21:05:15 442368 ----a-w- C:\Windows\System32\winhttp.dll
2011-01-18 21:05:15 377344 ----a-w- C:\Windows\SysWow64\winhttp.dll
2011-01-18 21:05:12 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-18 21:05:12 420352 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-18 21:05:04 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2011-01-18 21:00:31 451584 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-01-18 21:00:31 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2011-01-18 21:00:31 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-01-18 21:00:30 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-01-18 21:00:28 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-01-18 21:00:28 12288 ----a-w- C:\Windows\System32\sscore.dll
2011-01-18 21:00:25 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2011-01-18 21:00:25 17920 ----a-w- C:\Windows\System32\netevent.dll
2011-01-18 21:00:09 975360 ----a-w- C:\Windows\System32\inetcomm.dll
2011-01-18 21:00:08 739328 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-01-18 20:58:43 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-01-18 20:58:41 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-18 20:31:37 -------- d-----w- C:\Program Files (x86)\Cisco Systems
2011-01-18 20:31:32 -------- d-----w- C:\PROGRA~3\Cisco Systems
2011-01-18 18:48:45 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-18 18:41:39 -------- d-----w- C:\Windows\SysWow64\Adobe
2011-01-18 18:32:21 -------- d-----w- C:\Users\Home\AppData\Roaming\IMVU
2011-01-18 18:32:03 -------- d-----w- C:\Users\Home\AppData\Roaming\IMVUClient
2011-01-18 18:08:12 -------- d-----w- C:\Program Files\LSI SoftModem
2011-01-18 18:06:50 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2011-01-18 18:06:35 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-01-18 18:04:06 2048 ----a-w- C:\Windows\SysWow64\winrsmgr.dll
2011-01-18 18:04:06 2048 ----a-w- C:\Windows\System32\winrsmgr.dll
2011-01-18 18:04:05 13312 ----a-w- C:\Windows\System32\wsmplpxy.dll
2011-01-18 18:04:05 13312 ----a-w- C:\Windows\System32\winrssrv.dll
2011-01-18 07:31:18 660072 ----a-w- C:\Windows\System32\nvudisp.exe
2011-01-18 07:20:01 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-01-18 07:02:26 32768 ----a-w- C:\Windows\System32\nshhttp.dll
2011-01-18 07:02:26 24064 ----a-w- C:\Windows\SysWow64\nshhttp.dll
2011-01-18 07:02:22 620032 ----a-w- C:\Windows\System32\drivers\http.sys
2011-01-18 07:02:21 33792 ----a-w- C:\Windows\System32\httpapi.dll
2011-01-18 07:02:21 30720 ----a-w- C:\Windows\SysWow64\httpapi.dll
2011-01-18 03:39:07 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-01-18 03:39:07 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-01-18 03:39:07 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-01-18 03:39:07 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-01-18 03:39:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-01-18 03:39:06 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-01-18 03:39:06 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-01-18 03:39:06 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-01-18 03:39:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-01-18 03:39:06 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-01-18 03:30:59 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\vgx\VGX.dll
2011-01-18 02:42:38 1486848 ----a-w- C:\Program Files\Windows Media Player\setup_wm.exe
2011-01-18 02:42:38 1418752 ----a-w- C:\Program Files (x86)\Windows Media Player\setup_wm.exe
2011-01-18 02:42:37 372736 ----a-w- C:\Windows\System32\unregmp2.exe
2011-01-18 02:42:36 310784 ----a-w- C:\Windows\SysWow64\unregmp2.exe
2011-01-18 02:41:05 600576 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2011-01-18 02:41:05 599552 ----a-w- C:\Windows\System32\RMActivate.exe
2011-01-18 02:41:04 539136 ----a-w- C:\Windows\System32\secproc.dll
2011-01-18 02:41:04 538624 ----a-w- C:\Windows\System32\secproc_isv.dll
2011-01-18 02:41:02 526336 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2011-01-18 02:41:02 518144 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2011-01-18 02:41:01 471552 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2011-01-18 02:40:59 471552 ----a-w- C:\Windows\SysWow64\secproc.dll
2011-01-18 02:40:59 413696 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2011-01-18 02:40:59 409600 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2011-01-18 02:40:59 347136 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2011-01-18 02:40:57 346624 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2011-01-18 02:40:56 460288 ----a-w- C:\Windows\System32\msdrm.dll
2011-01-18 02:40:56 332288 ----a-w- C:\Windows\SysWow64\msdrm.dll
2011-01-18 02:40:55 160768 ----a-w- C:\Windows\System32\secproc_ssp.dll
2011-01-18 02:40:54 160768 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2011-01-18 02:40:53 152576 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2011-01-18 02:40:53 152064 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2011-01-18 02:38:59 1797120 ----a-w- C:\Windows\System32\msxml6.dll
2011-01-18 02:38:59 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll
2011-01-18 02:37:07 143360 ----a-w- C:\Windows\System32\netiohlp.dll
2011-01-18 02:37:07 105984 ----a-w- C:\Windows\SysWow64\netiohlp.dll
2011-01-18 02:37:04 32256 ----a-w- C:\Windows\System32\NETSTAT.EXE
2011-01-18 02:37:02 23040 ----a-w- C:\Windows\System32\ARP.EXE
2011-01-18 02:37:01 27136 ----a-w- C:\Windows\SysWow64\NETSTAT.EXE
2011-01-18 02:37:01 19968 ----a-w- C:\Windows\SysWow64\ARP.EXE
2011-01-18 02:37:01 12800 ----a-w- C:\Windows\System32\MRINFO.EXE
2011-01-18 02:36:59 9728 ----a-w- C:\Windows\SysWow64\TCPSVCS.EXE
2011-01-18 02:36:59 8704 ----a-w- C:\Windows\SysWow64\HOSTNAME.EXE
2011-01-18 02:36:59 10752 ----a-w- C:\Windows\System32\TCPSVCS.EXE
2011-01-18 02:36:59 10240 ----a-w- C:\Windows\SysWow64\finger.exe
2011-01-18 02:36:58 11264 ----a-w- C:\Windows\SysWow64\MRINFO.EXE
2011-01-18 02:36:58 11264 ----a-w- C:\Windows\System32\finger.exe
2011-01-18 02:36:58 10240 ----a-w- C:\Windows\System32\HOSTNAME.EXE
2011-01-18 02:36:56 21504 ----a-w- C:\Windows\System32\ROUTE.EXE
2011-01-18 02:36:56 17920 ----a-w- C:\Windows\SysWow64\ROUTE.EXE
2011-01-18 02:32:45 4697992 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-01-18 02:32:13 1426816 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-01-18 02:32:12 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2011-01-18 02:30:59 31744 ----a-w- C:\Windows\SysWow64\msvidc32.dll
2011-01-18 02:29:23 189952 ----a-w- C:\Windows\System32\t2embed.dll
2011-01-18 02:29:22 157184 ----a-w- C:\Windows\SysWow64\t2embed.dll
2011-01-18 02:29:18 615936 ----a-w- C:\Windows\System32\wlansvc.dll
2011-01-18 02:29:17 353280 ----a-w- C:\Windows\System32\wlanmsm.dll
2011-01-18 02:29:15 97792 ----a-w- C:\Windows\System32\wlanhlp.dll
2011-01-18 02:29:15 68096 ----a-w- C:\Windows\SysWow64\wlanhlp.dll
2011-01-18 02:29:15 376832 ----a-w- C:\Windows\System32\wlansec.dll
2011-01-18 02:29:15 293376 ----a-w- C:\Windows\SysWow64\wlanmsm.dll
2011-01-18 02:29:15 157184 ----a-w- C:\Windows\System32\L2SecHC.dll
2011-01-18 02:29:15 127488 ----a-w- C:\Windows\SysWow64\L2SecHC.dll
2011-01-18 02:29:12 86528 ----a-w- C:\Windows\System32\wlanapi.dll
2011-01-18 02:29:12 65024 ----a-w- C:\Windows\SysWow64\wlanapi.dll
2011-01-18 02:29:12 302592 ----a-w- C:\Windows\SysWow64\wlansec.dll
2011-01-18 02:28:51 656896 ----a-w- C:\Windows\System32\kerberos.dll
2011-01-18 02:28:49 499712 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-01-18 02:28:38 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2011-01-18 02:28:38 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2011-01-18 02:28:24 1915904 ----a-w- C:\Windows\System32\ole32.dll
2011-01-18 02:28:24 1316864 ----a-w- C:\Windows\SysWow64\ole32.dll
2011-01-18 02:28:23 408064 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2011-01-18 02:28:23 339968 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2011-01-18 02:28:14 84480 ----a-w- C:\Windows\System32\asycfilt.dll
2011-01-18 02:28:14 67072 ----a-w- C:\Windows\SysWow64\asycfilt.dll
2011-01-18 02:28:01 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-01-18 02:26:59 87552 ----a-w- C:\Windows\System32\consent.exe
2011-01-18 02:25:50 2753536 ----a-w- C:\Windows\System32\win32k.sys
2011-01-18 02:24:35 855040 ----a-w- C:\Windows\System32\schedsvc.dll
2011-01-18 02:24:35 655872 ----a-w- C:\Windows\System32\taskschd.dll
2011-01-18 02:24:35 500224 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-01-18 02:24:33 352768 ----a-w- C:\Windows\SysWow64\taskschd.dll
2011-01-18 02:24:33 267776 ----a-w- C:\Windows\System32\taskeng.exe
2011-01-18 02:24:32 410112 ----a-w- C:\Windows\System32\taskcomp.dll
2011-01-18 02:24:32 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
2011-01-18 02:24:31 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2011-01-18 02:23:36 2080768 ----a-w- C:\Program Files\Windows Mail\msoe.dll
2011-01-18 02:23:33 1616384 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll
2011-01-18 02:22:57 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-01-18 02:22:57 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-01-18 02:21:10 50688 ----a-w- C:\Windows\System32\rtutils.dll
2011-01-18 02:21:10 36864 ----a-w- C:\Windows\SysWow64\rtutils.dll
2011-01-18 02:20:51 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2011-01-18 02:20:51 515584 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2011-01-18 02:20:50 68096 ----a-w- C:\Program Files\Windows Mail\wabmig.exe
2011-01-18 02:20:50 66048 ----a-w- C:\Program Files (x86)\Windows Mail\wabmig.exe
2011-01-18 02:20:49 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2011-01-18 02:20:48 33280 ----a-w- C:\Program Files (x86)\Windows Mail\wabfind.dll
2011-01-18 02:20:46 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2011-01-18 02:20:46 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2011-01-18 02:20:32 633856 ----a-w- C:\Windows\System32\comctl32.dll
2011-01-18 02:20:30 531968 ----a-w- C:\Windows\SysWow64\comctl32.dll
2011-01-18 02:20:28 273920 ----a-w- C:\Windows\System32\spoolsv.exe
2011-01-18 02:19:10 1251840 ----a-w- C:\Windows\System32\sdclt.exe
2011-01-18 02:19:04 621568 ----a-w- C:\Windows\System32\usp10.dll
2011-01-18 02:19:04 502272 ----a-w- C:\Windows\SysWow64\usp10.dll
2011-01-18 02:18:37 203264 ----a-w- C:\Windows\System32\wkssvc.dll
2011-01-18 02:18:34 62464 ----a-w- C:\Windows\SysWow64\l3codeca.acm
2011-01-18 02:18:33 72192 ----a-w- C:\Windows\System32\l3codeca.acm
2011-01-18 02:18:33 220672 ----a-w- C:\Windows\SysWow64\l3codecp.acm
2011-01-18 02:18:33 181760 ----a-w- C:\Windows\System32\l3codecp.acm
2011-01-18 02:18:30 88576 ----a-w- C:\Windows\System32\atl.dll
2011-01-18 02:18:30 71680 ----a-w- C:\Windows\SysWow64\atl.dll
2011-01-18 02:18:28 1090048 ----a-w- C:\Windows\System32\wmpmde.dll
2011-01-18 02:18:27 867328 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2011-01-18 01:59:19 187392 ----a-w- C:\Windows\Acer(Normal).scr
2011-01-18 01:59:19 -------- d-----w- C:\Windows\Acer_Wide
2011-01-18 01:59:19 -------- d-----w- C:\Program Files (x86)\Acer Incorporated
2011-01-18 01:59:16 -------- d-----w- C:\Windows\Acer_Normal
2011-01-18 01:58:35 -------- d-----w- C:\Program Files\YUAN
2011-01-18 01:58:10 98360 ----a-w- C:\Windows\SysWow64\hcwi2c32.dll
2011-01-18 01:58:10 36921 ----a-w- C:\Windows\SysWow64\hcwutl32_priv.dll
2011-01-18 01:58:10 36921 ----a-w- C:\Windows\SysWow64\hcwutl32.dll
2011-01-18 01:58:10 262200 ----a-w- C:\Windows\SysWow64\hcwpnp32_priv.dll
2011-01-18 01:58:10 262200 ----a-w- C:\Windows\SysWow64\hcwpnp32.dll
2011-01-18 01:57:23 238080 ----a-w- C:\Windows\System32\ITEIO_64.dll
2011-01-18 01:57:23 16080 ----a-w- C:\Windows\System32\drivers\TVicPort64.sys
2011-01-18 01:57:23 13144 ----a-w- C:\Windows\System32\drivers\ITEIO.sys
2011-01-18 01:56:33 -------- d-----w- C:\Users\Home\AppData\Local\Google
2011-01-18 01:53:44 -------- d-----w- C:\PROGRA~3\Kodak
2011-01-18 01:53:43 232960 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\EKIJ5000PPR.dll
2011-01-18 01:53:02 -------- d-----w- C:\Windows\System32\kodak
2011-01-18 01:51:39 218624 ----a-w- C:\Windows\System32\wintrust.dll
2011-01-18 01:51:39 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-01-18 01:51:36 98304 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-01-18 01:51:36 104960 ----a-w- C:\Windows\System32\cabview.dll
2011-01-18 01:46:46 -------- d-----w- C:\Users\Home\AppData\Roaming\Acer
2011-01-18 01:46:45 -------- d-----w- C:\Users\Home\AppData\Roaming\SiteAdvisor
2011-01-18 01:46:45 -------- d-----w- C:\Users\Home\AppData\Local\PowerCinema
2011-01-18 01:46:42 -------- d-sh--w- C:\$RECYCLE.BIN
2011-01-18 01:42:08 2621440 ----a-w- C:\Windows\System32\wucltux.dll
2011-01-18 01:42:03 98816 ----a-w- C:\Windows\System32\wudriver.dll
2011-01-18 01:42:03 87552 ----a-w- C:\Windows\SysWow64\wudriver.dll
2011-01-18 01:41:57 36864 ----a-w- C:\Windows\System32\wuapp.exe
2011-01-18 01:41:57 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2011-01-18 01:41:57 185416 ----a-w- C:\Windows\System32\wuwebv.dll
2011-01-18 01:41:57 171608 ----a-w- C:\Windows\SysWow64\wuwebv.dll

==================== Find3M ====================

2010-12-28 16:08:18 466944 ----a-w- C:\Windows\System32\odbc32.dll
2010-12-28 15:55:03 413696 ----a-w- C:\Windows\SysWow64\odbc32.dll
2010-11-10 07:54:18 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-11-10 07:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR

============= FINISH: 21:34:43.32 ======

Here is the Attach scan log

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-04 22:57:52
Windows 6.0.6002 Service Pack 2
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ???G?G???G?G????????????????????Extension of the volume manager driver that manages software RAID volumes (spanned, striped, mirrored, RAID-5) on dynamic disks????????????????????????????????????????? ??????gCh???G?G?G?G?G?G?G?Gy????H?H? ??????????????????????????????????????????????????????? ??????????????s????????????????????w??????????????t????G?G?G?????????????????????l??????H??G??????????????????time.windows.com,7b6a69f?????????????!???G?G?G?G?G?G?G?G?G?G?G?G????system32\DRIVERS\usbehci.sys?usbehci.sys????????????????t????????????????????6?6?6?6?6?6?6?6?6?6?7?7?6?7?7?7?7?7?7?7?7?8?8?8?8?8?9?9?9?9?9?9?9?9?9?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?:?;?;?;?;?;?9??system32\DRIVERS\usbccgp.sys?usbccgp.sys????????????????t???????????????????????????????????t???system32\drivers\volsnap.sys????\??\C:\Program Files (x86)\McAfee\SiteAdvisor\SETDE21.tmp?!\??\C:\Program Files (x86)\McAfee\SiteAdvisor\SA_main.inf?\??\C:\Program Files (x86)\McAfee\SiteAdvisor\SETE121.tmp?!\??\C:\Program Files (x

---- Files - GMER 1.0.15 ----

File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product6827995_8f45d0ddc471a435c0e7d7b8ecd2566e 4845 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product4232952_337c01f375372fe0b4f3f1850d167eeb 1201 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\79148bbca5b5c09fda4b556628c3ae64 17625 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product5223177_67b601137e8009da2d8f2f09cd11533b 2101 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product6926944_33da29615a3dd68c40c10e4b26e09d15 1222 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\d0fc8e0520da9a49b4364c208e9b5b56 188011 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\7f4bc5882391a310de30ba7f17f45cb6 45925 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\7677d585fc7fb7cdd0f72efd7a1c1244 130484 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\d994e220c738468805a5bf00d24fe079 13739 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product6422866_758b8ec06d27522191d9960a37eac8b3 673980 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\37f244318521d280d7d844ba057eb214 19487 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\3cb498a43049b1c2f1c6e41101124a44 20435 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\18491b9e6736f0dd0eae6388d35f27e0 32688 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\858dc0c9bd55dd954547a15cf9b2e1ac 24369 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product6537793_16aebd8c22abd83a16c0e7b415a6a7be 1173 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product3261830_9e1806538d983cba166c95f79ea94d09 43480 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\9e13db44b57e7c7f9a7c5e91e7955ccc 19487 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\d7e6d82ff6699dde90d00d44b96e690a 24369 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\product6624737_e6bb007ef79ac284d17cc132a30ba933 2699 bytes
File C:\Users\Home\AppData\Roaming\IMVU\HttpCache\c5bce454e094b2949cb02a4dbe0d781b 26502 bytes

---- EOF - GMER 1.0.15 ----

Merged 3 posts. ~ OB

Attached Files


Edited by Orange Blossom, 06 February 2011 - 01:54 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:31 AM

Posted 07 February 2011 - 07:44 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 08 February 2011 - 11:08 AM

I'm here and tyty 'p

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:31 AM

Posted 08 February 2011 - 08:27 PM

Please run OTL so we can take a look at the machine in more detail. The scan results you are showing me could be false positive results based on the fact that they are coming up as malware-gen (generic rather than specific malware means that the program could not identify it and had to rely on heuristic diagnosis and this is far from perfect.)

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#5 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 08 February 2011 - 11:03 PM

OTL logfile created on: 2/8/2011 10:49:45 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Home\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.54 Gb Total Space | 214.57 Gb Free Space | 74.88% Space Free | Partition Type: NTFS
Drive D: | 289.63 Gb Total Space | 286.16 Gb Free Space | 98.80% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 3.48 Gb Free Space | 93.35% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Acer\Acer Assist\AcerAssist.exe (Acer Incorporated)


========== Modules (SafeList) ==========

MOD - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems)
SRV - (0251381297179604mcinstcleanup) McAfee Application Installer Cleanup (0251381297179604) -- C:\Windows\Temp\0251381297179604mcinst.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SiteAdvisor Service) -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\DRIVERS\aswNdis.sys (ALWIL Software)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (LSI Corporation)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (USBCCID) -- C:\Windows\SysNative\DRIVERS\usbccid.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (GKUPRO2D) -- C:\Windows\SysNative\Drivers\GKUPRO2D.sys (Gemplus)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startskins.com/startpage/5664213484/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.imvu.com/"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: fblayouts@hotlayouts2u.com:2.0.0
FF - prefs.js..extensions.enabledItems: {D4E45244-9E79-409D-AC11-1BE2A9F75792}:1.9.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/01/19 02:50:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/02/08 10:45:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/18 14:29:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/29 23:41:43 | 000,000,000 | ---D | M]

[2011/01/18 14:29:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions
[2011/01/18 14:29:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/01/18 13:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/02/08 18:31:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\soo2oqwo.default\extensions
[2011/01/19 23:16:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\soo2oqwo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/21 01:29:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\soo2oqwo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/18 18:21:28 | 000,000,000 | ---D | M] ("FB Layouts & Extras") -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\soo2oqwo.default\extensions\fblayouts@hotlayouts2u.com
[2011/01/29 23:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/01/18 14:29:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/01/29 23:42:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/08 10:45:40 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/01/19 13:25:19 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\HOME\APPDATA\LOCAL\{D4E45244-9E79-409D-AC11-1BE2A9F75792}
[2010/12/03 14:35:08 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010/12/03 14:35:08 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
[2011/01/29 23:41:34 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/03 14:35:08 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2010/12/03 12:36:32 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/12/03 12:36:32 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2010/12/03 12:36:32 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/12/03 12:36:32 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2010/12/03 12:36:32 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010/12/03 12:36:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/12/03 12:36:32 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FB Layouts & Extras) - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files (x86)\FBLayouts\fblayouts.dll (FBSkins.com)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\DRIVERS\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WPCUMI] C:\Windows\SysNative\WpcUmi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BkupTray] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\Home\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWOW64\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Home\Pictures\hearts- red.jpg
O24 - Desktop BackupWallPaper: C:\Users\Home\Pictures\hearts- red.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3fea9857-27c8-11e0-8b16-00219764da05}\Shell\access\command - "" = I:\_Encryption_Data_Do_Not_Delete_\autorun.exe
O33 - MountPoints2\{3fea9857-27c8-11e0-8b16-00219764da05}\Shell\AutoRun\command - "" = I:\_Encryption_Data_Do_Not_Delete_\autorun.exe /minimize
O33 - MountPoints2\{3fea985a-27c8-11e0-8b16-00219764da05}\Shell - "" = AutoRun
O33 - MountPoints2\{3fea985a-27c8-11e0-8b16-00219764da05}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{3fea9865-27c8-11e0-8b16-00219764da05}\Shell\access\command - "" = I:\_Encryption_Data_Do_Not_Delete_\autorun.exe
O33 - MountPoints2\{3fea9865-27c8-11e0-8b16-00219764da05}\Shell\AutoRun\command - "" = I:\_Encryption_Data_Do_Not_Delete_\autorun.exe /minimize
O33 - MountPoints2\{bbb4723f-2333-11e0-a3f1-00219764da05}\Shell\AutoRun\command - "" = I:\Connect.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/08 22:48:29 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2011/02/04 21:37:54 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\gmer
[2011/02/01 19:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Arcade Lab
[2011/02/01 17:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sandlot Games
[2011/02/01 17:46:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\CyberLink
[2011/02/01 17:46:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Acer Arcade Live
[2011/01/30 23:42:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/30 17:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2011/01/30 17:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2011/01/30 17:22:48 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/01/30 17:10:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/01/30 16:57:12 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/01/30 16:57:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/01/30 16:57:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/01/30 16:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/01/30 16:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/01/30 16:53:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/01/30 16:51:44 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011/01/30 16:51:44 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011/01/30 16:51:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011/01/30 16:51:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011/01/30 16:51:24 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/01/30 16:51:24 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/01/30 16:48:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Windows Live
[2011/01/30 16:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/01/30 16:48:10 | 001,103,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2011/01/30 16:48:10 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2011/01/30 16:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/01/30 16:46:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/01/30 16:44:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Microsoft Help
[2011/01/30 13:50:02 | 000,000,000 | ---D | C] -- C:\EGIS_Drive
[2011/01/30 13:24:24 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Home\Desktop\HijackThis.exe
[2011/01/30 00:39:34 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Yahoo!
[2011/01/29 23:42:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/01/29 23:41:43 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/01/29 23:41:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/01/29 23:41:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/01/29 23:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/01/28 22:49:48 | 000,020,560 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/01/28 22:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011/01/28 22:49:47 | 000,490,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/01/28 22:49:47 | 000,273,488 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/01/28 22:49:47 | 000,125,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011/01/28 22:48:08 | 000,250,448 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011/01/28 22:48:08 | 000,029,264 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/01/28 22:48:07 | 000,051,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/01/28 22:48:05 | 000,062,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/01/28 22:47:53 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/01/28 22:47:14 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2011/01/28 22:47:13 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/01/28 22:47:13 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/01/28 22:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011/01/28 22:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011/01/24 18:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Credant
[2011/01/22 21:59:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2011/01/22 21:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2011/01/22 21:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Games
[2011/01/22 21:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\SpinTop Games
[2011/01/22 21:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/01/22 21:11:49 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Roaming\.#
[2011/01/21 11:46:46 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Yahoo
[2011/01/21 01:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2011/01/21 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/01/21 01:24:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2011/01/20 14:10:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2011/01/20 14:10:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2011/01/20 14:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/01/20 14:06:35 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2011/01/20 14:06:35 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2011/01/20 14:06:35 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2011/01/20 14:06:30 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/01/20 14:06:23 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011/01/20 14:06:23 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011/01/20 14:06:22 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2011/01/20 14:06:21 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/01/20 14:06:21 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/01/20 14:06:20 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2011/01/20 14:06:20 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2011/01/20 14:06:20 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2011/01/20 14:06:20 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2011/01/20 14:06:20 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2011/01/20 14:06:20 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/01/20 14:06:20 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2011/01/20 14:06:20 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2011/01/20 14:06:20 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011/01/20 14:06:20 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2011/01/20 14:06:20 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2011/01/20 14:06:20 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/01/20 14:06:20 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2011/01/20 14:06:20 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2011/01/20 14:06:20 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2011/01/20 14:06:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011/01/20 14:06:20 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011/01/20 14:06:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2011/01/20 14:06:20 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2011/01/20 14:06:20 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2011/01/20 14:06:20 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011/01/20 14:06:19 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2011/01/20 14:06:19 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2011/01/20 14:06:19 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/01/20 14:06:19 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2011/01/20 14:06:19 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/01/20 14:06:19 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2011/01/20 14:06:19 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2011/01/20 14:06:19 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2011/01/20 14:06:19 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2011/01/20 14:06:19 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/01/20 14:06:19 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/01/20 14:06:19 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/01/20 14:06:19 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/01/20 14:06:18 | 001,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2011/01/20 14:04:31 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2011/01/20 14:04:30 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2011/01/20 14:04:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2011/01/20 14:04:07 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2011/01/20 14:04:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdConns.dll
[2011/01/20 14:04:05 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2011/01/20 14:04:05 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2011/01/20 14:04:05 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2011/01/20 14:04:05 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2011/01/20 14:04:05 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtpUS.dll
[2011/01/20 14:04:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WpdUsb.sys
[2011/01/20 14:04:04 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2011/01/20 14:04:04 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2011/01/20 14:04:04 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtp.dll
[2011/01/20 14:04:04 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2011/01/20 14:04:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2011/01/20 14:04:04 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2011/01/20 14:04:04 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2011/01/20 14:04:04 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2011/01/20 14:04:03 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2011/01/20 14:04:03 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2011/01/20 14:04:03 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2011/01/20 14:04:03 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2011/01/20 14:01:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011/01/20 14:01:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2011/01/20 14:01:26 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2011/01/20 14:01:26 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011/01/20 14:01:26 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/01/20 13:49:53 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2011/01/20 13:49:53 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2011/01/20 13:49:50 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2011/01/20 13:49:50 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2011/01/20 13:49:50 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2011/01/20 13:49:49 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2011/01/20 13:46:08 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2011/01/20 13:46:08 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2011/01/20 13:21:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2011/01/20 13:21:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2011/01/20 13:21:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2011/01/20 13:21:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2011/01/20 13:21:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2011/01/20 13:21:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2011/01/20 12:35:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/01/19 16:24:27 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Template
[2011/01/19 13:54:26 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\gtk-2.0
[2011/01/19 13:54:17 | 000,000,000 | ---D | C] -- C:\Users\Home\.thumbnails
[2011/01/19 13:36:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\gegl-0.0
[2011/01/19 13:36:25 | 000,000,000 | ---D | C] -- C:\Users\Home\.gimp-2.6
[2011/01/19 13:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011/01/19 13:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2011/01/19 13:25:19 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}
[2011/01/19 13:23:20 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Adobe
[2011/01/19 13:23:18 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/01/19 12:06:54 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\IMVU Projects
[2011/01/18 20:42:39 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Vivox
[2011/01/18 18:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FBLayouts
[2011/01/18 17:01:53 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2011/01/18 17:01:52 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2011/01/18 17:01:48 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2011/01/18 17:01:48 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2011/01/18 17:01:47 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2011/01/18 17:01:46 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2011/01/18 17:01:44 | 002,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/01/18 17:01:44 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2011/01/18 17:01:44 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2011/01/18 17:01:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/01/18 17:01:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2011/01/18 17:01:44 | 000,019,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/01/18 17:01:44 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2011/01/18 17:01:42 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/01/18 17:01:39 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/01/18 17:01:39 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2011/01/18 17:01:39 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2011/01/18 17:01:39 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2011/01/18 17:01:39 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2011/01/18 17:01:38 | 001,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2011/01/18 17:01:38 | 001,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2011/01/18 17:01:38 | 001,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2011/01/18 17:01:38 | 000,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2011/01/18 17:01:37 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/01/18 17:01:36 | 003,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2011/01/18 17:01:35 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2011/01/18 17:01:34 | 001,582,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/01/18 17:01:33 | 000,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2011/01/18 17:01:33 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2011/01/18 17:01:32 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2011/01/18 17:01:31 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2011/01/18 17:01:30 | 003,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2011/01/18 17:01:29 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/01/18 17:01:29 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2011/01/18 17:01:29 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2011/01/18 17:01:28 | 002,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2011/01/18 17:01:28 | 002,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/01/18 17:01:28 | 001,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2011/01/18 17:01:28 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2011/01/18 17:01:28 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2011/01/18 17:01:28 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2011/01/18 17:01:27 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2011/01/18 17:01:27 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2011/01/18 17:01:27 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2011/01/18 17:01:25 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2011/01/18 17:01:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2011/01/18 17:01:24 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2011/01/18 17:01:23 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/01/18 17:01:23 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2011/01/18 17:01:22 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2011/01/18 17:01:22 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/01/18 17:01:22 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/01/18 17:01:22 | 000,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2011/01/18 17:01:22 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2011/01/18 17:01:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2011/01/18 17:01:21 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/01/18 17:01:19 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2011/01/18 17:01:18 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2011/01/18 17:01:18 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2011/01/18 17:01:18 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/01/18 17:01:18 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011/01/18 17:01:18 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2011/01/18 17:01:17 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2011/01/18 17:01:17 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2011/01/18 17:01:16 | 003,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2011/01/18 17:01:16 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/01/18 17:01:16 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2011/01/18 17:01:16 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2011/01/18 17:01:16 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2011/01/18 17:01:16 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2011/01/18 17:01:16 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2011/01/18 17:01:14 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
[2011/01/18 17:01:14 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2011/01/18 17:01:13 | 001,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2011/01/18 17:01:13 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2011/01/18 17:01:13 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2011/01/18 17:01:13 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2011/01/18 17:01:12 | 001,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2011/01/18 17:01:11 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2011/01/18 17:01:11 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2011/01/18 17:01:11 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2011/01/18 17:01:10 | 001,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2011/01/18 17:01:10 | 000,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2011/01/18 17:01:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2011/01/18 17:01:09 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2011/01/18 17:01:09 | 001,078,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/01/18 17:01:09 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/01/18 17:01:09 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/01/18 17:01:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/01/18 17:01:08 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2011/01/18 17:01:08 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2011/01/18 17:01:08 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2011/01/18 17:01:08 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2011/01/18 17:01:07 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2011/01/18 17:01:07 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2011/01/18 17:01:07 | 001,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2011/01/18 17:01:07 | 001,064,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/01/18 17:01:07 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2011/01/18 17:01:07 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2011/01/18 17:01:07 | 000,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2011/01/18 17:01:06 | 003,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/01/18 17:01:05 | 001,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2011/01/18 17:01:05 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2011/01/18 17:01:05 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/01/18 17:01:05 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2011/01/18 17:01:05 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/01/18 17:01:04 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2011/01/18 17:01:04 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2011/01/18 17:01:04 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/01/18 17:01:04 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2011/01/18 17:01:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2011/01/18 17:01:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2011/01/18 17:01:03 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2011/01/18 17:01:02 | 001,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2011/01/18 17:01:02 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/01/18 17:01:02 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2011/01/18 17:01:02 | 000,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2011/01/18 17:01:02 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2011/01/18 17:01:01 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2011/01/18 17:01:01 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcrypt.dll
[2011/01/18 17:01:00 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2011/01/18 17:01:00 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2011/01/18 17:01:00 | 000,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/01/18 17:01:00 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2011/01/18 17:00:59 | 002,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2011/01/18 17:00:59 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2011/01/18 17:00:59 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2011/01/18 17:00:59 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2011/01/18 17:00:58 | 002,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2011/01/18 17:00:57 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2011/01/18 17:00:57 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2011/01/18 17:00:57 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
[2011/01/18 17:00:57 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2011/01/18 17:00:57 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2011/01/18 17:00:57 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2011/01/18 17:00:57 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2011/01/18 17:00:56 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2011/01/18 17:00:56 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2011/01/18 17:00:56 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/01/18 17:00:56 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2011/01/18 17:00:56 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2011/01/18 17:00:56 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2011/01/18 17:00:56 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2011/01/18 17:00:56 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2011/01/18 17:00:55 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2011/01/18 17:00:55 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2011/01/18 17:00:54 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2011/01/18 17:00:54 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2011/01/18 17:00:54 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2011/01/18 17:00:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2011/01/18 17:00:54 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2011/01/18 17:00:54 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2011/01/18 17:00:53 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2011/01/18 17:00:53 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2011/01/18 17:00:53 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2011/01/18 17:00:53 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/01/18 17:00:53 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2011/01/18 17:00:52 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2011/01/18 17:00:52 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2011/01/18 17:00:51 | 001,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2011/01/18 17:00:51 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2011/01/18 17:00:51 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2011/01/18 17:00:51 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2011/01/18 17:00:51 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2011/01/18 17:00:50 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2011/01/18 17:00:50 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2011/01/18 17:00:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2011/01/18 17:00:50 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2011/01/18 17:00:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2011/01/18 17:00:49 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2011/01/18 17:00:49 | 001,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2011/01/18 17:00:49 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2011/01/18 17:00:48 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2011/01/18 17:00:48 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2011/01/18 17:00:48 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011/01/18 17:00:47 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2011/01/18 17:00:47 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2011/01/18 17:00:47 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2011/01/18 17:00:47 | 000,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2011/01/18 17:00:47 | 000,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2011/01/18 17:00:46 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2011/01/18 17:00:46 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2011/01/18 17:00:46 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2011/01/18 17:00:45 | 001,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2011/01/18 17:00:45 | 000,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2011/01/18 17:00:45 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2011/01/18 17:00:44 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/01/18 17:00:43 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2011/01/18 17:00:43 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2011/01/18 17:00:43 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2011/01/18 17:00:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2011/01/18 17:00:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011/01/18 17:00:41 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2011/01/18 17:00:41 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2011/01/18 17:00:41 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2011/01/18 17:00:40 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2011/01/18 17:00:40 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/01/18 17:00:40 | 000,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2011/01/18 17:00:39 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2011/01/18 17:00:39 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2011/01/18 17:00:39 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2011/01/18 17:00:39 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2011/01/18 17:00:39 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2011/01/18 17:00:38 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
[2011/01/18 17:00:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2011/01/18 17:00:38 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2011/01/18 17:00:37 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
[2011/01/18 17:00:37 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2011/01/18 17:00:37 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2011/01/18 17:00:36 | 002,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2011/01/18 17:00:35 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2011/01/18 17:00:34 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
[2011/01/18 17:00:34 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/01/18 17:00:34 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
[2011/01/18 17:00:33 | 003,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2011/01/18 17:00:33 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
[2011/01/18 17:00:33 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2011/01/18 17:00:33 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2011/01/18 17:00:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2011/01/18 17:00:32 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2011/01/18 17:00:32 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2011/01/18 17:00:31 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2011/01/18 17:00:31 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2011/01/18 17:00:30 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/01/18 17:00:30 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2011/01/18 17:00:29 | 000,992,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/01/18 17:00:29 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2011/01/18 17:00:29 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2011/01/18 17:00:29 | 000,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2011/01/18 17:00:28 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2011/01/18 17:00:28 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2011/01/18 17:00:28 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2011/01/18 17:00:28 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2011/01/18 17:00:28 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2011/01/18 17:00:26 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
[2011/01/18 17:00:25 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2011/01/18 17:00:25 | 000,981,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/01/18 17:00:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2011/01/18 17:00:24 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
[2011/01/18 17:00:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2011/01/18 17:00:23 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2011/01/18 17:00:22 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2011/01/18 17:00:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
[2011/01/18 17:00:22 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2011/01/18 17:00:22 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2011/01/18 17:00:21 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2011/01/18 17:00:20 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2011/01/18 17:00:19 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
[2011/01/18 17:00:18 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2011/01/18 17:00:18 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/01/18 17:00:18 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2011/01/18 17:00:18 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/01/18 17:00:18 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2011/01/18 17:00:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2011/01/18 17:00:17 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2011/01/18 17:00:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2011/01/18 17:00:16 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
[2011/01/18 17:00:16 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2011/01/18 17:00:15 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2011/01/18 17:00:15 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2011/01/18 17:00:15 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2011/01/18 17:00:14 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2011/01/18 17:00:14 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
[2011/01/18 17:00:14 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2011/01/18 17:00:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2011/01/18 17:00:13 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2011/01/18 17:00:13 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2011/01/18 17:00:13 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2011/01/18 17:00:12 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2011/01/18 17:00:12 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2011/01/18 17:00:12 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2011/01/18 17:00:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2011/01/18 17:00:11 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
[2011/01/18 17:00:11 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2011/01/18 17:00:11 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2011/01/18 17:00:11 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2011/01/18 17:00:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2011/01/18 17:00:10 | 001,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2011/01/18 17:00:10 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2011/01/18 17:00:10 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2011/01/18 17:00:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2011/01/18 17:00:09 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2011/01/18 17:00:09 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
[2011/01/18 17:00:09 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2011/01/18 17:00:09 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2011/01/18 17:00:08 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2011/01/18 17:00:08 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2011/01/18 17:00:08 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2011/01/18 17:00:07 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2011/01/18 17:00:07 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2011/01/18 17:00:07 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2011/01/18 17:00:07 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2011/01/18 17:00:07 | 000,123,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2011/01/18 17:00:06 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
[2011/01/18 17:00:06 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2011/01/18 17:00:06 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2011/01/18 17:00:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
[2011/01/18 17:00:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/01/18 17:00:06 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2011/01/18 17:00:05 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2011/01/18 17:00:05 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2011/01/18 17:00:04 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2011/01/18 17:00:03 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2011/01/18 17:00:03 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2011/01/18 17:00:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2011/01/18 17:00:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2011/01/18 17:00:02 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2011/01/18 17:00:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2011/01/18 17:00:01 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2011/01/18 17:00:01 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys

[2011/01/18 17:00:00 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2011/01/18 17:00:00 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2011/01/18 17:00:00 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fundisc.dll
[2011/01/18 17:00:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2011/01/18 16:59:59 | 001,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2011/01/18 16:59:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc6.dll
[2011/01/18 16:59:59 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2011/01/18 16:59:59 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2011/01/18 16:59:59 | 000,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2011/01/18 16:59:58 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2011/01/18 16:59:58 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2011/01/18 16:59:57 | 000,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
[2011/01/18 16:59:57 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2011/01/18 16:59:57 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2011/01/18 16:59:56 | 001,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2011/01/18 16:59:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
[2011/01/18 16:59:55 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2011/01/18 16:59:55 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2011/01/18 16:59:55 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2011/01/18 16:59:54 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2011/01/18 16:59:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2011/01/18 16:59:53 | 002,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2011/01/18 16:59:53 | 001,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
[2011/01/18 16:59:53 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2011/01/18 16:59:52 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2011/01/18 16:59:52 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2011/01/18 16:59:52 | 000,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2011/01/18 16:59:51 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2011/01/18 16:59:51 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2011/01/18 16:59:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2011/01/18 16:59:50 | 002,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2011/01/18 16:59:50 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2011/01/18 16:59:50 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
[2011/01/18 16:59:50 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2011/01/18 16:59:50 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2011/01/18 16:59:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
[2011/01/18 16:59:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
[2011/01/18 16:59:49 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2011/01/18 16:59:49 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2011/01/18 16:59:49 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2011/01/18 16:59:49 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2011/01/18 16:59:48 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2011/01/18 16:59:48 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2011/01/18 16:59:48 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
[2011/01/18 16:59:48 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
[2011/01/18 16:59:48 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2011/01/18 16:59:47 | 001,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2011/01/18 16:59:47 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2011/01/18 16:59:47 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2011/01/18 16:59:47 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2011/01/18 16:59:47 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2011/01/18 16:59:47 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2011/01/18 16:59:47 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2011/01/18 16:59:46 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2011/01/18 16:59:46 | 001,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
[2011/01/18 16:59:46 | 000,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2011/01/18 16:59:45 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2011/01/18 16:59:45 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
[2011/01/18 16:59:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2011/01/18 16:59:44 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2011/01/18 16:59:44 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncrypt.dll
[2011/01/18 16:59:44 | 000,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/01/18 16:59:43 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2011/01/18 16:59:43 | 000,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2011/01/18 16:59:42 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2011/01/18 16:59:42 | 000,049,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys
[2011/01/18 16:59:41 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2011/01/18 16:59:41 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2011/01/18 16:59:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2011/01/18 16:59:41 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2011/01/18 16:59:40 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2011/01/18 16:59:40 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2011/01/18 16:59:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
[2011/01/18 16:59:39 | 001,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2011/01/18 16:59:39 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2011/01/18 16:59:39 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2011/01/18 16:59:39 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2011/01/18 16:59:39 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2011/01/18 16:59:38 | 001,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2011/01/18 16:59:38 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2011/01/18 16:59:38 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2011/01/18 16:59:36 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2011/01/18 16:59:36 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/01/18 16:59:36 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2011/01/18 16:59:36 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2011/01/18 16:59:35 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011/01/18 16:59:35 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2011/01/18 16:59:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2011/01/18 16:59:35 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2011/01/18 16:59:35 | 000,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
[2011/01/18 16:59:34 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2011/01/18 16:59:34 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
[2011/01/18 16:59:34 | 000,022,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/01/18 16:59:33 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2011/01/18 16:59:33 | 000,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2011/01/18 16:59:33 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2011/01/18 16:59:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2011/01/18 16:59:32 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2011/01/18 16:59:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2011/01/18 16:59:31 | 003,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2011/01/18 16:59:31 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2011/01/18 16:59:31 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2011/01/18 16:59:30 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2011/01/18 16:59:30 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
[2011/01/18 16:59:30 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/01/18 16:59:29 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2011/01/18 16:59:29 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2011/01/18 16:59:28 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2011/01/18 16:59:28 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2011/01/18 16:59:28 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2011/01/18 16:59:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2011/01/18 16:59:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2011/01/18 16:59:28 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2011/01/18 16:59:27 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
[2011/01/18 16:59:27 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2011/01/18 16:59:27 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2011/01/18 16:59:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2011/01/18 16:59:25 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2011/01/18 16:59:25 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioEng.dll
[2011/01/18 16:59:25 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2011/01/18 16:59:25 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2011/01/18 16:59:25 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2011/01/18 16:59:25 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2011/01/18 16:59:25 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2011/01/18 16:59:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2011/01/18 16:59:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2011/01/18 16:59:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
[2011/01/18 16:59:24 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2011/01/18 16:59:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2011/01/18 16:59:24 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011/01/18 16:59:24 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2011/01/18 16:59:23 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsound.dll
[2011/01/18 16:59:22 | 001,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2011/01/18 16:59:22 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2011/01/18 16:59:22 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2011/01/18 16:59:22 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
[2011/01/18 16:59:22 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2011/01/18 16:59:22 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2011/01/18 16:59:22 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
[2011/01/18 16:59:22 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2011/01/18 16:59:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2011/01/18 16:59:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdProxy.dll
[2011/01/18 16:59:21 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2011/01/18 16:59:21 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
[2011/01/18 16:59:21 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2011/01/18 16:59:21 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/01/18 16:59:21 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011/01/18 16:59:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2011/01/18 16:59:20 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2011/01/18 16:59:20 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2011/01/18 16:59:20 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2011/01/18 16:59:20 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpapi.dll
[2011/01/18 16:59:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2011/01/18 16:59:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
[2011/01/18 16:59:19 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2011/01/18 16:59:19 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
[2011/01/18 16:59:18 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2011/01/18 16:59:18 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2011/01/18 16:59:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2011/01/18 16:59:17 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2011/01/18 16:59:17 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2011/01/18 16:59:17 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasapi32.dll
[2011/01/18 16:59:17 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2011/01/18 16:59:17 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2011/01/18 16:59:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
[2011/01/18 16:59:16 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2011/01/18 16:59:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2011/01/18 16:59:15 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2011/01/18 16:59:15 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2011/01/18 16:59:14 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2011/01/18 16:59:14 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
[2011/01/18 16:59:14 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
[2011/01/18 16:59:14 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2011/01/18 16:59:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2011/01/18 16:59:14 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
[2011/01/18 16:59:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2011/01/18 16:59:13 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2011/01/18 16:59:13 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2011/01/18 16:59:11 | 006,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
[2011/01/18 16:59:11 | 002,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2011/01/18 16:59:11 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2011/01/18 16:59:11 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2011/01/18 16:59:11 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/01/18 16:59:11 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2011/01/18 16:59:11 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2011/01/18 16:59:11 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2011/01/18 16:59:11 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2011/01/18 16:59:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
[2011/01/18 16:59:11 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
[2011/01/18 16:59:10 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2011/01/18 16:59:10 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2011/01/18 16:59:10 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2011/01/18 16:59:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2011/01/18 16:59:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2011/01/18 16:59:08 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2011/01/18 16:59:08 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2011/01/18 16:59:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2011/01/18 16:59:08 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2011/01/18 16:59:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2011/01/18 16:59:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2011/01/18 16:59:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2011/01/18 16:59:07 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2011/01/18 16:59:07 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2011/01/18 16:59:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
[2011/01/18 16:59:06 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
[2011/01/18 16:59:06 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2011/01/18 16:59:06 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
[2011/01/18 16:59:05 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2011/01/18 16:59:05 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2011/01/18 16:59:05 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2011/01/18 16:59:05 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/01/18 16:59:05 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2011/01/18 16:59:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2011/01/18 16:59:05 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2011/01/18 16:59:05 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powrprof.dll
[2011/01/18 16:59:05 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2011/01/18 16:59:05 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2011/01/18 16:59:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2011/01/18 16:59:03 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2011/01/18 16:59:03 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2011/01/18 16:59:03 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2011/01/18 16:59:03 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2011/01/18 16:59:03 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2011/01/18 16:59:03 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
[2011/01/18 16:59:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2011/01/18 16:59:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2011/01/18 16:59:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
[2011/01/18 16:59:02 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2011/01/18 16:59:02 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2011/01/18 16:59:02 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2011/01/18 16:59:02 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2011/01/18 16:59:01 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2011/01/18 16:59:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
[2011/01/18 16:59:00 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2011/01/18 16:59:00 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2011/01/18 16:59:00 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2011/01/18 16:59:00 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2011/01/18 16:59:00 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
[2011/01/18 16:59:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
[2011/01/18 16:58:59 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2011/01/18 16:58:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2011/01/18 16:58:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2011/01/18 16:58:59 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2011/01/18 16:58:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
[2011/01/18 16:58:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2011/01/18 16:58:57 | 002,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2011/01/18 16:58:57 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2011/01/18 16:58:57 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2011/01/18 16:58:57 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
[2011/01/18 16:58:57 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2011/01/18 16:58:57 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2011/01/18 16:58:57 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2011/01/18 16:58:57 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
[2011/01/18 16:58:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2011/01/18 16:58:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2011/01/18 16:58:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2011/01/18 16:58:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
[2011/01/18 16:58:56 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2011/01/18 16:58:56 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
[2011/01/18 16:58:55 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2011/01/18 16:58:55 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
[2011/01/18 16:58:55 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2011/01/18 16:58:54 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2011/01/18 16:58:54 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2011/01/18 16:58:54 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/01/18 16:58:54 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2011/01/18 16:58:54 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioSes.dll
[2011/01/18 16:58:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2011/01/18 16:58:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2011/01/18 16:58:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
[2011/01/18 16:58:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2011/01/18 16:58:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
[2011/01/18 16:58:52 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2011/01/18 16:58:52 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2011/01/18 16:58:52 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2011/01/18 16:58:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2011/01/18 16:58:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
[2011/01/18 16:58:51 | 001,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
[2011/01/18 16:58:51 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
[2011/01/18 16:58:51 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2011/01/18 16:58:51 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2011/01/18 16:58:51 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2011/01/18 16:58:51 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
[2011/01/18 16:58:51 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
[2011/01/18 16:58:51 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
[2011/01/18 16:58:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2011/01/18 16:58:50 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
[2011/01/18 16:58:49 | 003,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2011/01/18 16:58:49 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2011/01/18 16:58:49 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
[2011/01/18 16:58:49 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2011/01/18 16:58:49 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2011/01/18 16:58:49 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2011/01/18 16:58:49 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2011/01/18 16:58:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
[2011/01/18 16:58:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
[2011/01/18 16:58:49 | 000,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2011/01/18 16:58:49 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
[2011/01/18 16:58:48 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2011/01/18 16:58:48 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2011/01/18 16:58:48 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
[2011/01/18 16:58:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
[2011/01/18 16:58:48 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
[2011/01/18 16:58:47 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2011/01/18 16:58:47 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
[2011/01/18 16:58:47 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
[2011/01/18 16:58:46 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2011/01/18 16:58:46 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
[2011/01/18 16:58:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2011/01/18 16:58:46 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2011/01/18 16:58:46 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2011/01/18 16:58:46 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2011/01/18 16:58:46 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011/01/18 16:58:46 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
[2011/01/18 16:58:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
[2011/01/18 16:58:45 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
[2011/01/18 16:58:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2011/01/18 16:58:44 | 002,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
[2011/01/18 16:58:44 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2011/01/18 16:58:44 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
[2011/01/18 16:58:44 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
[2011/01/18 16:58:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
[2011/01/18 16:58:43 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
[2011/01/18 16:58:43 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2011/01/18 16:58:43 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2011/01/18 16:58:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2011/01/18 16:58:43 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
[2011/01/18 16:58:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
[2011/01/18 16:58:42 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2011/01/18 16:58:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
[2011/01/18 16:58:41 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011/01/18 16:58:41 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2011/01/18 16:58:41 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2011/01/18 16:58:41 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2011/01/18 16:58:41 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2011/01/18 16:58:41 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
[2011/01/18 16:58:40 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2011/01/18 16:58:40 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
[2011/01/18 16:58:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
[2011/01/18 16:58:40 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2011/01/18 16:58:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
[2011/01/18 16:58:38 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2011/01/18 16:58:38 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
[2011/01/18 16:58:38 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2011/01/18 16:58:38 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2011/01/18 16:58:38 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
[2011/01/18 16:58:38 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
[2011/01/18 16:58:38 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2011/01/18 16:58:37 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2011/01/18 16:58:37 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
[2011/01/18 16:58:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2011/01/18 16:58:37 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2011/01/18 16:58:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2011/01/18 16:58:36 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2011/01/18 16:58:35 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2011/01/18 16:58:35 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2011/01/18 16:58:35 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2011/01/18 16:58:35 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/01/18 16:58:35 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2011/01/18 16:58:35 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2011/01/18 16:58:35 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
[2011/01/18 16:58:35 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2011/01/18 16:58:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
[2011/01/18 16:58:35 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2011/01/18 16:58:34 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2011/01/18 16:58:34 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2011/01/18 16:58:32 | 000,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2011/01/18 16:58:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2011/01/18 16:58:32 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2011/01/18 16:58:32 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2011/01/18 16:58:32 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
[2011/01/18 16:58:32 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2011/01/18 16:58:32 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2011/01/18 16:58:32 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2011/01/18 16:58:32 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
[2011/01/18 16:58:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011/01/18 16:58:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
[2011/01/18 16:58:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2011/01/18 16:58:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimtf.dll
[2011/01/18 16:58:30 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2011/01/18 16:58:30 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2011/01/18 16:58:29 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2011/01/18 16:58:29 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2011/01/18 16:58:29 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2011/01/18 16:58:29 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
[2011/01/18 16:58:29 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
[2011/01/18 16:58:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2011/01/18 16:58:29 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2011/01/18 16:58:29 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2011/01/18 16:58:29 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2011/01/18 16:58:27 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2011/01/18 16:58:27 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2011/01/18 16:58:27 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
[2011/01/18 16:58:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2011/01/18 16:58:26 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2011/01/18 16:58:26 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/01/18 16:58:26 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2011/01/18 16:58:26 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2011/01/18 16:58:26 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
[2011/01/18 16:58:25 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2011/01/18 16:58:24 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2011/01/18 16:58:24 | 000,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
[2011/01/18 16:58:24 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2011/01/18 16:58:24 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
[2011/01/18 16:58:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2011/01/18 16:58:24 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011/01/18 16:58:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
[2011/01/18 16:58:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2011/01/18 16:58:23 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2011/01/18 16:58:23 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
[2011/01/18 16:58:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011/01/18 16:58:21 | 002,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2011/01/18 16:58:21 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2011/01/18 16:58:21 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
[2011/01/18 16:58:21 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2011/01/18 16:58:21 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
[2011/01/18 16:58:21 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
[2011/01/18 16:58:21 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2011/01/18 16:58:21 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
[2011/01/18 16:58:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2011/01/18 16:58:21 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2011/01/18 16:58:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2011/01/18 16:58:21 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2011/01/18 16:58:20 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2011/01/18 16:58:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2011/01/18 16:58:19 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2011/01/18 16:58:19 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2011/01/18 16:58:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
[2011/01/18 16:58:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2011/01/18 16:58:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2011/01/18 16:58:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
[2011/01/18 16:58:18 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2011/01/18 16:58:18 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
[2011/01/18 16:58:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
[2011/01/18 16:58:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2011/01/18 16:58:16 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2011/01/18 16:58:16 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2011/01/18 16:58:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWCN.dll
[2011/01/18 16:58:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2011/01/18 16:58:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2011/01/18 16:58:16 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
[2011/01/18 16:58:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2011/01/18 16:58:15 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2011/01/18 16:58:15 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
[2011/01/18 16:58:15 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2011/01/18 16:58:15 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2011/01/18 16:58:15 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tscupgrd.exe
[2011/01/18 16:58:15 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2011/01/18 16:58:15 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
[2011/01/18 16:58:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
[2011/01/18 16:58:14 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2011/01/18 16:58:14 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2011/01/18 16:58:13 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2011/01/18 16:58:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscupgrd.exe
[2011/01/18 16:58:13 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
[2011/01/18 16:58:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkitemfactory.dll
[2011/01/18 16:58:12 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2011/01/18 16:58:12 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2011/01/18 16:58:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
[2011/01/18 16:58:12 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2011/01/18 16:58:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2011/01/18 16:58:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2011/01/18 16:58:10 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2011/01/18 16:58:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2011/01/18 16:58:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
[2011/01/18 16:58:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
[2011/01/18 16:58:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
[2011/01/18 16:58:07 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011/01/18 16:58:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
[2011/01/18 16:58:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2011/01/18 16:58:01 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
[2011/01/18 16:58:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2011/01/18 16:57:59 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2011/01/18 16:57:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2011/01/18 16:57:58 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2011/01/18 16:57:58 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
[2011/01/18 16:57:58 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
[2011/01/18 16:57:57 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2011/01/18 16:57:56 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2011/01/18 16:57:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2011/01/18 16:57:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011/01/18 16:57:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/01/18 16:57:42 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2011/01/18 16:57:42 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/01/18 16:57:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
[2011/01/18 16:57:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
[2011/01/18 16:57:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2011/01/18 16:57:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2011/01/18 16:56:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2011/01/18 16:56:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2011/01/18 16:56:27 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2011/01/18 16:56:25 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
[2011/01/18 16:56:25 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2011/01/18 16:56:20 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2011/01/18 16:05:13 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/01/18 16:05:13 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/01/18 16:05:12 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/01/18 16:04:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/01/18 16:04:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/01/18 16:04:41 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/01/18 16:04:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/01/18 16:04:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/01/18 16:04:38 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/01/18 16:04:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/01/18 16:04:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/01/18 16:04:36 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/01/18 16:04:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/01/18 16:04:36 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/01/18 16:04:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/01/18 16:04:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/01/18 16:04:35 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/01/18 16:04:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/01/18 16:04:33 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/01/18 16:04:33 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/01/18 16:04:33 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/01/18 16:04:33 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/01/18 16:04:32 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/01/18 16:04:27 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/01/18 16:04:24 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/01/18 16:04:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/01/18 16:04:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/01/18 16:04:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/01/18 16:04:21 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/01/18 16:04:21 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/01/18 16:04:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/01/18 16:00:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2011/01/18 16:00:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011/01/18 16:00:25 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2011/01/18 16:00:25 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2011/01/18 15:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2011/01/18 15:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
[2011/01/18 14:29:19 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Mozilla
[2011/01/18 14:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/01/18 14:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/01/18 13:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/01/18 13:48:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/01/18 13:41:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011/01/18 13:32:23 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Mozilla
[2011/01/18 13:32:21 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\IMVU
[2011/01/18 13:32:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
[2011/01/18 13:32:03 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\IMVUClient
[2011/01/18 13:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2011/01/18 13:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/01/18 13:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/01/18 13:05:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2011/01/18 13:05:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2011/01/18 13:04:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2011/01/18 13:04:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll
[2011/01/18 13:04:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2011/01/18 13:04:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll
[2011/01/18 13:03:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2011/01/18 13:03:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2011/01/18 13:03:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll
[2011/01/18 13:03:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2011/01/18 13:03:48 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe
[2011/01/18 13:03:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe
[2011/01/18 13:03:48 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe
[2011/01/18 13:03:40 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll
[2011/01/18 13:03:40 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe
[2011/01/18 13:03:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll
[2011/01/18 13:03:40 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2011/01/18 13:03:40 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll
[2011/01/18 13:03:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2011/01/18 13:03:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2011/01/18 13:03:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2011/01/18 13:03:39 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2011/01/18 13:03:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2011/01/18 13:03:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2011/01/18 13:03:26 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2011/01/18 13:03:26 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2011/01/18 13:03:26 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2011/01/18 13:03:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2011/01/18 13:03:26 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2011/01/18 13:03:26 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2011/01/18 13:03:26 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2011/01/18 13:03:25 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll
[2011/01/18 13:03:25 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2011/01/18 13:03:25 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2011/01/18 02:31:18 | 004,281,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvitvs.dll
[2011/01/18 02:31:18 | 004,144,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvitvsr.dll
[2011/01/18 02:31:18 | 003,232,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwss.dll
[2011/01/18 02:31:18 | 002,980,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwssr.dll
[2011/01/18 02:31:18 | 000,660,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvudisp.exe
[2011/01/18 02:31:17 | 002,852,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmoblsr.dll
[2011/01/18 02:31:17 | 001,619,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmobls.dll
[2011/01/18 02:31:17 | 001,607,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvs.dll
[2011/01/18 02:31:17 | 000,815,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011/01/18 02:31:17 | 000,695,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvsr.dll
[2011/01/18 02:31:17 | 000,455,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmccssr.dll
[2011/01/18 02:31:17 | 000,289,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmccss.dll
[2011/01/18 02:31:16 | 005,797,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispsr.dll
[2011/01/18 02:31:16 | 005,048,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgames.dll
[2011/01/18 02:31:16 | 004,325,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdisps.dll
[2011/01/18 02:31:16 | 003,454,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgamesr.dll
[2011/01/18 02:31:15 | 012,471,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/01/18 02:31:15 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/01/18 02:31:14 | 002,037,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011/01/18 02:31:14 | 000,138,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod135.dll
[2011/01/18 02:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/01/18 02:02:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshhttp.dll
[2011/01/18 02:02:26 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2011/01/18 02:02:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2011/01/18 02:02:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2011/01/17 23:34:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/01/17 22:39:07 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011/01/17 22:39:07 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011/01/17 22:39:07 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011/01/17 22:39:07 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011/01/17 22:39:06 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011/01/17 22:39:06 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011/01/17 22:39:06 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011/01/17 22:39:06 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011/01/17 22:31:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/01/17 22:31:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/01/17 22:31:03 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/01/17 22:31:03 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2011/01/17 22:31:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/01/17 22:31:02 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/01/17 22:31:02 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/01/17 22:31:02 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/01/17 22:31:02 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/01/17 22:31:02 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/01/17 22:31:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/01/17 22:31:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/01/17 22:31:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2011/01/17 22:31:01 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/01/17 22:31:01 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/01/17 22:31:01 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/01/17 22:31:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/01/17 22:31:01 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/01/17 22:31:00 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/01/17 22:31:00 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/01/17 22:31:00 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/01/17 22:31:00 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/01/17 22:31:00 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/01/17 22:31:00 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/01/17 22:30:59 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/01/17 22:30:59 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/01/17 22:30:59 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/01/17 22:30:58 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/01/17 22:30:58 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/01/17 22:30:58 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/01/17 22:30:58 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/01/17 22:30:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/01/17 22:30:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/01/17 22:30:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PDMSetup.exe
[2011/01/17 22:30:58 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/01/17 22:30:58 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/01/17 22:30:58 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetDepNx.exe
[2011/01/17 22:30:58 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/01/17 22:30:58 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/01/17 22:30:57 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinFXDocObj.exe
[2011/01/17 22:30:57 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinFXDocObj.exe
[2011/01/17 22:30:57 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/01/17 22:30:57 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/01/17 22:30:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/01/17 22:30:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/01/17 22:30:55 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/01/17 22:30:55 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/01/17 22:30:55 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/01/17 22:30:55 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/01/17 22:30:55 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PDMSetup.exe
[2011/01/17 22:30:55 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/01/17 22:30:55 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/01/17 22:30:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetDepNx.exe
[2011/01/17 21:42:37 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe
[2011/01/17 21:42:36 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2011/01/17 21:41:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2011/01/17 21:41:05 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2011/01/17 21:41:04 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2011/01/17 21:41:04 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2011/01/17 21:41:02 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2011/01/17 21:41:02 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2011/01/17 21:41:01 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2011/01/17 21:40:59 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2011/01/17 21:40:59 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2011/01/17 21:40:59 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2011/01/17 21:40:59 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2011/01/17 21:40:57 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2011/01/17 21:40:56 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2011/01/17 21:40:56 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2011/01/17 21:40:55 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2011/01/17 21:40:54 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2011/01/17 21:40:53 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2011/01/17 21:40:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2011/01/17 21:37:07 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2011/01/17 21:37:07 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2011/01/17 21:37:04 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NETSTAT.EXE
[2011/01/17 21:37:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ARP.EXE
[2011/01/17 21:37:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2011/01/17 21:37:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2011/01/17 21:37:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRINFO.EXE
[2011/01/17 21:36:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TCPSVCS.EXE
[2011/01/17 21:36:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2011/01/17 21:36:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2011/01/17 21:36:59 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2011/01/17 21:36:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2011/01/17 21:36:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\finger.exe
[2011/01/17 21:36:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HOSTNAME.EXE
[2011/01/17 21:36:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ROUTE.EXE
[2011/01/17 21:36:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2011/01/17 21:32:45 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/01/17 21:31:29 | 001,305,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2011/01/17 21:31:24 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/01/17 21:31:21 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011/01/17 21:31:12 | 002,424,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/01/17 21:31:12 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/01/17 21:31:09 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2011/01/17 21:31:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2011/01/17 21:31:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2011/01/17 21:31:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2011/01/17 21:31:07 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2011/01/17 21:31:06 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2011/01/17 21:31:01 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciavi32.dll
[2011/01/17 21:31:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avicap32.dll
[2011/01/17 21:30:59 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avifil32.dll
[2011/01/17 21:30:56 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2011/01/17 21:30:56 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2011/01/17 21:30:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2011/01/17 21:30:43 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2011/01/17 21:30:40 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2011/01/17 21:30:40 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2011/01/17 21:30:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2011/01/17 21:30:35 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2011/01/17 21:30:35 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011/01/17 21:30:30 | 013,426,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011/01/17 21:30:29 | 010,627,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011/01/17 21:30:24 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2011/01/17 21:30:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2011/01/17 21:30:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2011/01/17 21:30:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2011/01/17 21:30:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2011/01/17 21:30:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2011/01/17 21:30:19 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011/01/17 21:30:19 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011/01/17 21:29:23 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011/01/17 21:29:22 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011/01/17 21:29:17 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2011/01/17 21:29:15 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2011/01/17 21:29:15 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2011/01/17 21:29:15 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\L2SecHC.dll
[2011/01/17 21:29:15 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2011/01/17 21:29:15 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2011/01/17 21:29:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2011/01/17 21:29:12 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2011/01/17 21:29:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2011/01/17 21:29:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2011/01/17 21:28:38 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011/01/17 21:28:38 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011/01/17 21:28:24 | 001,915,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011/01/17 21:28:01 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011/01/17 21:27:53 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2011/01/17 21:27:53 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2011/01/17 21:27:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2011/01/17 21:27:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.tlb
[2011/01/17 21:27:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2011/01/17 21:27:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amcompat.tlb
[2011/01/17 21:27:32 | 002,900,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2011/01/17 21:27:32 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2011/01/17 21:27:31 | 003,547,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011/01/17 21:27:30 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011/01/17 21:27:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011/01/17 21:27:28 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2011/01/17 21:27:27 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2011/01/17 21:27:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2011/01/17 21:27:27 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2011/01/17 21:27:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2011/01/17 21:27:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2011/01/17 21:27:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2011/01/17 21:27:09 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/01/17 21:27:09 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/01/17 21:27:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011/01/17 21:27:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011/01/17 21:27:06 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/01/17 21:27:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/01/17 21:27:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2011/01/17 21:27:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2011/01/17 21:27:01 | 000,772,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2011/01/17 21:27:01 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2011/01/17 21:26:59 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011/01/17 21:26:58 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011/01/17 21:26:57 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011/01/17 21:26:28 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2011/01/17 21:26:28 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2011/01/17 21:26:18 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/01/17 21:26:17 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/01/17 21:25:40 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2011/01/17 21:25:40 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2011/01/17 21:25:01 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2011/01/17 21:24:35 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011/01/17 21:24:35 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/01/17 21:24:33 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011/01/17 21:24:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011/01/17 21:24:32 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011/01/17 21:24:31 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011/01/17 21:21:10 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011/01/17 21:21:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011/01/17 21:20:46 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2011/01/17 21:20:46 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2011/01/17 21:20:32 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011/01/17 21:19:10 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2011/01/17 21:19:04 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2011/01/17 21:18:34 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2011/01/17 21:18:33 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
[2011/01/17 21:18:33 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
[2011/01/17 21:18:33 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
[2011/01/17 21:18:30 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl.dll
[2011/01/17 21:18:28 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011/01/17 21:18:27 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011/01/17 20:59:19 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Macromedia
[2011/01/17 20:59:19 | 000,000,000 | ---D | C] -- C:\Windows\Acer_Wide
[2011/01/17 20:59:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Incorporated
[2011/01/17 20:59:16 | 000,000,000 | ---D | C] -- C:\Windows\Acer_Normal
[2011/01/17 20:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\YUAN
[2011/01/17 20:58:10 | 000,262,200 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32_priv.dll
[2011/01/17 20:58:10 | 000,262,200 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2011/01/17 20:58:10 | 000,098,360 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2011/01/17 20:58:10 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32_priv.dll
[2011/01/17 20:58:10 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2011/01/17 20:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/01/17 20:57:23 | 000,238,080 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\ITEIO_64.dll
[2011/01/17 20:57:23 | 000,016,080 | ---- | C] (EnTech Taiwan) -- C:\Windows\SysNative\drivers\TVicPort64.sys
[2011/01/17 20:57:23 | 000,013,144 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\ITEIO.sys
[2011/01/17 20:56:43 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Adobe
[2011/01/17 20:56:33 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Google
[2011/01/17 20:56:33 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Google
[2011/01/17 20:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak
[2011/01/17 20:53:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\kodak
[2011/01/17 20:51:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011/01/17 20:51:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011/01/17 20:51:36 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011/01/17 20:51:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011/01/17 20:46:46 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Leadertech
[2011/01/17 20:46:46 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Acer
[2011/01/17 20:46:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\SiteAdvisor
[2011/01/17 20:46:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\PowerCinema
[2011/01/17 20:46:42 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/01/17 20:46:16 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/01/17 20:46:16 | 000,000,000 | R--D | C] -- C:\Users\Home\Searches
[2011/01/17 20:46:16 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/01/17 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Identities
[2011/01/17 20:46:05 | 000,000,000 | R--D | C] -- C:\Users\Home\Contacts
[2011/01/17 20:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/01/17 20:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/01/17 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\VirtualStore
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Local\Temporary Internet Files
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Templates
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Start Menu
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\SendTo
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Recent
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\PrintHood
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\NetHood
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Documents\My Videos
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Documents\My Pictures
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Documents\My Music
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\My Documents
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Local Settings
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Local\History
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Cookies
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\Application Data
[2011/01/17 20:44:21 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Local\Application Data
[2011/01/17 20:44:20 | 000,000,000 | --SD | C] -- C:\Users\Home\AppData\Roaming\Microsoft
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Videos
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Saved Games
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Pictures
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Music
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Links
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Favorites
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Downloads
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Documents
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\Desktop
[2011/01/17 20:44:20 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/01/17 20:44:20 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData
[2011/01/17 20:44:20 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Temp
[2011/01/17 20:44:20 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Microsoft
[2011/01/17 20:44:20 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Media Center Programs
[2011/01/17 20:44:20 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Acer GameZone Console
[2011/01/17 20:42:08 | 002,621,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2011/01/17 20:42:08 | 000,057,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2011/01/17 20:42:08 | 000,043,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2011/01/17 20:42:03 | 000,700,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2011/01/17 20:42:03 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2011/01/17 20:42:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2011/01/17 20:42:03 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2011/01/17 20:42:03 | 000,038,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2011/01/17 20:42:03 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2011/01/17 20:41:57 | 000,185,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2011/01/17 20:41:57 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2011/01/17 20:41:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2011/01/17 20:41:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2009/03/13 20:28:09 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/02/08 22:48:36 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2011/02/08 22:48:11 | 000,000,828 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2011/02/08 22:44:43 | 000,262,294 | ---- | M] () -- C:\Users\Home\.recently-used.xbel
[2011/02/08 22:37:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/08 22:37:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/08 10:42:54 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/08 10:42:54 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/08 10:42:54 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/08 10:39:07 | 000,055,637 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/02/08 10:39:06 | 000,055,637 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/02/08 10:38:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2011/02/08 10:38:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/04 21:37:16 | 000,288,107 | ---- | M] () -- C:\Users\Home\Desktop\gmer.zip
[2011/02/04 21:36:36 | 000,002,226 | ---- | M] () -- C:\Users\Home\Desktop\Attach.zip
[2011/02/04 21:33:21 | 000,624,128 | ---- | M] () -- C:\Users\Home\Desktop\dds.scr
[2011/02/04 21:32:06 | 000,000,000 | ---- | M] () -- C:\Users\Home\defogger_reenable
[2011/02/04 21:31:36 | 000,050,477 | ---- | M] () -- C:\Users\Home\Desktop\Defogger.exe
[2011/02/01 22:23:05 | 000,001,782 | ---- | M] () -- C:\Users\Home\Desktop\IMVU.lnk
[2011/02/01 19:10:28 | 000,000,632 | RHS- | M] () -- C:\Users\Home\ntuser.pol
[2011/01/30 17:42:55 | 000,305,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/01/30 14:36:41 | 000,000,526 | ---- | M] () -- C:\Users\Home\Desktop\ark - Shortcut.lnk
[2011/01/30 13:58:08 | 000,296,448 | ---- | M] () -- C:\Users\Home\Desktop\l3mufml8.exe
[2011/01/30 13:24:28 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Home\Desktop\HijackThis.exe
[2011/01/29 23:41:34 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/01/29 23:41:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/01/29 23:41:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/01/29 23:41:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/01/28 23:08:03 | 000,018,469 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2011/01/28 22:49:48 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/01/28 22:48:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/01/26 21:03:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/01/21 01:36:43 | 000,000,120 | ---- | M] () -- C:\Users\Home\AppData\Local\Odege.dat
[2011/01/21 01:36:43 | 000,000,000 | ---- | M] () -- C:\Users\Home\AppData\Local\Ksameso.bin
[2011/01/21 01:36:41 | 000,000,124 | ---- | M] () -- C:\Windows\wininit.ini
[2011/01/21 01:28:26 | 000,001,000 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/01/21 01:28:26 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/01/20 14:08:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/01/19 20:14:25 | 000,000,320 | ---- | M] () -- C:\Users\Home\AppData\Roaming\wklnhst.dat
[2011/01/19 16:24:37 | 000,000,970 | ---- | M] () -- C:\Users\Home\Desktop\Microsoft Works.LNK
[2011/01/19 13:35:16 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011/01/18 14:29:32 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/01/18 14:29:15 | 000,001,806 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/18 14:29:15 | 000,001,782 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/17 23:39:46 | 000,047,092 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/01/17 23:35:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/01/17 22:36:16 | 000,000,977 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/17 20:45:46 | 000,000,594 | ---- | M] () -- C:\Users\Public\Desktop\Acer Store.lnk
[2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/01/13 03:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/01/13 03:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/01/13 03:42:32 | 000,125,520 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011/01/13 03:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/01/13 03:41:42 | 000,490,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/01/13 03:41:10 | 000,250,448 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011/01/13 03:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/01/13 03:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/01/13 03:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/01/13 03:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/01/13 03:21:54 | 000,012,368 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys

========== Files Created - No Company Name ==========

[2011/02/08 22:44:43 | 000,262,294 | ---- | C] () -- C:\Users\Home\.recently-used.xbel
[2011/02/04 21:37:15 | 000,288,107 | ---- | C] () -- C:\Users\Home\Desktop\gmer.zip
[2011/02/04 21:36:35 | 000,002,226 | ---- | C] () -- C:\Users\Home\Desktop\Attach.zip
[2011/02/04 21:32:06 | 000,000,000 | ---- | C] () -- C:\Users\Home\defogger_reenable
[2011/02/04 21:31:35 | 000,050,477 | ---- | C] () -- C:\Users\Home\Desktop\Defogger.exe
[2011/02/01 19:08:01 | 000,000,632 | RHS- | C] () -- C:\Users\Home\ntuser.pol
[2011/01/30 17:15:04 | 000,001,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/01/30 17:12:12 | 000,001,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/01/30 17:07:43 | 000,001,095 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/01/30 17:04:36 | 000,002,083 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/01/30 14:36:41 | 000,000,526 | ---- | C] () -- C:\Users\Home\Desktop\ark - Shortcut.lnk
[2011/01/30 13:58:06 | 000,296,448 | ---- | C] () -- C:\Users\Home\Desktop\l3mufml8.exe
[2011/01/30 13:24:08 | 000,624,128 | ---- | C] () -- C:\Users\Home\Desktop\dds.scr
[2011/01/28 22:49:48 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/01/28 22:48:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/01/28 22:47:20 | 000,438,682 | ---- | C] () -- C:\Users\Home\AppData\Local\dd_vcredistMSI335D.txt
[2011/01/28 22:47:20 | 000,016,730 | ---- | C] () -- C:\Users\Home\AppData\Local\dd_vcredistUI335D.txt
[2011/01/26 21:03:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/01/21 01:36:41 | 000,000,124 | ---- | C] () -- C:\Windows\wininit.ini
[2011/01/21 01:28:26 | 000,001,000 | ---- | C] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/01/21 01:28:26 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/01/20 14:08:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/01/19 16:24:37 | 000,000,970 | ---- | C] () -- C:\Users\Home\Desktop\Microsoft Works.LNK
[2011/01/19 16:24:24 | 000,000,320 | ---- | C] () -- C:\Users\Home\AppData\Roaming\wklnhst.dat
[2011/01/19 13:35:16 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011/01/19 13:25:20 | 000,000,120 | ---- | C] () -- C:\Users\Home\AppData\Local\Odege.dat
[2011/01/19 13:25:20 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\Ksameso.bin
[2011/01/18 17:01:22 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2011/01/18 17:01:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011/01/18 17:01:08 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011/01/18 17:00:45 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2011/01/18 17:00:43 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2011/01/18 17:00:40 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011/01/18 17:00:40 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2011/01/18 17:00:36 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2011/01/18 16:59:55 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2011/01/18 16:59:50 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2011/01/18 16:59:50 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2011/01/18 16:59:45 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011/01/18 16:58:55 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2011/01/18 16:58:54 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2011/01/18 16:57:54 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2011/01/18 16:57:54 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2011/01/18 16:04:39 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/01/18 16:04:38 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/01/18 15:31:40 | 000,002,014 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk
[2011/01/18 14:29:32 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/18 14:29:15 | 000,001,806 | ---- | C] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/18 14:29:15 | 000,001,782 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/18 13:34:28 | 000,000,828 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2011/01/18 13:32:08 | 000,001,782 | ---- | C] () -- C:\Users\Home\Desktop\IMVU.lnk
[2011/01/18 13:18:50 | 000,055,637 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/01/18 13:18:44 | 000,055,637 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/01/18 13:03:29 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2011/01/18 13:03:29 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2011/01/18 13:03:29 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2011/01/18 13:03:29 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2011/01/18 13:03:29 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2011/01/18 13:03:29 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2011/01/18 02:31:18 | 000,036,235 | ---- | C] () -- C:\Windows\SysNative\nvwsapps.xml
[2011/01/18 02:31:16 | 000,009,085 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu
[2011/01/18 02:31:14 | 000,201,157 | ---- | C] () -- C:\Windows\SysWow64\nvapps.xml
[2011/01/18 02:31:14 | 000,201,157 | ---- | C] () -- C:\Windows\SysNative\nvapps.xml
[2011/01/17 23:35:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/01/17 21:29:21 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2011/01/17 20:59:19 | 000,187,392 | ---- | C] () -- C:\Windows\Acer(Normal).scr
[2011/01/17 20:59:19 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2011/01/17 20:59:19 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2011/01/17 20:53:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2011/01/17 20:46:35 | 000,000,953 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/01/17 20:46:18 | 000,000,983 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/01/17 20:46:15 | 000,000,978 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/01/17 20:46:05 | 000,000,919 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/01/17 20:45:49 | 000,001,673 | ---- | C] () -- C:\Users\Public\Desktop\Getting Started.lnk
[2011/01/17 20:45:46 | 000,000,594 | ---- | C] () -- C:\Users\Public\Desktop\Acer Store.lnk
[2011/01/17 20:45:40 | 000,000,977 | ---- | C] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/17 20:45:31 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Assist.lnk
[2011/01/17 20:45:25 | 000,001,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Registration.lnk
[2011/01/17 20:44:20 | 000,000,258 | ---- | C] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/01/17 20:44:20 | 000,000,240 | ---- | C] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/03/13 21:05:40 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2009/03/13 21:05:40 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2001/12/26 18:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001/09/04 01:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001/07/30 18:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011/02/01 17:55:08 | 000,000,000 | -HSD | M] -- C:\Users\Home\AppData\Roaming\.#
[2011/01/17 20:46:47 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Acer
[2009/03/13 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Acer GameZone Console
[2011/02/08 22:44:43 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\gtk-2.0
[2011/02/08 22:41:53 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\IMVU
[2011/02/01 22:19:16 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\IMVUClient
[2011/01/17 20:46:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Leadertech
[2011/01/22 21:59:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2011/01/19 16:24:27 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2011/01/18 20:42:39 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Vivox
[2011/02/08 00:46:02 | 000,024,998 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:2B99FE60

< End of report >

OTL Extras logfile created on: 2/8/2011 10:49:45 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Home\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.54 Gb Total Space | 214.57 Gb Free Space | 74.88% Space Free | Partition Type: NTFS
Drive D: | 289.63 Gb Total Space | 286.16 Gb Free Space | 98.80% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 3.48 Gb Free Space | 93.35% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = C8 DB 2B FE CF B8 CB 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2428C892-6C95-44C7-B1FE-EEE3FABC857C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CC627EDA-FAD7-4C91-BC47-8EAFEE2CE2CC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10DC23D8-85F3-481C-946F-5732277BF138}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{1668E2CF-BBE3-4A2A-922B-9268236D8434}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe |
"{1DA4DF50-7A05-409D-BA6B-03E28E26184D}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{2FDC4712-0070-4C45-B27B-7328262E6169}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{4BCB7D0A-7442-46DA-B5FD-D341C18AF638}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{5A516DC0-C83C-4F92-91EF-4A21F674CACD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{60A5F4A5-5D3F-44FB-B485-541C3A893C51}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{6F93D881-A228-41E8-A4C9-E02B1D27B86C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6FADE3B4-DBF8-4F3D-91DD-F7A32A087BA6}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe |
"{743D8FE1-0953-4A9A-BF80-26A5E88361EA}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{7643B6C0-1B9E-482D-93BE-F0547AC92F6A}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{8CB91948-6C3F-40BA-8BC6-A3DAAA3394F1}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{94B00D51-AAFF-484A-A6EA-AC69F9376F8B}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{951E6639-C9F5-4DCC-AF59-7FB313285A95}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{A3EE557F-F25E-48D4-816F-DCC98A31A546}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{AB77AFF3-2463-4364-B83B-FC34CC1F67C8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ADB4489C-DCFF-47CE-9F39-90954D6A188D}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D4288692-7C3D-4D23-BBF5-39FD6A28DE8E}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{D7C296E4-FE19-4994-84AC-351151F64A31}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EAE9D013-EC6C-4D68-A944-321CEE09B288}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{F042D123-C7C6-4813-9034-DBCA5F2EA3EB}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe |
"{FF0305FB-72AA-4769-99ED-CDEE033A9457}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{B902875C-1B7C-4B72-91F8-56997B2177A1}C:\users\home\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\home\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{DFB3823D-C670-49B5-AEB7-01B2BC88D768}C:\users\home\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\home\appdata\roaming\imvuclient\1vivoxvoice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D8B2C435-8737-431E-8784-24CD13B0B821}" = PE585QAEncoder-64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Agere Systems Soft Modem" = Agere Systems PCI-SV92EX Soft Modem
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 23
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Acer Registration" = Acer Registration
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast5" = avast! Internet Security
"Cisco Connect" = Cisco Connect
"FBLayouts" = FB Layouts & Extras
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/30/2011 5:51:25 PM | Computer Name = Home-PC | Source = System Restore | ID = 8193
Description =

Error - 1/30/2011 5:51:44 PM | Computer Name = Home-PC | Source = System Restore | ID = 8193
Description =

Error - 1/30/2011 5:53:46 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:53:48 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:54:28 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:54:57 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:55:21 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:55:25 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:55:30 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 1/30/2011 5:56:14 PM | Computer Name = Home-PC | Source = MsiInstaller | ID = 1002
Description =

[ System Events ]
Error - 1/17/2011 11:34:45 PM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =

Error - 1/17/2011 11:38:31 PM | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =

Error - 1/17/2011 11:47:35 PM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =

Error - 1/18/2011 4:15:40 AM | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =

Error - 1/18/2011 4:18:29 AM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =

Error - 1/18/2011 2:18:25 PM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =

Error - 1/18/2011 2:24:48 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/18/2011 2:50:07 PM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2011 9:30:36 AM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =

Error - 1/20/2011 12:44:57 PM | Computer Name = Home-PC | Source = HTTP | ID = 15016
Description =


< End of report >

#6 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 02:25 PM

New issue:

Now whenever I go into my computer via start menu or try to access my external thumb drives MY COMPUTER FREEZES! Or, my computer will freeze then the whole thing goes as well.

I do notice, however, that if I don't try to use my computer at all to access anything and just go online and things I'm fine. But, I'm a web developer and need my files to work!
PLPLPLSSSS HELP!

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:31 AM

Posted 09 February 2011 - 04:55 PM

I'm working on it for you.

Open OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:2B99FE60
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"


Then click the Run Fix button at the top

Let the program run unhindered.

When done it will say "Fix Complete press ok to open the log"
Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Now we remove the malware files

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista/Windows 7).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Posted Image
m0le is a proud member of UNITE

#8 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 05:26 PM

I'm running the scan now... I had to manually shut my comp down when it started back up I got a black screen that said "interactive logon process initialization has failed. Please consult the event log for more details." Is that a warning from my Avast?

#9 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 05:34 PM

========== OTL ==========
ADS C:\ProgramData\TEMP:4CF61E54 deleted successfully.
ADS C:\ProgramData\TEMP:793F316E deleted successfully.
ADS C:\ProgramData\TEMP:8AB6C1D7 deleted successfully.
ADS C:\ProgramData\TEMP:E36F5B57 deleted successfully.
ADS C:\ProgramData\TEMP:4F636E25 deleted successfully.
ADS C:\ProgramData\TEMP:2B99FE60 deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

OTL by OldTimer - Version 3.2.20.6 log created on 02092011_173400

#10 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 05:39 PM

GooredFix by jpshortstuff (03.07.10.1)
Log created at 17:38 on 09/02/2011 (Home)
Firefox version 3.6.13 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [19:29 18/01/2011]
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [04:42 30/01/2011]

C:\Users\Home\Application Data\Mozilla\Firefox\Profiles\soo2oqwo.default\extensions\
fblayouts@hotlayouts2u.com [23:21 18/01/2011]
{20a82645-c095-46ed-80e3-08825760534b} [04:16 20/01/2011]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [06:28 21/01/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [07:14 18/01/2011]
"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [22:44 30/01/2011]

-=E.O.F=-

#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:31 AM

Posted 09 February 2011 - 05:39 PM

Please run Combofix next

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image
m0le is a proud member of UNITE

#12 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 06:20 PM

ComboFix 11-02-09.02 - Home 02/09/2011 18:00:42.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.2542 [GMT -5:00]
Running from: c:\users\Home\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: avast! Internet Security *Disabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}
SP: avast! Internet Security *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}
c:\users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}\chrome.manifest
c:\users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}\chrome\content\_cfg.js
c:\users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}\chrome\content\overlay.xul
c:\users\Home\AppData\Local\{D4E45244-9E79-409D-AC11-1BE2A9F75792}\install.rdf
c:\users\Home\AppData\Roaming\.#
c:\users\lyssa\AppData\Roaming\.#
c:\users\lyssa\AppData\Roaming\.#\MBX@FD4@2B2990.###
c:\users\lyssa\AppData\Roaming\.#\MBX@FD4@2B29C0.###
c:\users\lyssa\AppData\Roaming\.#\MBX@FD4@2B29F0.###

.
((((((((((((((((((((((((( Files Created from 2011-01-09 to 2011-02-09 )))))))))))))))))))))))))))))))
.

2011-02-09 22:34 . 2011-02-09 22:34 -------- d-----w- C:\_OTL
2011-02-09 15:10 . 2010-10-15 14:02 4699024 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 15:10 . 2010-10-15 13:43 1168512 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-02-09 15:10 . 2010-10-15 13:43 1585168 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 15:10 . 2011-01-08 06:45 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 15:10 . 2011-01-08 06:28 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-09 15:10 . 2011-01-08 09:03 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-02-09 15:10 . 2011-01-08 08:47 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-08 15:43 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52BE0729-6782-4E8F-A17D-4EF35BF88CA6}\mpengine.dll
2011-02-02 00:34 . 2011-02-02 00:34 -------- d-----w- c:\programdata\Arcade Lab
2011-02-02 00:12 . 2011-02-02 00:12 -------- d-----w- c:\users\lyssa
2011-02-01 22:48 . 2011-02-01 22:48 -------- d-----w- c:\programdata\Sandlot Games
2011-01-30 22:45 . 2011-01-30 22:45 -------- d-----w- c:\program files (x86)\Common Files\McAfee
2011-01-30 22:44 . 2011-02-09 18:55 -------- d-----w- c:\program files (x86)\McAfee
2011-01-30 22:22 . 2011-01-30 22:22 -------- d-----w- c:\windows\en
2011-01-30 22:10 . 2011-01-30 22:10 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-01-30 21:57 . 2011-01-30 21:57 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-30 21:57 . 2010-09-23 05:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-01-30 21:57 . 2011-01-30 22:23 -------- d-----w- c:\program files (x86)\Windows Live
2011-01-30 21:54 . 2011-01-30 21:57 -------- d-----w- c:\program files\Windows Live
2011-01-30 21:53 . 2011-01-31 04:42 -------- d-----w- c:\program files (x86)\Microsoft
2011-01-30 21:51 . 2009-09-04 22:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-01-30 21:51 . 2009-09-04 22:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-01-30 21:51 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-01-30 21:51 . 2009-09-04 22:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-01-30 21:51 . 2006-11-29 18:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-01-30 21:51 . 2006-11-29 18:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-01-30 21:48 . 2011-01-30 21:48 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-01-30 21:48 . 2009-08-04 08:12 1103872 ----a-w- c:\windows\system32\webservices.dll
2011-01-30 21:48 . 2009-08-04 08:02 754688 ----a-w- c:\windows\SysWow64\webservices.dll
2011-01-30 21:46 . 2011-02-01 22:13 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-01-30 20:06 . 2011-01-30 20:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-01-30 18:50 . 2011-01-30 18:50 -------- d-----w- C:\EGIS_Drive
2011-01-30 04:42 . 2011-01-30 04:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-01-30 04:41 . 2011-01-30 04:41 -------- d-----w- c:\program files (x86)\Java
2011-01-29 03:49 . 2011-01-13 08:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-29 03:49 . 2011-01-13 08:42 125520 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-01-29 03:49 . 2011-01-13 08:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-29 03:49 . 2011-01-13 08:41 490064 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-01-29 03:48 . 2011-01-13 08:41 250448 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-01-29 03:48 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-29 03:48 . 2011-01-13 08:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-29 03:48 . 2011-01-13 08:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-29 03:47 . 2011-01-13 08:47 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-29 03:47 . 2011-01-13 08:21 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-01-29 03:47 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-01-29 03:47 . 2011-01-13 08:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-01-29 03:47 . 2011-01-29 03:47 -------- d-----w- c:\programdata\Alwil Software
2011-01-29 03:47 . 2011-01-29 03:47 -------- d-----w- c:\program files\Alwil Software
2011-01-24 23:23 . 2011-01-24 23:23 -------- d-----w- c:\programdata\Credant
2011-01-23 02:59 . 2011-01-23 02:59 -------- d-----w- c:\programdata\PlayFirst
2011-01-23 02:58 . 2011-01-23 02:58 -------- d-----w- c:\programdata\Oberon Games
2011-01-23 02:12 . 2011-01-23 02:12 -------- d-----w- c:\programdata\SpinTop Games
2011-01-21 06:28 . 2011-01-21 06:28 -------- d-----w- c:\programdata\Yahoo!
2011-01-21 06:24 . 2011-01-30 17:04 -------- d-----w- c:\program files (x86)\Yahoo!
2011-01-20 19:10 . 2011-01-20 19:10 -------- d-----w- c:\windows\SysWow64\spool
2011-01-20 19:10 . 2011-01-20 19:10 -------- d-----w- c:\program files (x86)\Windows Portable Devices
2011-01-20 19:10 . 2011-01-20 19:10 -------- d-----w- c:\program files\Windows Portable Devices
2011-01-20 19:04 . 2009-10-01 00:52 34816 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2011-01-20 19:01 . 2009-10-08 21:07 4096 ----a-w- c:\windows\SysWow64\oleaccrc.dll
2011-01-20 19:01 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-01-20 19:01 . 2009-10-08 21:08 736256 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-01-20 19:01 . 2009-10-08 21:08 555520 ----a-w- c:\windows\SysWow64\UIAutomationCore.dll
2011-01-20 19:01 . 2009-10-08 21:08 234496 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-01-20 19:01 . 2009-10-08 21:07 315904 ----a-w- c:\windows\system32\oleacc.dll
2011-01-20 18:49 . 2009-09-10 02:05 103424 ----a-w- c:\windows\system32\UIAnimation.dll
2011-01-20 18:49 . 2009-09-10 02:00 92672 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2011-01-20 18:49 . 2009-09-10 02:07 3815424 ----a-w- c:\windows\system32\UIRibbon.dll
2011-01-20 18:49 . 2009-09-10 02:06 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-01-20 18:49 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-01-20 18:49 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-01-20 18:46 . 2010-05-04 19:40 316928 ----a-w- c:\windows\system32\msshsq.dll
2011-01-20 18:46 . 2010-05-04 19:13 231424 ----a-w- c:\windows\SysWow64\msshsq.dll
2011-01-20 18:21 . 2011-01-20 18:23 -------- d-----w- c:\windows\SysWow64\ca-ES
2011-01-20 18:21 . 2011-01-20 18:22 -------- d-----w- c:\windows\SysWow64\eu-ES
2011-01-20 18:21 . 2011-01-20 18:22 -------- d-----w- c:\windows\SysWow64\vi-VN
2011-01-20 18:21 . 2011-01-20 18:22 -------- d-----w- c:\windows\system32\ca-ES
2011-01-20 18:21 . 2011-01-20 18:22 -------- d-----w- c:\windows\system32\eu-ES
2011-01-20 18:21 . 2011-01-20 18:22 -------- d-----w- c:\windows\system32\vi-VN
2011-01-20 17:35 . 2011-01-20 17:35 -------- d-----w- c:\windows\system32\EventProviders
2011-01-19 18:34 . 2011-01-19 18:34 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-01-19 18:23 . 2011-01-19 18:23 -------- d-----w- c:\windows\Sun
2011-01-18 23:21 . 2011-01-18 23:21 -------- d-----w- c:\program files (x86)\FBLayouts
2011-01-18 22:00 . 2009-04-11 07:11 2484224 ----a-w- c:\windows\system32\dbgeng.dll
2011-01-18 21:59 . 2009-04-11 07:11 198144 ----a-w- c:\windows\system32\iasrad.dll
2011-01-18 21:58 . 2009-04-11 07:11 186880 ----a-w- c:\windows\system32\wbem\WMIADAP.exe
2011-01-18 21:57 . 2009-04-11 07:11 60416 ----a-w- c:\windows\system32\vss_ps.dll
2011-01-18 21:56 . 2009-04-11 06:28 218624 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-01-18 21:05 . 2009-08-24 11:47 442368 ----a-w- c:\windows\system32\winhttp.dll
2011-01-18 21:05 . 2009-08-24 11:36 377344 ----a-w- c:\windows\SysWow64\winhttp.dll
2011-01-18 21:05 . 2010-03-05 14:32 612864 ----a-w- c:\windows\system32\vbscript.dll
2011-01-18 21:05 . 2010-03-05 14:01 420352 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-01-18 21:05 . 2009-11-03 22:07 28160 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui
2011-01-18 21:04 . 2010-10-19 04:56 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-01-18 21:04 . 2010-10-19 04:27 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-01-18 21:00 . 2010-09-06 18:28 179712 ----a-w- c:\windows\system32\srvsvc.dll
2011-01-18 21:00 . 2010-09-06 15:34 451584 ----a-w- c:\windows\system32\drivers\srv.sys
2011-01-18 21:00 . 2010-09-06 15:33 145920 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-01-18 21:00 . 2010-09-06 15:33 175104 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-01-18 21:00 . 2010-09-06 18:28 12288 ----a-w- c:\windows\system32\sscore.dll
2011-01-18 21:00 . 2010-09-06 16:20 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2011-01-18 21:00 . 2010-09-06 18:27 17920 ----a-w- c:\windows\system32\netevent.dll
2011-01-18 21:00 . 2010-09-06 16:19 17920 ----a-w- c:\windows\SysWow64\netevent.dll
2011-01-18 21:00 . 2010-05-27 20:32 975360 ----a-w- c:\windows\system32\inetcomm.dll
2011-01-18 21:00 . 2010-05-27 20:08 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-01-18 20:58 . 2010-10-19 15:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-18 20:31 . 2011-01-18 20:41 -------- d-----w- c:\program files (x86)\Cisco Systems
2011-01-18 20:31 . 2011-01-18 20:31 -------- d-----w- c:\programdata\Cisco Systems
2011-01-18 18:48 . 2011-01-30 04:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-01-18 18:41 . 2011-01-18 18:42 -------- d-----w- c:\windows\SysWow64\Adobe
2011-01-18 18:08 . 2011-01-18 18:08 -------- d-----w- c:\program files\LSI SoftModem
2011-01-18 18:06 . 2011-01-18 18:06 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-01-18 18:06 . 2011-01-18 18:07 -------- d-----w- c:\program files\NVIDIA Corporation
2011-01-18 18:04 . 2009-10-09 21:56 2048 ----a-w- c:\windows\SysWow64\winrsmgr.dll
2011-01-18 18:04 . 2009-10-09 21:35 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-01-18 18:04 . 2009-10-09 21:35 13312 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-01-18 18:04 . 2009-10-09 21:34 13312 ----a-w- c:\windows\system32\winrssrv.dll
2011-01-18 07:31 . 2010-07-10 10:38 660072 ----a-w- c:\windows\system32\nvudisp.exe
2011-01-18 07:20 . 2011-01-18 07:20 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-01-18 07:02 . 2010-02-20 23:15 32768 ----a-w- c:\windows\system32\nshhttp.dll
2011-01-18 07:02 . 2010-02-20 23:06 24064 ----a-w- c:\windows\SysWow64\nshhttp.dll
2011-01-18 07:02 . 2010-02-20 21:30 620032 ----a-w- c:\windows\system32\drivers\http.sys
2011-01-18 07:02 . 2010-02-20 23:14 33792 ----a-w- c:\windows\system32\httpapi.dll
2011-01-18 07:02 . 2010-02-20 23:05 30720 ----a-w- c:\windows\SysWow64\httpapi.dll
2011-01-18 03:39 . 2009-11-08 15:55 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-30 00:52 121392 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SiteAdvisor"="c:\program files (x86)\SiteAdvisor\6172\SiteAdv.exe" [2007-08-24 36640]
"PCMMediaSharing"="c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-05-21 204908]
"BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-26 28672]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"Acer Product Registration"="c:\program files (x86)\Acer\Acer Registration\ACE1.exe" [2007-11-26 3387392]
"Acer Assist Launcher"="c:\program files (x86)\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IMVU.lnk - c:\users\Home\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe [2011-1-31 21760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2008-08-05 56352]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-01-13 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-21 269448]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2011-01-13 119200]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2009-12-08 110312]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-26 45056]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-26 131072]
S3 GKUPRO2D;GKUPRO2D;c:\windows\system32\Drivers\GKUPRO2D.sys [2005-02-18 120704]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-01-13 08:47 132584 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-30 00:53 50736 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"RtHDVCpl"="RAVCpl64.exe" [2008-08-19 6456352]
"Skytel"="Skytel.exe" [2008-08-19 1833504]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-08-19 319488]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-08-19 323584]
"eDataSecurity Loader"="c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe" [2008-07-30 561200]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 182784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.startskins.com/startpage/5664213484/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vp64&d=0111&m=aspire_x1700
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\soo2oqwo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.imvu.com/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - Ext: FB Layouts &amp; Extras: fblayouts@hotlayouts2u.com - %profile%\extensions\fblayouts@hotlayouts2u.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -

Wow6432Node-HKLM-Run-eRecoveryService - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\SiteAdvisor\6172\SAService.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
c:\program files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2011-02-09 18:19:25 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-09 23:19

Pre-Run: 265,948,418,048 bytes free
Post-Run: 266,409,963,520 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 45579EB114837E9BBE1F11B23B728ABD

#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:31 AM

Posted 09 February 2011 - 06:23 PM

Please now run MBAM

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
Posted Image
m0le is a proud member of UNITE

#14 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 07:59 PM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5725

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

2/9/2011 7:39:38 PM
mbam-log-2011-02-09 (19-39-38).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Objects scanned: 312828
Time elapsed: 27 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#15 compblank

compblank
  • Topic Starter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 09 February 2011 - 08:00 PM

I use malwarebytes all the time. It never seens to pick up on the malicious parts of my computer. What should I do next?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users